Ricardo Saad — Cloud Engineer · Platform Engineer · DevOps Engineer · AWS Infrastructure

Cloud Engineer — Digico Solutions, AWS Partner (2026–Present, Beirut, Lebanon)

Sole platform engineer at an AWS partner. VPC architecture, Terraform IaC, CI/CD pipelines, agentic workflows. Deploy lead time under 8 minutes.

• Brought production back from a full outage solo — navigated 8 cascading failures across the AWS stack overnight, patched each root cause as it surfaced, and handed off with a written incident report before morning.
• Built a self-service portal that replaced a manual, ticket-based process for client network access — cutting provisioning from a multi-step back-and-forth to a flow users could complete themselves.
• Automated the full client document cycle — from scoping to signed contract — cutting turnaround from 3 days to under 2 hours; milestone completion now triggers a pipeline that summarizes work, generates the document, routes it for signature, and notifies the team for approval, with no manual handling in between.
• Took on sole lead of a client engagement with minimal documentation — mapped their entire multi-account cloud footprint from scratch through their own responses, brought it under Terraform, and produced a written infrastructure baseline, reducing time to contain future incidents.

Stack: AWS, Terraform, Docker, GitHub Actions, Traefik, Claude, Bedrock, VPC, IAM, S3, Lambda, DynamoDB, CloudFront, WAF, CloudWatch

Metrics: Dev/staging/prod environments owned. Deploy lead time under 8 minutes. Deliverables: Serverless CMS Platform, ET-77 Client VPN portal, ET-200 cost optimization.

Applied Research Engineer — Aqsacom (2023–2024, Dallas TX, Remote)

Wireless sensing and indoor positioning research. Engineered real-time positioning engine achieving sub-meter accuracy using BLE and WiFi RSSI-CSI sensor fusion benchmarked against UWB hardware baseline. PyTorch signal processing pipelines. AoA/AoD direction-finding on BLE hardware.

• Engineered real-time indoor positioning engine achieving sub-meter accuracy using BLE/WiFi RSSI-CSI sensor fusion — benchmarked against UWB hardware baseline in parallel research track.
• Implemented AoA/AoD direction-finding on BLE hardware for spatial signal inference; published findings as internal technical documentation.
• Developed PyTorch signal processing pipelines for CSI feature extraction, model training, and real-time inference — end-to-end from raw hardware capture to position estimate.
• Benchmarked NFC and UWB chipsets for proximity detection latency and accuracy under production-representative RF conditions.

Stack: Python, PyTorch, NumPy, BLE, WiFi CSI, UWB, NFC

Software Engineer — Aqsacom (2021–2022, Dallas TX, Remote)

Enterprise PHP applications on Zend Framework and MySQL. NGINX fronting Apache reverse-proxy architecture. Ubuntu server operations. Sole remote engineer on the team with full ownership of delivery and ops.

• Developed enterprise applications using Zend Framework (PHP) and MySQL.
• Operated NGINX fronting Apache for application delivery.
• Managed Ubuntu servers: virtual hosts, SSL, routing, service reliability.
• Sole remote engineer on the team — full ownership of delivery and ops without on-site support.

Stack: PHP, Zend, MySQL, NGINX, Apache, Ubuntu

Serverless CMS Platform (2026)

Hard constraint: operate under $15/month without sacrificing a real CMS, responsive storefront, or production auth. Architecture follows from the constraint — static Next.js export on S3 + CloudFront for the public frontend; Vite SPA for the admin panel; seven Lambda functions behind API Gateway; DynamoDB single-table design; SES + SSM for magic-link auth. 61 automated test files.

Stack: Next.js, Lambda, API Gateway, DynamoDB, SES, SSM, CloudFront, Terraform, GitHub Actions, OIDC, WAF

Time Series Transformer MLOps Pipeline (2026)

End-to-end automated retraining and inference pipeline for multivariate time series. Model: PatchTST — channel-independent Transformer with patch-based tokenisation, 8 independent prediction heads, ~500k parameters. Pipeline: S3 PutObject triggers EventBridge → Step Functions orchestrates EC2 Spot (g4dn.xlarge) training → Lambda runs inference → CloudWatch captures structured metrics. All infrastructure in Terraform. Property-based tests with Hypothesis.

Stack: PatchTST, PyTorch Lightning, Step Functions, EC2 Spot, Lambda, EventBridge, Terraform, Hypothesis

EKS Platform — Karpenter and GPU Scheduling (2026, PoC / decommissioned)

Kubernetes platform on EKS built around Karpenter for node provisioning and GPU workload scheduling. Karpenter handles node lifecycle — provisioning GPU instances on demand, consolidating underutilised capacity, respecting topology constraints. Qdrant as vector store with hybrid dense and sparse retrieval. Built as a PoC to validate operational tradeoffs of self-managed Kubernetes ML workloads vs. managed alternatives.

Stack: EKS, Karpenter, GPU scheduling, Qdrant, Kubernetes, RAG, vector search

WiFi CSI Pose Estimation — Reproduction Study (2024)

Rebuilt the test environment from the CMU DensePose-from-WiFi paper to validate its claims independently. Reconstructed data collection, preprocessing, and model architecture from the paper's methodology. Results did not reproduce consistently — reported conditions appeared to reflect a narrow slice of the experimental space. Findings written up as internal technical documentation.

Stack: WiFi CSI, PyTorch, Research, Reproducibility

Self-Hosted Status Bot (n8n) (2024-ongoing)

Designed and self-hosted an automated notification bot on n8n using RSS feeds, Telegram APIs, and custom Python triggers to broadcast status updates on the Lebanon war. Managed reliability and network failovers under local infrastructure anomalies.

Stack: n8n, Telegram API, Self-Hosted, Automation, Home Lab

Resume Infrastructure (2026) — This Site

S3 plus CloudFront plus WAF static site with OIDC-based GitHub Actions deploy. Playwright generates A4 and Letter PDFs in CI. Shared Terraform module for prod and staging environments. Zero long-lived credentials. Custom-domain mail setup with Proton Mail aliases integrated via Route 53 (MX, SPF, DKIM, DMARC records).

Stack: S3, CloudFront, WAF, OAC, Terraform, Route 53, Proton Mail, GitHub Actions, OIDC, Playwright, Vite, React