Infrastructure · SRE · Platform Engineering

Arturo Unguez

15+ years building and running high-availability Kubernetes platforms, multi-cloud infrastructure as code, and enterprise observability — from bare metal to the edge.

KubernetesDockerTerraform ArgoCDHelmAnsible GrafanaCloudflareAWS GCPPythonWazuh

About

I'm a strategic infrastructure leader based in Torrance, California, currently serving as Supervisor of Systems Administration at Hypermedia Systems. I specialize in modernizing legacy environments into cloud-native, containerized infrastructure that scales.

My work spans the full infrastructure stack — from bare-metal Proxmox clusters and VMware virtualization to multi-cloud Terraform deployments, end-to-end observability with the LGTM stack, and zero-trust network security with Palo Alto and Cloudflare WAF.

I also build and ship my own products — most recently SafeScribe, a privacy-first report drafting app that runs LLM inference entirely in the browser — and I integrate generative AI tooling (Claude Code, MCP servers) into SRE workflows to accelerate root-cause analysis and automation.

15+ Years in Linux & Infrastructure
190+ DNS Records Managed via Cloudflare
~200 VMware VMs Managed
8 yrs Leading SRE Teams

Skills

Cloud & IaC

  • Terraform
  • Ansible / Semaphore
  • AWS (VPC, EC2, IAM)
  • GCP
  • n8n workflow automation
  • Cloudflare Workers / Wrangler

Containers & Orchestration

  • Docker / Docker Compose / Swarm
  • Kubernetes (k3s / Rancher)
  • Container image builds & registries
  • Proxmox + Ceph
  • VMware / vSphere (~200 VMs)
  • OpenVZ / LXC

CI/CD & GitOps

  • GitHub Actions
  • ArgoCD / GitOps
  • Helm charts
  • HashiCorp Vault
  • cert-manager
  • Multi-arch image builds / GHCR

Observability

  • Grafana / Loki / Tempo / Mimir
  • Prometheus / OpenTelemetry
  • Self-hosted Dynatrace
  • Wazuh SIEM
  • Nagios / ElasticSearch

Security & Networking

  • Citrix ADC load balancers
  • Cloudflare WAF / CDN / DNS
  • Palo Alto Firewalls
  • PKI (StepCA / cfssl)
  • Infoblox DNS / IPAM
  • Certbot / Let's Encrypt

Streaming & Services

  • WebRTC / Wowza Streaming Engine
  • NGINX / Apache
  • Node.js / PM2
  • MySQL / NetApp ONTAP
  • Redis / GitLab (self-hosted)

Leadership & AI

  • SRE team supervision
  • Sprint planning & mentorship
  • Claude Code / Claude API
  • Gemini API / MCP servers
  • GenAI workflow integration

Projects

Local-first, privacy-focused report drafting tool for school psychologists, medical, and legal professionals. Client records live in an in-browser PostgreSQL database and AI drafting runs entirely on-device via WebGPU — sensitive data never touches a server.

ReactPGliteWebLLM / WebGPUAES-GCM encryption

Kubernetes GitOps Platform

Self-managed k3s platform running ArgoCD, HashiCorp Vault, cert-manager, and Cloudflare Tunnel — all deployed and reconciled from Git. GitHub Actions pipelines build multi-arch container images to GHCR; ArgoCD promotes them through staging → production environments via GitOps.

k3sArgoCDHelmVaultGitHub Actions

rchurro.com

www.rchurro.com ↗

This site — hand-built with zero frameworks and served from Cloudflare Workers through a staging → production branch pipeline. Hardened with strict Content Security Policy headers, with DNS, TLS, and Zero Trust access all managed in Cloudflare.

Cloudflare WorkersCSP hardeningBranch pipelineZero Trust

Experience

Hypermedia Systems June 2018 – Present

Supervisor of Systems Administration

  • Leading migration of production services from Docker Swarm to HA Kubernetes (k3s/Rancher) with Ceph distributed storage
  • Architected multi-cloud (AWS/GCP) environments with Terraform, managing VPC peering, subnets, and security groups
  • Coordinating multi-cluster Citrix ADC load balancer migrations (cadc100/130/200/230) with zero-downtime content switching
  • Deployed full LGTM stack (Loki, Grafana, Tempo, Mimir) as centralized observability platform; authored custom dashboards for golden signals and web logs
  • Built internal PKI with StepCA, automating SSL/TLS renewals via Certbot, Kubernetes cronjobs, and Terraform across Citrix ADC clusters
  • Managed 190+ Cloudflare DNS records, WAF rules, and managed rulesets across multiple brand zones
  • Automated whitelabel site provisioning (DNS, Cloudflare zones, content switching) via Terraform
  • Deployed Wazuh SIEM and managed Palo Alto Firewalls; patched production CVEs across app server fleet
  • Managed hybrid virtualization: VMware/vSphere (~200 VMs) and Proxmox cluster with Ceph
  • Integrated Claude Code, Claude API, and MCP servers into SRE workflows for root-cause analysis and automation
  • Modernized production streaming from legacy Flash to WebRTC using Wowza Streaming Engine
Fonality Jan 2012 – June 2018 · 6 yrs 6 mos

Manager of System Administration → Senior SysAdmin → Support Engineer

  • Managed global Proxmox virtualization clusters with NetApp SAN, Ceph storage, and OpenVZ/LXC
  • Directed production release cycles with twice-weekly deployments across multi-tenant VoIP/SaaS environments
  • Engineered HA storage with dual-controller NetApp SAN shelves
  • Administered Asterisk configurations, SIP proxies, and VPN tunnels for multi-tenant VoIP infrastructure
6th Street Consulting July 2010 – Jan 2012

IT Consultant

  • Managed Microsoft server environments (AD, DNS, DHCP, Exchange, Forefront TMG) and SMB firewalls
  • Supported remote users and administered backup and endpoint protection solutions

Certifications

AI Generative AI Leader Certification
SF Trailblazer Technical Practitioner
A+ CompTIA A+ Certification
OB Observability Signals Foundations Navigator

Contact

Open to platform engineering, SRE, and infrastructure leadership opportunities.