🎯 Systems Engineer — Microsoft 365, Active Directory, networking, cybersecurity, systems integrations, automation, and AI tooling.
📍 San Antonio, TX
📧 me@markandrewmarquez.com
🌐 Website | 💼 LinkedIn | 🐙 GitHub
Systems Engineer who works cross-functionally to find the real problem, then builds the systems integrations, automations, and data dashboards that boost team productivity — increasingly AI-enabled. Years in the weeds across Microsoft, networking, cloud, and security, with measurable hour-reductions on real workflows and the documentation discipline that makes the fix stick the second time.
Troubleshooting, Diagnostics & Documentation · Data Engineering & Data Dashboards · Systems Integrations & Automation · Infrastructure, Virtualization & Cloud · Networking & Cybersecurity · AI Agents & Workflows
Full breakdown on my website.
Troubleshooting & Diagnostics:
Programming & Scripting:
Microsoft Ecosystem:
Networking & Infrastructure:
Automation & Virtualization:
Cloud Platforms & Tools:
Data Stack:
Cybersecurity:
AI & Agents:
- windows-ad-ansible-kvm — Production-quality, two-site MSP-style Active Directory forest on KVM/libvirt, fully automated with Ansible (23 idempotent roles). Bare ISOs → live multi-site forest in ~60–75 min: an HQ Server 2025 DC (AD DS, DNS, DHCP, AD CS, NTP, WSUS) plus a replica DC/GC at an isolated branch over a VyOS-routed ~40 ms WAN — with cross-site replication, hot-standby DHCP failover, and option-121 routing — plus rehearsed DR drills (live failover + isolated FSMO-seize).
- m365-guardian — Diagnoses and remediates common M365 admin issues (password resets, MFA enforcement, license drift, dormant accounts) via Microsoft Graph. Includes a weekly automated security health report with 10 checks.
- cyber-threat-pipeline — Modern-data-stack threat-intelligence platform. AlienVault OTX → Neon Postgres → dbt → two live public surfaces (Evidence.dev for analysis, Grafana Cloud for observability), with an LLM analyst brief on top. Rebuilt weekly by a single GitHub Actions cron. Full Terraform + OIDC; no static AWS keys.
- cloudwatch-monitor — Multi-endpoint AWS synthetic monitoring with per-endpoint alarms, SNS alerts, and a public status page. Fully managed via Terraform.
- salesforce-langgraph-ai-lead-bot — End-to-end AI lead qualification system. A LangGraph stateful agent (TARS) runs multi-turn conversations over SSE, scores prospects deterministically, and writes enriched Leads to Salesforce — where an Agentforce agent drafts follow-up tasks, emails, and opportunities. Powers the chat assistant on my portfolio.
- intake-form-ai-pipeline — Self-improving intake-form extraction pipeline with a three-tier model cascade, BAA-aware routing for PHI handling, and an eval harness that demonstrates F1 improvement over time.
- aerial-fleet-monitor — Real-time aviation fleet operations console. Ingests public US flight telemetry, detects anomalies as Salesforce Cases, triages them with Agentforce, and surfaces operations through a Foundry-hosted dashboard.
- api-medic — An HTTP API troubleshooting tool. Takes a URL, HAR file, or
curlcommand and runs network, TLS, auth, and protocol checks, producing a structured report with plain-language findings and suggested fixes. Live as a web app, a Chrome extension, and a CLI.
📂 Full project list: Repositories · 🌐 Case studies & writeups: markandrewmarquez.com/#portfolio
Happy to talk systems integration, automation, data dashboards, Microsoft 365 and Active Directory, or putting AI to work where it earns its place in the workflow.
📧 Email: me@markandrewmarquez.com
💼 LinkedIn: linkedin.com/in/markandrewmarquez
🌐 Website: markandrewmarquez.com
🚀 "Find the real problem. Build the AI-enabled solution."