Bruce Davis · Charlotte, NC

Forward-Deployed
AI Engineer.

Fifteen years in enterprise IAM and payments infrastructure. Now identity and governance for production AI.

Resume
Agentic Workflows & Development

MCP servers, ReAct agent loops, multi-agent orchestration, RAG, human-in-the-loop gates. Fine-tuned transformers (Hugging Face, LoRA) where APIs don’t fit. Python and TypeScript. Eval harnesses on every project.

AI Security, Governance & IAM

AI agent identity & access. Non-Human Identity (NHI) governance, Entra ID, CyberArk, HIPAA, Zero Trust. PowerShell automation at scale. The identity work that makes an AI deployment safe in production.

AI Infrastructure & Systems

Production AI infra — FastAPI services, Docker stacks, eval harnesses, model gateways, audit trails. Shipped at Microsoft, Wells Fargo, Starbucks, Bank of America, Veradigm. PMP-certified.

Work · flip through with arrows or ← →

Selected work.

PROJ.01 / 10 Agentic AI · HITL Flagship

Autonomous Security Triage Agent

ReAct agent loop that reads logs, enriches threat intel, and proposes containment. Destructive actions pause for human approval. Autonomy dial controls how far it can go alone.

Flow Detect Reason HITL Act
ReActFunction CallingHITLPythonGemini 2.5
Open case study →
PROJ.02 / 10 NHI Governance · Multi-Agent

AI Agent Governance Console

Six AI agents as machine identities. Scoped credentials, intake-and-approval workflow, rotation and decommission in one trail. Generative UI on a posture event stream.

Fleet WatchtowerAnalystTriageRemediationAuditorProvisioner
NHILifecycleMulti-AgentOAuthReactPython
Open case study →
PROJ.03 / 10 Machine Learning · Fine-Tuning

NHI Credential Risk Classifier

Fine-tuned DistilBERT classifies machine identities by risk state. Synthetic dataset, real eval harness, Qwen 2.5 1.5B + LoRA comparison. Becomes the brain of the Governance Console’s Triage agent.

Benchmark 99.33% acc · 10.8ms /record · on CPU
Hugging FacePEFT / LoRAPyTorchscikit-learnFastAPIPython
Open case study →
PROJ.04 / 10 Strategy · Operating Model

AI Transformation Playbook

How I lead AI rollouts in regulated environments. Initiative rubric, vendor-evaluation matrix, AI-function maturity model, operational standards, four real case studies from Microsoft, Starbucks, Wells Fargo, Veradigm.

PMP-Certified15 yrs · RegulatedFrameworksVendor EvalMaturity Model
Open case study →
PROJ.05 / 10 PowerShell · Microsoft Graph

Entra ID NHI Audit

PowerShell module that audits an Entra ID tenant for non-human identity risk. Eight-factor scoring, HTML + JSON reports, works against a real tenant or a 28-NHI mock fixture. The working-code companion to the Governance Console.

PowerShell 7Microsoft GraphEntra IDActive DirectoryNHIIAM
Open case study →
PROJ.06 / 10 Regulated AI · HIPAA

Document Pipeline (HIPAA-grade)

MCP tool chain: extraction, PII masking, schema-validated JSON, HITL review, token-cost tracking. Model-agnostic — runs on Claude, GPT, Gemini.

MCPPII MaskingJSON SchemaPythonNode
Open case study →
PROJ.07 / 10 Google ADK · MCP · n8n

Workflow-Driven Triage Agent

n8n receives a support ticket → Google ADK agent on Gemini 2.5 Flash calls three MCP tools (intent, customer history, KB) → n8n routes by priority. Three protocols, each at the layer it’s best for. Docker-compose stack, no-n8n demo path.

Google ADKGemini 2.5MCPn8nFastAPIDocker
Open case study →
PROJ.08 / 10 MCP · Threat-Modeled

Linear MCP Server

Production MCP server, open source. Six tools, 30-case eval harness, documented threat model, per-tool cost. The harness and threat model are what make it enterprise-adoptable.

MCPTypeScriptAnthropic SDKEval HarnessThreat Model
Open case study →
PROJ.09 / 10 Custom MCP

Content & Research MCP

Custom MCP server with five Notion-backed tools — idea retrieval, tone analysis, page scaffolding, vault capture. In daily use.

MCPNotion APINodeZod
Open case study →
PROJ.10 / 10 Microsoft Copilot · Bot Framework · Graph

IT Support Copilot for Teams

A Teams-deployed copilot for internal IT — password resets, VPN, group access, laptop tickets. Azure OpenAI for reasoning, Microsoft Graph for identity, a deterministic policy engine for the access decision. Auto-fulfills self-service, escalates approvals, denies on rule violation.

Bot FrameworkMicrosoft GraphAzure OpenAIEntra IDBicepPython
Open case study →
01 / 10
Live · Sentinel Triage

Watch the loop ask permission.

A ReAct agent reads mock SIEM events, proposes containment, and pauses at a human-in-the-loop gate. Move the autonomy dial to change where it stops.

Event stream
    Agent · ReAct loop
    Waiting for next incident…
    Human-in-the-loop
    Awaiting proposal…
    Autonomy dial

    Recommend — agent proposes containment, gate requires your approval.

    1. No actions yet. Approve or deny to build the audit trail.
    Architecture
    SIEM · Logs events in Reason · LLM ReAct loop Tools enrich · lookup HITL Gate approve · deny Action isolate · rotate Audit signed log Memory vector DB observation feedback · learned patterns deny → audit only

    Every action is gated, logged, and learned from. The dial only changes where the gate sits — never whether it exists.

    Capabilities

    What I work on.

    Agentic Systems
    Multi-agent orchestration Human-in-the-loop workflows Retrieval & provenance pipelines Evaluation harnesses & confidence scoring
    Identity & Governance
    AI identity & access (NHI) governance Escalation & approval routing Audit trails & trust infrastructure Regulated-environment deployment
    Forward Deployed
    Embedded enterprise integration PowerShell / Python automation at scale Domain learning, runbook handoff Rollout leadership (PMP)
    Full stack & tooling Languages · AI frameworks · ML · models · cloud · web
    Languages
    Python TypeScript JavaScript Node.js PowerShell 7 Bash SQL JSON JSON Schema
    AI Frameworks & SDKs
    MCP FastMCP Google ADK LangChain LlamaIndex Anthropic SDK OpenAI SDK google-genai SDK Vercel AI SDK n8n Microsoft Bot Framework
    Machine Learning
    Hugging Face Transformers PyTorch scikit-learn PEFT / LoRA FastAPI Pydantic NumPy Pandas
    Models
    Claude GPT Gemini Llama Qwen 2.5 Mistral DistilBERT
    Cloud & Identity
    Microsoft Azure Azure OpenAI Microsoft Power Platform Microsoft Graph Entra ID CyberArk Google Cloud Vercel Docker Bicep
    Web & Tooling
    React Next.js Tailwind Streamlit REST OAuth Git CLI tooling pytest Vitest Zod
    Enterprise systems veteran, building agentic AI

    Microsoft — Cloud Solutions Architect, Python automation for Entra ID Governance and Non-Human Identity (before NHI was a named discipline).
    Starbucks — Senior Security Engineer, PowerShell automation across 60+ domains.
    Wells Fargo — Payment infrastructure for SWIFT, CHIPS, Fedwire.
    Veradigm — HIPAA-regulated IAM for 16,000+ users.
    Bank of America — IAM platform engineering.

    Most AI engineers are juniors learning the enterprise. This is the reverse: fifteen years of regulated infrastructure, now agentic systems on top of it. PMP-certified.

    Open to full-time, contract, and project work.

    iambrucedavis@gmail.com · LinkedIn · GitHub
    Bruce Davis · Charlotte, NC · 2026