Travis Marlette

Travis Marlette

AI Systems Architect

Twenty years architecting systems that hold up under hard constraints: scale, compliance, and trust. SIEM and distributed systems at federal and financial scale; now AI systems and the agents that build them.

View WorkGet in touch
01.Experience

Where I've shipped.

  1. 2024-Present

    AI Systems ArchitectIndependent

    Applying two decades of systems architecture to AI: designing and building full-stack AI software, agentic systems, and the tooling and infrastructure-automation platforms around them.

    • Architected a SaaS platform that deploys secure multi-swarm agent instances to build infrastructure across any major cloud, with built-in cost/time tracking and human-in-the-loop approval gates.
    • Build full-stack AI SaaS platforms end to end, from architecture through deployment.
    • Build AI infrastructure and tooling: MCP servers, custom plugins, and task-specific AI workspaces.
    • Develop agentic systems: an agentic OS for architecture and engineering work, specialized task agents, and AI voice agents that handle full reception duties.
    • Design RAG systems across scales, from focused micro-retrieval to large macro corpora.
    • Develop layered reasoning frameworks that sharpen how LLMs extract logic and strategy, and apply AI to automate engineering and operational workflows.
    • LLMs
    • RAG
    • MCP
    • AI Agents
    • Multi-Agent Systems
    • AWS
    • Azure
    • GCP
    • TypeScript
    • Python
  2. 2021-2024

    Chief Architect, CFPBKentro

    Chief architect for the CFPB SIEM, leading the on-prem-to-AWS migration, Zero-Trust design, SOAR/UBA rollout, and cost optimization.

    • Migrated on-prem Splunk to AWS multi-account using SmartStore.
    • Implemented SSO and Zero-Trust design across Splunk and its components.
    • Implemented Splunk SOAR and Splunk UBA.
    • Designed multicloud cloud-security monitoring feeding the SIEM.
    • Built a programmatic CMDB from existing datasets.
    • Implemented Cribl as a global ETL pipeline.
    • Automated Splunk configuration and daily operations via Ansible and GitHub.
    • Optimized the SIEM for cost and storage to align with OMB M-21-31.
    • Splunk
    • AWS
    • SmartStore
    • Cribl
    • Ansible
    • GitHub
    • CloudFormation
    • Azure
    • GCP
    • ServiceNow
  3. 2016-2021

    Principal Splunk Architect, CFPBHarmonics Consulting

    Principal architect re-platforming the agency's Splunk estate and standing it up as the cybersecurity SIEM.

    • Re-architected all Splunk deployments within the agency.
    • Implemented standardization and best practices.
    • Implemented Splunk as the agency's cybersecurity SIEM.
    • Implemented data-management and data-hygiene practices.
    • Splunk
    • AWS
    • Kubernetes
    • Active Directory
    • Tenable
    • Nessus
    • Cylance
    • SolarWinds
    • ServiceNow
  4. 2015-2016

    Splunk Architect / Data ScientistAmerican Express

    Splunk architecture and data science across 2,000+ devices: operational-intelligence dashboards and self-healing automation.

    • Architected, deployed, and maintained Splunk across 2,000+ devices.
    • Built consolidated executive and operational dashboards.
    • Developed self-healing triggers correlating system events to anomalous behavior.
    • Raised operational awareness ~80% and cut alerting 100%+ while consolidating tooling for cost savings.
    • Splunk
    • Hadoop
    • Pig
    • Hive
    • SAS
    • Tableau
    • Teradata
    • DB2
    • VMware
  5. 2013-2015

    Solution Architect & Data ScientistEZE Software

    Solution architecture across the system lifecycle: a big-data Splunk platform plus MPLS WAN and Juniper QFabric LAN design.

    • Designed, deployed, and maintained systems across the full lifecycle.
    • Designed MPLS (WAN) and Juniper QFabric (LAN) network architecture.
    • Ingested all enterprise systems into a big-data utility; built data models for analytical pivoting and operational correlation.
    • Splunk
    • Juniper
    • Cisco
    • Riverbed
    • Endace
    • Gigamon
    • FIX Protocol
    • VMware
    • OpenNMS
  6. 2004-2013

    Earlier: Market-Data & Network EngineeringBNY Mellon · Barclays · Lehman Brothers

    A decade in financial-services infrastructure: MPLS market-data delivery, FIX monitoring, NOC engineering, and data-center administration, culminating in telco architecture across six continents.

    • BNY Mellon: MPLS architecture for market-data delivery and FIX connection monitoring across six continents.
    • Barclays International: NOC engineering, market-data network monitoring, and feed-handler troubleshooting.
    • Lehman Brothers Bank: technical-support lead and manager.
    • Juniper
    • Cisco
    • OpenNMS
    • FIX Protocol
    • MPLS
View Full CV (Markdown)
02.About

The work, briefly.

Systems architect with 20+ years under one consistent discipline: designing systems that hold up under hard constraints (scale, compliance, and trust). The domain has changed over the years; the architecture practice has not.

Today that means AI systems: full-stack AI software, agentic platforms that operate infrastructure under human-in-the-loop control, and the developer tooling and agents that build other systems. The throughline of the current work is leverage, building the systems that build systems.

The foundation is two decades of SIEM and distributed-systems architecture at federal and financial-sector scale, from Splunk SIEM platforms to multi-cloud and GovCloud infrastructure to market-data networks, plus two books on Splunk published by Packt.

Splunk Architect II, AWS Solutions Architect Associate, CCNP, JNCP. Public Trust clearance. Based in Phoenix, AZ.

Reachable at hello@itrav.ai.

03.Selected Work

What I've built.

Agentic AI

20 specialist agent domainsDeployed

AI Infrastructure Platform

A multi-cloud platform where a team of 20 specialist agents plans and executes infrastructure and application changes. Every plan is gated on human approval, and agents cannot override the security guardrails; violations fail and escalate.

  • Anthropic API
  • Temporal
  • Terraform
  • FastAPI
  • React
  • AWS
  • Azure
  • GCP
Cost and time governedBuilt

Multi-Swarm Deployment Platform

A SaaS platform that spins up secure multi-swarm agent instances to build infrastructure across any major cloud, with built-in cost and time tracking and human-in-the-loop approval gates at every stage.

  • Multi-Agent Systems
  • AWS
  • Azure
  • GCP
  • TypeScript

Federal infrastructure

1,000+ passing test assertionsShipping

Air-Gapped Software-Delivery Toolkit

Builds dependency bundles on connected hosts and ships them across air-gap boundaries to disconnected targets. 25 tools, multi-kind bundles (packages, container images, language trees, Windows installers), one dispatcher, a supply-chain blocklist.

  • Bash
  • Docker
  • Python
Commercial + GovCloud partitionsDeployed

Multi-Cloud, Multi-Partition IaC

Terraform infrastructure spanning AWS, Azure, and GCP across commercial and government partitions, with per-stack state isolation, SSO-issued temporary credentials, and policy-as-code enforced on every apply.

  • Terraform
  • OPA
  • AWS GovCloud
  • Azure
  • GCP

AI products

Multi-LLM RAG, liveLive in production

Production AI SaaS

An AI platform for real-estate investors that I built and operate end to end: multi-LLM retrieval-augmented chat, specialized AI advisors with their own knowledge bases, tiered access control, and full production observability.

  • Python
  • FastAPI
  • React
  • Qdrant
  • LangChain
  • PostgreSQL
Real-time voice, live escalationBuilt

24/7 AI Voice Agent

A real-time AI voice agent that greets inbound callers, classifies intent, answers from a live knowledge base, and escalates to humans by channel and urgency, with a per-call audit trail.

  • Node.js
  • OpenAI Realtime
  • Twilio
  • TypeScript

Also built

  • A multi-service personal-finance platform integrating five financial systems behind one interface.
  • An AI workspace operating a live luxury e-commerce storefront: catalog, SEO, and content.
  • A monorepo of static marketing sites deployed to edge infrastructure.
  • AI research workspaces that wire web search, source synthesis, and knowledge vaults into one flow.
  • Self-hosted AI-plugin marketplaces and offline installer systems for disconnected environments.
04.Open Source

Tools, in the open.

The Glitch Kingdom: an ecosystem of AI developer tooling, published to npm and a Claude Code plugin marketplace. Public, versioned, installable.

babel-fish

Auto-generates a living project map and human-to-code vocabulary for AI coding assistants.

hit-em-with-the-docs

A self-managing documentation system with hierarchical domains and health scoring.

semantic-memory

A unified multi-corpus memory layer for AI agents: semantic search plus a knowledge graph.

persistent-planning

Filesystem-as-memory planning for long-running, multi-step AI coding sessions.

gimme-the-lint

Progressive linting that baselines existing violations and blocks only new ones.

mind-glaive

An eight-layer memory architecture that fights context rot in AI sessions.

aeon-loop

Autonomous multi-iteration task execution and loop orchestration for AI coding agents.

the-joy-of-diagraming

Turns natural-language descriptions into publication-ready SVG diagrams.

semantic-pages

A local-embedding semantic-search and knowledge-graph server for markdown.

claude-plugin-runtime

The shared zero-dependency runtime beneath the whole plugin ecosystem.

05.Capabilities

What I work with.

AI Systems

  • LLM application architecture
  • Agentic and multi-agent systems
  • RAG (micro to macro corpora)
  • MCP servers and AI tooling
  • Human-in-the-loop control design
  • Layered reasoning frameworks

SIEM & Splunk

  • Splunk architecture (Power User to Architect II)
  • Splunk SOAR
  • Splunk UBA
  • SmartStore (indexer storage tiering)
  • CIM strategy for security datasets
  • Risk-Based Alerting (RBA)
  • Cribl (event ETL / pipeline)

Monitoring & Observability

  • Prometheus
  • Grafana
  • Splunk ITSI
  • Loki
  • Elastic

Cloud

  • AWS (multi-account, SmartStore, CloudFormation)
  • Azure
  • GCP
  • Multicloud security monitoring
  • Commercial and GovCloud partitions

Platforms & Infrastructure

  • Kubernetes
  • Docker
  • Serverless
  • Snowflake
  • Zscaler
  • ServiceNow
  • Salesforce
  • VMware
  • Active Directory

Automation & IaC

  • Terraform
  • Ansible
  • GitHub
  • CI/CD pipelines
  • Policy-as-code (OPA)

Security Tooling

  • Qualys
  • Tenable / Nessus
  • CrowdStrike
  • Cylance
  • Symantec
  • FireEye
  • Bluecoat

Networking

  • Cisco (CCNP)
  • Juniper (JNCP, QFabric)
  • MPLS / WAN architecture
  • F5
  • Riverbed
  • Gigamon
  • OpenNMS

Data & Big Data

  • Hadoop
  • Pig
  • Hive
  • SAS
  • Teradata
  • DB2
  • MS SQL
  • Postgres
  • Tableau

Languages & Methods

  • TypeScript
  • Python
  • Bash
  • PowerShell
  • Zero-Trust design
  • FIX Protocol / market data
06.Credentials

Certified, on paper.

  1. Splunk Architect II

    Splunk

  2. Splunk Architect

    Splunk

  3. Splunk Knowledge Manager

    Splunk

  4. Splunk Admin

    Splunk

  5. Splunk Power User

    Splunk

  6. AWS Solutions Architect Associate

    Amazon Web Services

  7. AWS Cloud Practitioner

    Amazon Web Services

  8. CCNP

    Cisco

  9. CCNA

    Cisco

  10. JNCP

    Juniper Networks

  11. JNCIA

    Juniper Networks

  12. Packet Engineering Associate

    Packet Engineering

Education
A.S., Full Sail University · 2001
Clearance
Public Trust
07.Publications

Books and writing.

Splunk Architect's Guide cover

Splunk Architect's Guide

Book, Packt, 2018

Master system and data administration to become a certified Splunk Architect. A practitioner guide to designing, scaling, and operating Splunk deployments.

Splunk Best Practices cover

Splunk Best Practices

Book, Packt, 2016

Designing, implementing, and operating production Splunk: architecture, data hygiene, and dashboarding practices drawn from enterprise deployments.

Design papers

  1. A FedRAMP Security Data-Lake Architecture

    Design paper

    A reference design for a 100 TB/day security data lake on open standards: Cribl, Kafka, Flink, and an Iceberg lake on government-cloud storage, with detection and response built in.

  2. Decoupling SIEM Storage from Compute

    Design paper

    A reference design that extracts SIEM index and journal data into open-format columnar files, catalogued for query by any engine, ending the storage-compute coupling that limits SIEM scaling.