# Travis Marlette

**AI Systems Architect** | Phoenix, AZ

> Twenty years architecting systems that hold up under hard constraints: scale, compliance, and trust. SIEM and distributed systems at federal and financial scale; now AI systems and the agents that build them.

Systems architect with 20+ years under one consistent discipline: designing systems that hold up under hard constraints (scale, compliance, and trust). The domain has changed over the years; the architecture practice has not.

Today that means AI systems: full-stack AI software, agentic platforms that operate infrastructure under human-in-the-loop control, and the developer tooling and agents that build other systems. The throughline of the current work is leverage, building the systems that build systems.

The foundation is two decades of SIEM and distributed-systems architecture at federal and financial-sector scale, from Splunk SIEM platforms to multi-cloud and GovCloud infrastructure to market-data networks, plus two books on Splunk published by Packt.

Splunk Architect II, AWS Solutions Architect Associate, CCNP, JNCP. Public Trust clearance. Based in Phoenix, AZ.

## Experience

### AI Systems Architect | Independent | 2024-Present

Applying two decades of systems architecture to AI: designing and building full-stack AI software, agentic systems, and the tooling and infrastructure-automation platforms around them.

- Architected a SaaS platform that deploys secure multi-swarm agent instances to build infrastructure across any major cloud, with built-in cost/time tracking and human-in-the-loop approval gates.
- Build full-stack AI SaaS platforms end to end, from architecture through deployment.
- Build AI infrastructure and tooling: MCP servers, custom plugins, and task-specific AI workspaces.
- Develop agentic systems: an agentic OS for architecture and engineering work, specialized task agents, and AI voice agents that handle full reception duties.
- Design RAG systems across scales, from focused micro-retrieval to large macro corpora.
- Develop layered reasoning frameworks that sharpen how LLMs extract logic and strategy, and apply AI to automate engineering and operational workflows.

Tech: LLMs, RAG, MCP, AI Agents, Multi-Agent Systems, AWS, Azure, GCP, TypeScript, Python

### Chief Architect, CFPB | Kentro | 2021-2024

Chief architect for the CFPB SIEM, leading the on-prem-to-AWS migration, Zero-Trust design, SOAR/UBA rollout, and cost optimization.

- Migrated on-prem Splunk to AWS multi-account using SmartStore.
- Implemented SSO and Zero-Trust design across Splunk and its components.
- Implemented Splunk SOAR and Splunk UBA.
- Designed multicloud cloud-security monitoring feeding the SIEM.
- Built a programmatic CMDB from existing datasets.
- Implemented Cribl as a global ETL pipeline.
- Automated Splunk configuration and daily operations via Ansible and GitHub.
- Optimized the SIEM for cost and storage to align with OMB M-21-31.

Tech: Splunk, AWS, SmartStore, Cribl, Ansible, GitHub, CloudFormation, Azure, GCP, ServiceNow

### Principal Splunk Architect, CFPB | Harmonics Consulting | 2016-2021

Principal architect re-platforming the agency's Splunk estate and standing it up as the cybersecurity SIEM.

- Re-architected all Splunk deployments within the agency.
- Implemented standardization and best practices.
- Implemented Splunk as the agency's cybersecurity SIEM.
- Implemented data-management and data-hygiene practices.

Tech: Splunk, AWS, Kubernetes, Active Directory, Tenable, Nessus, Cylance, SolarWinds, ServiceNow

### Splunk Architect / Data Scientist | American Express | 2015-2016

Splunk architecture and data science across 2,000+ devices: operational-intelligence dashboards and self-healing automation.

- Architected, deployed, and maintained Splunk across 2,000+ devices.
- Built consolidated executive and operational dashboards.
- Developed self-healing triggers correlating system events to anomalous behavior.
- Raised operational awareness ~80% and cut alerting 100%+ while consolidating tooling for cost savings.

Tech: Splunk, Hadoop, Pig, Hive, SAS, Tableau, Teradata, DB2, VMware

### Solution Architect & Data Scientist | EZE Software | 2013-2015

Solution architecture across the system lifecycle: a big-data Splunk platform plus MPLS WAN and Juniper QFabric LAN design.

- Designed, deployed, and maintained systems across the full lifecycle.
- Designed MPLS (WAN) and Juniper QFabric (LAN) network architecture.
- Ingested all enterprise systems into a big-data utility; built data models for analytical pivoting and operational correlation.

Tech: Splunk, Juniper, Cisco, Riverbed, Endace, Gigamon, FIX Protocol, VMware, OpenNMS

### Earlier: Market-Data & Network Engineering | BNY Mellon · Barclays · Lehman Brothers | 2004-2013

A decade in financial-services infrastructure: MPLS market-data delivery, FIX monitoring, NOC engineering, and data-center administration, culminating in telco architecture across six continents.

- BNY Mellon: MPLS architecture for market-data delivery and FIX connection monitoring across six continents.
- Barclays International: NOC engineering, market-data network monitoring, and feed-handler troubleshooting.
- Lehman Brothers Bank: technical-support lead and manager.

Tech: Juniper, Cisco, OpenNMS, FIX Protocol, MPLS

## Selected Work

### AI Infrastructure Platform (Agentic AI, Deployed)

A multi-cloud platform where a team of 20 specialist agents plans and executes infrastructure and application changes. Every plan is gated on human approval, and agents cannot override the security guardrails; violations fail and escalate.

Tech: Anthropic API, Temporal, Terraform, FastAPI, React, AWS, Azure, GCP

### Multi-Swarm Deployment Platform (Agentic AI, Built)

A SaaS platform that spins up secure multi-swarm agent instances to build infrastructure across any major cloud, with built-in cost and time tracking and human-in-the-loop approval gates at every stage.

Tech: Multi-Agent Systems, AWS, Azure, GCP, TypeScript

### Air-Gapped Software-Delivery Toolkit (Federal infrastructure, Shipping)

Builds dependency bundles on connected hosts and ships them across air-gap boundaries to disconnected targets. 25 tools, multi-kind bundles (packages, container images, language trees, Windows installers), one dispatcher, a supply-chain blocklist.

Tech: Bash, Docker, Python

### Multi-Cloud, Multi-Partition IaC (Federal infrastructure, Deployed)

Terraform infrastructure spanning AWS, Azure, and GCP across commercial and government partitions, with per-stack state isolation, SSO-issued temporary credentials, and policy-as-code enforced on every apply.

Tech: Terraform, OPA, AWS GovCloud, Azure, GCP

### Production AI SaaS (AI products, Live in production)

An AI platform for real-estate investors that I built and operate end to end: multi-LLM retrieval-augmented chat, specialized AI advisors with their own knowledge bases, tiered access control, and full production observability.

Tech: Python, FastAPI, React, Qdrant, LangChain, PostgreSQL

### 24/7 AI Voice Agent (AI products, Built)

A real-time AI voice agent that greets inbound callers, classifies intent, answers from a live knowledge base, and escalates to humans by channel and urgency, with a per-call audit trail.

Tech: Node.js, OpenAI Realtime, Twilio, TypeScript

## Also Built

- A multi-service personal-finance platform integrating five financial systems behind one interface.
- An AI workspace operating a live luxury e-commerce storefront: catalog, SEO, and content.
- A monorepo of static marketing sites deployed to edge infrastructure.
- AI research workspaces that wire web search, source synthesis, and knowledge vaults into one flow.
- Self-hosted AI-plugin marketplaces and offline installer systems for disconnected environments.

## Open Source

The Glitch Kingdom developer-tooling ecosystem on npm:

- **babel-fish**: Auto-generates a living project map and human-to-code vocabulary for AI coding assistants.
- **hit-em-with-the-docs**: A self-managing documentation system with hierarchical domains and health scoring.
- **semantic-memory**: A unified multi-corpus memory layer for AI agents: semantic search plus a knowledge graph.
- **persistent-planning**: Filesystem-as-memory planning for long-running, multi-step AI coding sessions.
- **gimme-the-lint**: Progressive linting that baselines existing violations and blocks only new ones.
- **mind-glaive**: An eight-layer memory architecture that fights context rot in AI sessions.
- **aeon-loop**: Autonomous multi-iteration task execution and loop orchestration for AI coding agents.
- **the-joy-of-diagraming**: Turns natural-language descriptions into publication-ready SVG diagrams.
- **semantic-pages**: A local-embedding semantic-search and knowledge-graph server for markdown.
- **claude-plugin-runtime**: The shared zero-dependency runtime beneath the whole plugin ecosystem.

## Skills

- **AI Systems**: LLM application architecture, Agentic and multi-agent systems, RAG (micro to macro corpora), MCP servers and AI tooling, Human-in-the-loop control design, Layered reasoning frameworks
- **SIEM & Splunk**: Splunk architecture (Power User to Architect II), Splunk SOAR, Splunk UBA, SmartStore (indexer storage tiering), CIM strategy for security datasets, Risk-Based Alerting (RBA), Cribl (event ETL / pipeline)
- **Monitoring & Observability**: Prometheus, Grafana, Splunk ITSI, Loki, Elastic
- **Cloud**: AWS (multi-account, SmartStore, CloudFormation), Azure, GCP, Multicloud security monitoring, Commercial and GovCloud partitions
- **Platforms & Infrastructure**: Kubernetes, Docker, Serverless, Snowflake, Zscaler, ServiceNow, Salesforce, VMware, Active Directory
- **Automation & IaC**: Terraform, Ansible, GitHub, CI/CD pipelines, Policy-as-code (OPA)
- **Security Tooling**: Qualys, Tenable / Nessus, CrowdStrike, Cylance, Symantec, FireEye, Bluecoat
- **Networking**: Cisco (CCNP), Juniper (JNCP, QFabric), MPLS / WAN architecture, F5, Riverbed, Gigamon, OpenNMS
- **Data & Big Data**: Hadoop, Pig, Hive, SAS, Teradata, DB2, MS SQL, Postgres, Tableau
- **Languages & Methods**: TypeScript, Python, Bash, PowerShell, Zero-Trust design, FIX Protocol / market data

## Certifications

- Splunk Architect II, Splunk (2018)
- Splunk Architect, Splunk (2013)
- Splunk Knowledge Manager, Splunk (2013)
- Splunk Admin, Splunk (2013)
- Splunk Power User, Splunk (2012)
- AWS Solutions Architect Associate, Amazon Web Services (2024)
- AWS Cloud Practitioner, Amazon Web Services (2024)
- CCNP, Cisco (2014)
- CCNA, Cisco (2012)
- JNCP, Juniper Networks (2015)
- JNCIA, Juniper Networks (2014)
- Packet Engineering Associate, Packet Engineering (2015)

Education: A.S., Full Sail University (2001)

## Publications

- **Splunk Architect's Guide** (Book, Packt, 2018): Master system and data administration to become a certified Splunk Architect. A practitioner guide to designing, scaling, and operating Splunk deployments. https://www.amazon.com/Splunk-Architects-Guide-administration-certified/dp/1788836596
- **Splunk Best Practices** (Book, Packt, 2016): Designing, implementing, and operating production Splunk: architecture, data hygiene, and dashboarding practices drawn from enterprise deployments. https://www.amazon.com/Splunk-Best-Practices-Travis-Marlette/dp/1785281399
- **A FedRAMP Security Data-Lake Architecture** (Design paper): A reference design for a 100 TB/day security data lake on open standards: Cribl, Kafka, Flink, and an Iceberg lake on government-cloud storage, with detection and response built in.
- **Decoupling SIEM Storage from Compute** (Design paper): A reference design that extracts SIEM index and journal data into open-format columnar files, catalogued for query by any engine, ending the storage-compute coupling that limits SIEM scaling.

Contact: hello@itrav.ai