🎯 Systems Engineer — Microsoft 365, Active Directory, networking, cybersecurity, systems integrations, automation, and AI tooling.
📍 San Antonio, TX
📧 me@markandrewmarquez.com

🌐 Website | 💼 LinkedIn | 🐙 GitHub

Systems Engineer who works cross-functionally to find the real problem, then builds the systems integrations, automations, and data dashboards that boost team productivity — increasingly AI-enabled. Years in the weeds across Microsoft, networking, cloud, and security, with measurable hour-reductions on real workflows and the documentation discipline that makes the fix stick the second time.

Troubleshooting, Diagnostics & Documentation · Data Engineering & Data Dashboards · Systems Integrations & Automation · Systems & Cloud · Networking & Cybersecurity · AI Agents & Workflows

Full breakdown on my website.

Troubleshooting & Diagnostics:

Programming & Scripting:

Microsoft Ecosystem:

Networking & Infrastructure:

Cloud Platforms & Tools:

Data Stack:

Cybersecurity:

AI & Agents:

• windows-ad-ansible-kvm — Production-quality MSP-style Active Directory lab on KVM/libvirt, fully automated with Ansible. From bare Ubuntu host to live forest in ~60 minutes: Server 2025 DC (AD DS, DNS, DHCP, AD CS, NTP, WSUS), Win 11 Enterprise clients, Ubuntu member server, slipstreamed install ISO, SCT GPO baselines, idempotent roles, nightly state backups.
• m365-guardian — Diagnoses and remediates common M365 admin issues (password resets, MFA enforcement, license drift, dormant accounts) via Microsoft Graph. Includes a weekly automated security health report with 10 checks.

• cyber-threat-pipeline — Modern-data-stack threat-intelligence platform. AlienVault OTX → Neon Postgres → dbt → two live public surfaces (Evidence.dev for analysis, Grafana Cloud for observability), with an LLM analyst brief on top. Rebuilt weekly by a single GitHub Actions cron. Full Terraform + OIDC; no static AWS keys.
• cloudwatch-monitor — Multi-endpoint AWS synthetic monitoring with per-endpoint alarms, SNS alerts, and a public status page. Fully managed via Terraform.

• salesforce-langgraph-ai-lead-bot — End-to-end AI lead qualification system. A LangGraph stateful agent (TARS) runs multi-turn conversations over SSE, scores prospects deterministically, and writes enriched Leads to Salesforce — where an Agentforce agent drafts follow-up tasks, emails, and opportunities. Powers the chat assistant on my portfolio.
• intake-form-ai-pipeline — Self-improving intake-form extraction pipeline with a three-tier model cascade, BAA-aware routing for PHI handling, and an eval harness that demonstrates F1 improvement over time.
• aerial-fleet-monitor — Real-time aviation fleet operations console. Ingests public US flight telemetry, detects anomalies as Salesforce Cases, triages them with Agentforce, and surfaces operations through a Foundry-hosted dashboard.

• api-medic — An HTTP API troubleshooting tool. Takes a URL, HAR file, or curl command and runs network, TLS, auth, and protocol checks, producing a structured report with plain-language findings and suggested fixes. Live as a web app, a Chrome extension, and a CLI.

📂 Full project list: Repositories · 🌐 Case studies & writeups: markandrewmarquez.com/#portfolio

Happy to talk systems integration, automation, data dashboards, Microsoft 365 and Active Directory, or putting AI to work where it earns its place in the workflow.

📧 Email: me@markandrewmarquez.com
💼 LinkedIn: linkedin.com/in/markandrewmarquez
🌐 Website: markandrewmarquez.com

🚀 "Find the real problem. Build the AI-enabled solution."