Chris Laycock · Secure cloud & agentic AI

Service details Console

Service endpoint

me@chrislaycock.dev

LinkedIn ARN

arn:linkedin:iam::christopher-laycock

Region us-south-1 (Tennessee)

Service status ● Operational

Tags

domaincloud-security domaininfrastructure stackterraform stackgovcloud focusagentic-ai

Capabilities Expertise

Professional capabilities and focus
Area	Details	Focus
Agentic AI	AWS-oriented agentic systems: tool use, orchestration, secure runtime boundaries, and human-in-the-loop controls for production paths.	Primary
Infrastructure automation	Terraform, Terragrunt, CloudFormation, and AWS CDK: modular stacks, state discipline, CI/CD, and large-fleet migration from manual provisioning to repeatable pipelines.	Primary
Compliance platforms	FedRAMP-aligned programs and boundary-protected regions in GovCloud and commercial partitions, including service catalog growth and faster enablement paths.	Primary
Landing zones & governance	Multi-account landing zones, Organizations, SCPs, least-privilege IAM, and repeatable account patterns; includes AWS, Azure, and OCI landing-zone delivery where needed.	Core
Networking & private access	VPC design and segmentation, private endpoints and PrivateLink, hub-and-spoke with Transit Gateway.	Core
Architecture review	Engineering review boards: technical and risk assessment of design changes before production rollout.	Practice

Role history Timeline

Role history and status
Window	Role / scope	Status
Jan 2026 – Present	Principal Cloud Engineer leading AWS platform strategy and building agentic AI systems with tool orchestration, secure runtime boundaries, and production guardrails.	● Active
Mar 2024 – Dec 2025	Senior Cloud Engineer: FedRAMP boundary platforms, private sandbox environments, and secure AWS service enablement.	✓ Complete
Mar 2022 – Mar 2024	Software Engineer: landing zones, boundary-protected accounts, and Terraform-based delivery across AWS, Azure, and OCI.	✓ Complete
Jun 2021 – Mar 2022	Software Engineer Associate focused on infrastructure automation, system hardening, and internal application development.	✓ Complete

Projects Portfolio

Project list
Project	Summary	Status
CloudTracker	AWS does not provide a changelog for compliance program coverage, making it difficult to see when services are added, updated, or removed. CloudTracker provides that history in one place so regulated teams can evaluate new services, update documentation, and show when changes occurred.	● Active