Home About Blog Now Uses
Alberto Rosas

// The Engineer

Alberto Rosas

AI & Agentic Systems Engineer · 12+ yrs software / 5+ yrs production AI · Mexico · EN/ES native

Security-First AI Engineering

Threat Modeling

STRIDE applied to agent design

Tool-calling, MCP servers, and multi-step delegation modeled in the design doc. Attack surface mapped before code, aligned to OWASP Agentic Top 10 2026 and NIST’s AI Agent Standards Initiative.

MCP Hardening

Protocol-level defense

Gateway auth (OAuth 2.1), bidirectional JSON-RPC inspection, signed-server allowlists, structured audit logs. Aligned to OWASP MCP Top 10.

RAG Data Governance

Vector stores are not a privacy boundary

Pre-embedding PII masking, document-level ACLs propagated into the index, lineage tracking for GDPR erasure. Embedding inversion (LLM08:2025) treated as a real attack.

Guardrails & Evals

Trust by measurement

Llama Guard 3 and NeMo Guardrails at runtime. Garak and PyRIT in CI for adversarial regression. Sandboxed execution (e2b, Modal) for any tool that touches code.

Compliance Readiness

EU AI Act · NIST AI RMF · ISO/IEC 42001

Conformity-ready logging, human-oversight hooks, automated evidence capture. EU AI Act obligations phasing in through 2026–2027; ISO/IEC 42001 increasingly required in enterprise AI procurement. SOAR-style automation applied to audit trails.

Key Projects

UCF AI Engine

Sole architect of the AI layer for a compliance SaaS

Hybrid retrieval (Qdrant + Neo4j) over 91K+ regulatory records, LangGraph agentic chat, CRAG hallucination verification. Docker/AWS.

SADIE

Production NL2SQL agentic platform

LangGraph + MCP tool-calling, MongoDB Atlas RAG pipeline, 93–97% query accuracy, Langfuse observability. FastAPI SSE.

TriageOps Framework

6-step AI adoption methodology

Discovery Sprints recovered 70+ hrs/month ($42K annually) for one operations team.

Technical Skills

LLMs & Models

GPT-4o, Claude, Gemini, Llama 3, Mistral, Qwen3, ModernBERT; fine-tuning (Unsloth, HuggingFace)

Agentic Systems

LangGraph, LangChain, MCP/tool-calling, multi-agent orchestration, multi-step reasoning, intent classification, memory systems

RAG & Retrieval

Qdrant, MongoDB Atlas, FAISS, Chroma, Neo4j, GraphRAG, hybrid retrieval (dense + sparse + graph), NL2SQL, context engineering

Evaluation & LLMOps

RAGAS, hallucination detection, latency benchmarking, Langfuse, Opik, Langsmith, MLflow, prompt versioning, CI/CD eval pipelines

Engineering

Python, TypeScript, PHP/Laravel, FastAPI, Docker, Kubernetes, AWS (Bedrock, SageMaker, EC2, S3, Lambda), CI/CD, Clean Architecture, microservices, event-driven systems

Experience

Unified Compliance

Senior AI & Agentic Systems Engineer / Architect (Contract)

2025 – 2026

via TriageOps

Sole architect of the entire AI Engine for UCF's ControlSight compliance platform — 91K+ regulatory records.

  • • Built EEL pipeline: PostgreSQL → dense (ModernBERT) + sparse (BM25) embeddings → dual-load into Qdrant and Neo4j
  • • Designed hybrid retrieval: Qdrant vector+BM25 with Neo4j graph traversal, plus CRAG grading
  • • Built LangGraph agentic chat with intent classification, multi-turn context, query rewriting
  • • Modeled 8 entity types and 10+ relationships in Neo4j with Cypher queries and cross-store validation
  • • Evaluated using RAGAS (context recall/precision, faithfulness, answer relevancy)
  • • Directed company AI strategy, aligning AI capabilities with product, GTM, and data privacy

Storage360

AI & Agentic Systems Engineer / Architect (Contract)

2024 – 2025

via TriageOps

Built SADIE — a production NL2SQL agentic platform for a property management SaaS.

  • • Built agentic workflow using LangGraph with MCP tool-calling and multi-step reasoning
  • • Implemented RAG pipeline with MongoDB Atlas vector search, Qwen3 embeddings
  • • Achieved 93–97% accuracy via RAGAS evaluation and CI/CD regression testing
  • • Built MCP server for secure read-only database access with schema caching
  • • Deployed via Docker Compose with Langfuse observability and FastAPI SSE streaming

IncFile (Bizee)

AI Systems Engineer / Software Engineer / Technical Project Lead

2022 – Present

Leading AI strategy and platform architecture at a business formation SaaS.

  • • Designed multi-agent system for document processing, handling 1,000+ daily requests
  • • Built RAG pipeline with vector search; experimented with GraphRAG/KAG
  • • Implemented multi-layer memory systems for cross-session context retention
  • • Reduced manual data entry by 65% through intelligent form processing
  • • Led platform migration from legacy monolith to service-oriented stack with CI/CD
  • • Mentored 8 engineers on AI/ML development practices

Global Cybersec

Engineering Manager

2017 – 2021

Led engineering for a cybersecurity firm building security automation and incident response.

  • • Event-driven architecture processing millions of daily security events
  • • Integrated SIEM, IDS/IPS, firewalls, and SOAR — 60% reduction in incident response time
  • • Built 4 microservice applications, managed team of 5 engineers

Multiple Companies

Software Engineer

2014 – 2017

Full-stack roles across logistics, healthcare, and proptech.

  • • Built logistics platform (GT Transport) handling AP/AR, routing, payroll, HR
  • • Healthcare and proptech platforms with API design, testing, security

Education & Certifications

Universidad Politécnica de Baja California

Information Technology Engineering (2014–2016)

LangChain & LLMs Guide Gen AI Foundational Models Business Process Modeling with AI

What I’m Available For

Senior Roles

AI & Agentic Systems Engineer · AI Systems Architect

Full-time remote, contractor or EOR-employed.

Consulting

AI adoption via TriageOps

Discovery Sprints, scoped pilots, eval-gated rollouts for mid-market teams.

Architecture Review

Second-opinion on production agents

Context engineering, evals, MCP attack surface, agent security audits.

Download Full Resume (PDF) Let’s talk