MK

Work

Case studies with context, constraints, and outcomes.

Most projects below were delivered while employed at Trivir (consulting). Client names shown where permitted.

LAUSD Snowflake Identity Migration (Ping AIC)

Software Engineer, Trivir — Client: LAUSD — IC owner of connector patch + bi-directional live-sync rollout

250K+ identities
Bi-directional live sync (Snowflake ↔ Ping AIC)
Write-backs to Snowflake
  • Migration unblocked
  • Near-zero sync failures
  • Manual reconciliation eliminated

Impact

  • Enabled bi-directional live sync between Snowflake and Ping Advanced Identity Cloud for 250,000+ student and staff identities.
  • Replaced legacy IAM, unlocking LAUSD’s migration to modern cloud identity at district scale.
  • Improved reliability and reduced operational overhead from nightly manual reconciliations.

Problem

Snowflake write operations were failing during identity syncs because the ForgeRock Database Table Connector incorrectly attempted `RETURN_GENERATED_KEYS` on non-INSERT operations. Since Snowflake views are immutable, deletes/updates failed, blocking the migration and stalling LAUSD’s IAM modernization.

Approach

  1. Diagnosed connector’s JDBC misuse (`RETURN_GENERATED_KEYS` on DELETE/PATCH).
  2. Patched ForgeRock Database Table Connector to skip unsupported calls.
  3. Designed and deployed live sync so that identity changes in Snowflake automatically propagated to Ping AIC—and vice versa.
  4. Validated integration with test cohorts; rolled out incrementally to 250K users.
  5. Implemented monitoring and alerting for sync reliability.
Ping AIC (RCS)
Snowflake
Java/Kotlin
JDBC
Docker
OAuth2/OIDC

Results

  • Migration unblocked; Snowflake ↔ Ping AIC synchronization stable in production.
  • LAUSD successfully cut over from legacy IAM, covering quarter-million identities.
  • Reduced sync failures to near-zero; eliminated manual reconciliation overhead.

Georgia Courts — Docket Notices

Software Engineer, Trivir — Client: Georgia Court of Appeals & Supreme Court — led Java→Kotlin rewrite and deterministic PDF pipeline

Java → Kotlin rewrite
Deterministic PDFs
Versioned REST APIs
  • Template errors eliminated
  • Predictable rendering

Impact

  • Modernized docket notice pipeline to Kotlin with stricter contracts and versioned REST.
  • Produced deterministic PDF notices via Freemarker + FlyingSaucer replacement, improving reliability and debuggability.

Problem

Legacy Java utilities and Velocity templates caused brittle formatting and null-handling issues in docket data.

Approach

  1. Ported Java to Kotlin with data classes; enforced enums and date formatting in DocketNoticeData.
  2. Replaced Velocity with Freemarker; added safe URL escaping via String?.escapeUrlString().
  3. Fixed ResultSet mapping, null safety, and associated-case queries.
  4. Added tests around getAssociateCaseView; stabilized template rendering.
Kotlin
Freemarker
FlyingSaucer
JDBC
PDFs
REST

Results

  • Eliminated classes of null and formatting errors; predictable PDFs and simpler diffs.
  • Clearer API boundaries and easier future changes.

eDirectory CI Rig for IdMUnit

Software Engineer, Trivir — Internal CI/IdMUnit — built containerized eDirectory test rig + Jenkins pipeline

Containerized eDirectory 9.2.7
TLS-ready startup
Automated IdMUnit tests
AD↔eDir network checks
  • Fewer flaky builds
  • Predictable readiness gates

Impact

  • Created a Docker Compose test rig for eDirectory with init imports and cert generation, enabling consistent IdMUnit runs in CI.
  • Reduced flaky start and wait issues with a dynamic readiness gate instead of hardcoded sleeps.

Problem

Manual setup of directory state and TLS blocked reliable automated tests and slowed builds.

Approach

  1. Four-service Compose: cert-generator, eDir, eDir-init, test-runner.
  2. Dynamic wait for TLS port and health checks before tests.
  3. Jenkins pipeline with stages for container startup, AD↔eDir network verification, and Ant build.
  4. Host-network config for Maven stages; artifact gating for snapshot and release.
Docker and Compose
Jenkins
Ant and Java 1.8
IdMUnit
TLS
Bash

Results

  • Reproducible local and CI environment; fewer flakes and faster feedback loops.
  • Clear runbook and predictable test outcomes.

Microsoft — Azure HPC Telemetry and Access-Review Automation

Software Engineer Intern — data pipelines and compliance automation.

Azure HPC pipelines
NVIDIA H100 telemetry
Access-review automation
50K+ records processed
  • Telemetry centralized
  • Faster tuning feedback

Impact

  • Built Python pipelines on Azure HPC clusters to analyze GPU thermal and telemetry data used for model training and tuning cycles.
  • Automated access-review compliance workflows, processing 50K+ records and surfacing insights via dashboards.

Problem

Telemetry was scattered and manual compliance processing slowed operations.

Approach

  1. Orchestrated Python jobs on Azure and stored and queried data in Azure Data Explorer.
  2. Automated access-review workflows with Logic Apps and standardized the data shape.
  3. Published interactive dashboards for stakeholders.
Python
Azure HPC
Azure Data Explorer
Logic Apps
Power BI

Results

  • Faster tuning feedback for HPC users and reduced manual compliance effort.
  • Centralized data with repeatable workflows.

Golden 1 — Verafin Log ETL

Software Engineer, Trivir — Client: Golden 1 Credit Union — Ping AIC → Verafin pipeline with Fluentd + Ruby

Fluentd pipeline
Verafin schema mapping
Ruby filters and transforms
  • Auditable transforms
  • Single normalized record shape

Impact

  • Designed the pipeline to transform Ping Advanced Identity Cloud authentication logs into Verafin-compatible records for fraud and AML workflows.

Problem

Raw Ping logs did not match Verafin’s required schema.

Approach

  1. Defined record mapping rules and field normalization in Fluentd using Ruby filters.
  2. Built dev and test topology and sample validations against the Verafin specification.
  3. Documented deployment and runbook for operations.
Fluentd
Ruby
JSON
Ping AIC logs
CI

Results

  • Clear path to compliant ingestion with auditable transforms.
  • Reduced manual reconciliation by enforcing a single normalized record shape.
Contact