Tanya Babitskaya

Cloud Engineer · Infrastructure Lead

AWS Subject Matter Expert · contributor to AWS certification development

8+ years building secure, observable, cost-efficient infrastructure on AWS. Infrastructure Lead at Flare Emergency Response, a mission-critical healthcare platform where reliability directly affects emergency response outcomes.

I believe in clean code, strong CI/CD, and calm clarity in infrastructure.

Stack & Roadmaps

Cloud Platform

AWS (SAP · DOP · SME)
Google Cloud
Multi-account · Organizations · Control Tower
Well-Architected

Compute

EC2
Lambda
Elastic Beanstalk
Compute Optimizer
ECS / ECR / Fargate
EKS
Docker
ARM (Graviton)
AMD (EPYC)

Security & Identity

IAM
IAM Identity Center
KMS
Secrets Manager
Certificate Manager
GuardDuty
WAF · Shield · Macie
Cognito
1Password
Zitadel
Zero Trust
SPIFFE/SPIRE

Networking & Delivery

VPC
CloudFront
Route 53
PrivateLink
ELB
VPN
Cloud Map
API Gateway

Compliance

HIPAA-adjacent
SCPs
CloudTrail
Config
Security Hub
GDPR

Analytics & Streaming

Kinesis
Athena
QuickSight
Glue
OpenSearch
DevOps Guru

Application Integration

SNS
SES
Pinpoint
Step Functions
EventBridge
SAM

Infrastructure as Code

CloudFormation
TypeScript CDK

OS & Environment

Ubuntu
Amazon Linux
MacOps

CI/CD & Hosting

CodeBuild
CodePipeline
GitHub Actions
Netlify
X-Ray
CodeConnections

Observability

CloudWatch
Systems Manager
DataDog
NewRelic
Grafana
OpenTelemetry
Sentry
Prometheus

FinOps

Cost Explorer
Savings Plans
Budgets
Cost and Usage Reports
Pricing Calculator

Data

Aurora PostgreSQL/MySQL
DynamoDB
ElastiCache (Redis, Memcached)
S3
EBS
EFS
Glacier
Backup
DMS
MongoDB

Languages

TypeScript
Node.js
JavaScript
Bash

Personal Projects & AI Tools

AI Agents & LLM

Claude Code
MCP Server
Claude API
TrOCR
LoRA fine-tuning
Ollama

Personal Infrastructure

Hono.js
React SPA
Astro.js
D3.js
osascript
iCloud sync

Knowledge & Workflow

Obsidian
PARA
GTD
Apple Reminders API
Apple Calendar API
Google Calendar API

Technologies and tools I work with

Languages & Scripting

JavaScript / Node.jsTypeScriptBash

OS & Environment

UbuntuAmazon LinuxMacOps

Networking

VPCDNS / Route 53HTTP / TLSPrivateLinkELBVPNFirewalls / WAF

Source Control

GitGitHub

CI/CD

GitHub ActionsCodeBuildCodePipelineNetlify

Containers

DockerECS / ECR / FargateEKSKubernetes

Infrastructure as Code

CloudFormationTypeScript CDKPulumi

Cloud Platforms

AWSGoogle Cloud

Observability

CloudWatchDataDogNewRelicGrafanaOpenTelemetrySentryPrometheus

Security & Identity

IAMIAM Identity CenterGuardDutyWAF · Shield · MacieKMSZero TrustSPIFFE/SPIREZitadelCognito

Secrets Management

Secrets ManagerKMS1Password

Compliance

HIPAA-adjacentGDPRCloudTrailConfigSecurity HubSCPs

FinOps

Cost ExplorerSavings PlansBudgetsCost and Usage Reports

Technologies and tools I work with

Compute

EC2LambdaECS / ECR / FargateEKSElastic BeanstalkCompute OptimizerARM (Graviton)AMD (EPYC)

Storage

S3EBSEFSGlacierBackup

Databases

Aurora PostgreSQL/MySQLDynamoDBElastiCache (Redis/Memcached)DMS

Networking

VPCCloudFrontRoute 53ELBPrivateLinkVPNCloud MapAPI Gateway

Security & Identity

IAMIAM Identity CenterKMSSecrets ManagerCertificate ManagerGuardDutyWAF · Shield · MacieCognitoSecurity HubInspector

Analytics & Streaming

KinesisAthenaQuickSightGlueOpenSearch

Application Integration

SNSSESPinpointStep FunctionsEventBridgeSQS

Developer Tools

CloudFormationTypeScript CDKCodeBuildCodePipelineSAMX-Ray

Management

CloudWatchCloudTrailConfigSystems ManagerOrganizationsControl TowerWell-Architected

FinOps

Cost ExplorerSavings PlansBudgetsCost and Usage ReportsPricing Calculator

Technologies and tools I work with

Languages

TypeScriptNode.jsJavaScriptBash

Frameworks

Hono.jsExpressAstro.js

APIs

RESTAPI GatewaySAMGraphQLgRPC

Databases

PostgreSQLMySQLDynamoDBMongoDBRedisElastiCache

Auth

IAMCognitoZitadelSPIFFE/SPIRE

Messaging

SNSEventBridgeStep FunctionsKinesisSQSKafkaRedpanda

Technologies and tools I work with

AI Agents & LLM

Claude APIClaude CodeMCP ServerAgentic workflowsTool useParallel subagentsOllama

Fine-tuning

LoRA / QLoRATrOCR

Claude Code Core

Claude Code CLICLAUDE.mdSession managementSlash commandsCLAUDE_CONFIG_DIR isolationsettings.json

MCP (Model Context Protocol)

MCP Serverstdio transportTool definitionsRead / Write toolsMulti-server setup

Integration Patterns

Obsidian vault agentApple Reminders via osascriptDashboard MCP layerAutomated weekly review

RAG & Knowledge

Structured markdown navigation

Experience

2025-now

Infrastructure Lead

Flare Emergency Response

Promoted from Cloud Engineer

54% reduction in cloud costs through strategic AWS optimization
99%+ uptime with sub-10-minute incident response
IaC, CI/CD and observability stack on a mission-critical healthcare-adjacent platform

2024-2025

Cloud Engineer

Flare Emergency Response

Promoted to Infrastructure Lead in 2025.

2018-2024

Cloud Engineer / DevOps Engineer / Cloud Architect

Ohmycloud OU

Tallinn, EE · part-time contractor · AWS Partner

Led 8 long-term AWS engagements. Scalable, secure, cost-optimized infrastructure across emergency response, retail SaaS, document SaaS, real-estate analytics and blockchain. Client names under NDA, sectors and regions disclosed below.

Emergency-response platform US healthcare-adjacent Node.js · IaC · Kinesis · ECS · Elastic Beanstalk

Retail SaaS / CRM Swedish company PHP · Apache · MySQL · NewRelic · GDPR · 35% cost reduction

Document / CV-builder SaaS Dutch company · 2023-2024 TypeScript · CloudFront · Cloudflare · Netlify · CDN logging

Real-estate analytics US company · 2024 AWS ECS Fargate · TypeScript CDK

6mo

Blockchain startup European startup AWS architecture from scratch

Long-running AWS support engagements multiple clients Cloud ops · deploys · server configuration

2015-2018

Project Manager

School of Robotics

Minsk + Moscow · team of 9

Distance-learning platform adopted by ~100 centers nationwide
Onboarding system, sprint-based delivery, country-specific teaching manuals
Established Moscow department from the ground up as CEO of regional team

Writing

Personal OSRAGOCR 2026-05

Iva and Me: Building a Personal Operating System with Obsidian, RAG, OCR and AI

Twenty years of handwritten diaries as the memory layer of a personal AI. How vault, RAG, OCR and an agent loop come together into a system that knows who you actually are.

Read on Medium ↗

MCPHealthcarePrivacy 2026-04

An MCP server that does not log the patient ID, on purpose

Most public MCP demos that read patient data would fail a HIPAA audit on a single grep. A walk-through of a healthcare-grade MCP server design where the patient ID never enters logs by construction.

Read on Medium ↗

AgentsPKMPrivacy 2026-04

Beyond the Research Wiki: What Happens When the Data Is You

What changes when a personal knowledge base is about you, decisions, energy, health, inner life. Domain policy files, behavioral contracts for AI agents, and why one librarian with one behavior breaks down.

Read on Medium ↗

PKMObsidianMCP 2026-04

From Scattered Notes to Living System: Obsidian, Claude, and a Personal OS

How I built a local REST API over an Obsidian vault, connected it to a React dashboard, and added an MCP layer for AI-driven read-write access. Treating personal knowledge management as infrastructure.

Read on Medium ↗

OCRLocal LLMPrivacy 2026-04

Over Two Decades of Handwriting, One Local Language Model, and an OCR Problem

Building a Cyrillic handwriting OCR pipeline for 20+ years of personal diaries. TrOCR, LoRA fine-tuning, and why the hardest part is not the model.

Read on Medium ↗

AgentsObsidianPKM 2026-04

The Architect: Building a Weekly Review Agent on Top of an Obsidian Vault

A structured weekly review agent with MCP read-write access to an Obsidian vault. From capability to application, and why the specificity of the workflow turned out to be the point.

Read on Medium ↗