We can't find the internet
Attempting to reconnect
Something went wrong!
Attempting to reconnect
Start Here
I write for three audiences: founders trying to unlock enterprise pipeline, engineering leaders scaling AI-native teams, and senior engineers building production systems. Pick the path that fits — or read all three. The full active essay set of 25 posts lives at /blog →
If you're a founder
Your enterprise pipeline is stalled at the security review and your team isn't built to unblock it. These five posts are the playbook for the security, hiring, and leadership work that turns theoretical pipeline into closed revenue.
Every AI founder pre-Series A scopes their SOC 2 audit like a security project. Six months later they've burned their best engineer and lost the enterprise deal. Here's how to run it as a 90-day sales project — and unlock the pipeline you're already leaving on the table.
A full-time CISO costs $200–400K plus equity. A vCISO costs $2–4K a month and gives you 80% of the value at 5% of the burn — until you outgrow them. The math, the deliverables to expect, and the red flags that mean you've hired the wrong one.
Most pre-Series-A AI founders hire in panic order, not strategic order. The result is a team that can't ship the product the company actually needs. The hire-by-hire plan I'd run, who comes first, and why hire #4 isn't another engineer.
AI-native companies need a security model that classic appsec doesn't cover. Agents have credentials. Prompts are an attack surface. Training data leaks. The four-layer security stack I'd build, the controls I'd ship in the first 90 days, and the ones I'd defer.
I went from sole engineer to running a 15-person engineering organization over four years at a startup I co-founded. The hardest lessons weren't about code. The six things I'd tell my younger self.
If you run engineering
Operational throughput, team-level AI adoption, the migrations that pay for the next round of headcount, and the staff hire that levels up the rest of the bench.
Most engineers using Claude Code see a 10–15% speedup. The teams seeing 40–55% aren't typing faster — they're sequencing work differently. The four modes I use AI in, what to never delegate, and how to get a skeptical team across the line.
The title 'Staff Engineer' means three different things at three different companies. At an AI startup pre-Series-A, only one of those three is what you actually need. The screen, the take-home, the interview loop, and the AI-fluency calibration that's now table stakes.
Most AI startups try to fix the model when the real problem is they can't see what the model is doing. The four-layer AI telemetry stack, the tooling to use, and how proper instrumentation cut a Lavender hallucination rate by 40% without touching the model itself.
Migrating an AI-first product from GCP to Azure cut $350K from infrastructure spend over six months. The negotiation that mattered more than the architecture, the $50K we accidentally cost ourselves back, and the four migrations I'd refuse to do today.
How we moved 225K+ users with $400M+ in fintech assets from AWS Cognito to Auth0 without forcing a password reset, breaking MFA, or interrupting active sessions. The lazy-migration pattern, the gotchas, and what I'd do differently.
If you write code
Real-world technical writeups from production systems, the migration patterns that worked, and the workflow shifts AI tooling has driven since 2023.
We started with ten Ruby and Elixir services serving real-time messaging for 450K students across 900+ universities. Two years later we had six, fully Elixir, and on-call alerts had halved. The migration order, the patterns we leaned on, and what I'd do differently today.
How we moved 225K+ users with $400M+ in fintech assets from AWS Cognito to Auth0 without forcing a password reset, breaking MFA, or interrupting active sessions. The lazy-migration pattern, the gotchas, and what I'd do differently.
Most engineers using Claude Code see a 10–15% speedup. The teams seeing 40–55% aren't typing faster — they're sequencing work differently. The four modes I use AI in, what to never delegate, and how to get a skeptical team across the line.
AI-native companies need a security model that classic appsec doesn't cover. Agents have credentials. Prompts are an attack surface. Training data leaks. The four-layer security stack I'd build, the controls I'd ship in the first 90 days, and the ones I'd defer.
Working on something ambitious?
If anything in these posts lines up with what you're working on right now — staff engineering hire, fractional security leadership, AI product delivery, multi-cloud modernization — I'd love to hear about it.
Or reach me directly: jared@sublimecoding.com LinkedIn