Open to relocation · Fall 2026 → Orlando, FL

Built for the Field.

Hardened. Recoverable. Offline-first.

Andrew Castor

Infrastructure & Cloud Security Engineer

I build secure, offline-first systems for environments where reliability isn't optional — healthcare clinics in austere field conditions, multi-site networks, and hardened Linux deployments. Currently shipping a self-hosted EMR for a Costa Rica medical mission and preparing for cleared defense work.

Get in TouchView Projects Resume
[Flagship Project]

MMDM OpenEMR — Offline-First Clinical Platform

In Production · Field Deploy 2027

Medical Missionaries of Divine Mercy · Houston → Costa Rica · 2024–Present

Self-hosted EMR built to run a six-station volunteer clinic in a Costa Rican parish hall with no internet, no cloud, and no public DNS. Migrated off a corrupted XAMPP environment to a hardened Ubuntu / Apache / MariaDB / PHP stack with a private certificate authority, daily backups, and bilingual Spanish/English clinical forms.

0

Clinical Stations

0

Intake Delay ↓

0

Users Trained

0

Internet Required

Problem

Corrupted Windows XAMPP stack with Aria storage engine failure. Paper forms across six clinical stations. No backups, no encryption, no recovery path. Mission-critical with zero connectivity guarantee.

Solution

Clean rebuild on Ubuntu 22.04 + Apache + MariaDB 10.6 + PHP 8.1. Private CA for offline TLS. UFW-hardened LAN posture. Daily cron backups with 30-day rotation. VirtualBox snapshot recovery.

Impact

Replaced 20+ years of paper workflow with structured clinical data. HIPAA-aligned posture. Recoverable from hardware failure. Designed for volunteers to redeploy at any mission site without a network engineer present.

Ubuntu 22.04ApacheMariaDB 10.6PHP 8.1OpenEMR 7.0Private CA · OpenSSLUFWBash · CronNetplanRBAC
Read full case study
[Technical Capabilities]

What I Work With

Infrastructure & Linux
Ubuntu ServerApache · NginxMariaDB · MySQLVirtualBoxWi-Fi 6 MeshLAN/WANNetplan · DHCP/DNS
Security
Private CA · OpenSSLTLS · HTTPS hardeningUFW · iptablesRBAC · ACLsEntra IDLeast PrivilegeHIPAA-aligned posture
Cloud & DevOps
Azure · Entra IDSharePoint syncAWS (learning)Bash · CronPowerShellGit · GitHub
Application & Data
PHP 8.1PythonSQL · MariaDBOpenEMR · LBFHL7 (planned)TensorFlow Lite

Certifications

CompTIA Security+CompTIA Network+Google IT SupportAzure AZ-500(in study)
[Other Work]

Additional Projects

Network Architecture

Deployed

50,000 sq ft Wi-Fi 6 Mesh

Multi-building Wi-Fi 6 mesh across five buildings for MMDM Houston ops center. Segmented VLANs, DHCP/DNS, offline-tolerant routing.

Wi-Fi 6VLANMulti-site LAN

Embedded / IoT

Shipped

Emergency Evacuation Guidance Device

ENGR 1201 · University of Houston · Spring 2026

Handheld device that computes real-time evacuation routes via Dijkstra's algorithm, rerouting users away from heat sources detected by distributed DS18B20 probes. Raspberry Pi 4 + ESP32 sensor hub over USB-serial.

Raspberry Pi 4ESP32Python · PygameNetworkXDS18B201-WireUSB-SerialSystemd

AI / Edge

Prototype

Fall Detection System

Real-time emergency detection model on TensorFlow Lite + Raspberry Pi with mobile alert integration. Edge inference, no cloud round-trip.

TF LiteRaspberry PiPython

NLP / ML

Complete

NewsBot 2.0

NLP pipeline for news article classification, sentiment analysis, and multilingual translation.

NLPSentimentTranslation

Security Lab

In Progress

Splunk SOC Home Lab

Self-hosted Splunk environment for log ingestion, detection rule writing, and SOC triage exercises. Pairs with TryHackMe SOC L1 path.

SplunkSIEMDetection Eng

More on GitHub

Coursework, lab repos, automation scripts, and works-in-progress.

github.com/osakhra →
[Contact]

Build systems that hold up.

I'm open to infrastructure, security, and field deployment roles — full-time, contract, or co-op. Relocating to Orlando, FL in August 2026 for UCF.

JCastorwrk@gmail.com LinkedIn GitHub