Scott Baker

AI Infrastructure Architect · Data Engineer · Systems Inventor

1099 / C2C / Corp-to-Corp — Flat-Fee Project Engagements — Remote Only

scottbaker@rusticagentic.agency · rusticagentic.agency · skr8tr.online · duckdatamaster.guru · github.com/NixOSDude

Three Service Lines — All Flat-Fee

Sovereign AI / RAG

Private, air-gapped document intelligence for law firms and regulated enterprises. No cloud APIs, no data egress. Post-quantum vault encryption (NIST FIPS 203/204). Full build and handoff.

Web Orchestration — skr8tr

skr8tr.online

The orchestrator built for web developers. Deploy microservices fast — 5 MB control plane, no Docker, no YAML. Lightweight alternative to Kubernetes. Priced by project scope.

Data Engineering — DuckDB

duckdatamaster.guru

Replace expensive Databricks/Snowflake with DuckDB. 172M rows/second on a single node. Spark migration, S3 data lake architecture, signed deliverables.

Professional Summary

Independent technologist offering three distinct flat-fee service lines across sovereign AI infrastructure, web microservices orchestration, and high-performance data engineering. All engagements are fixed-scope — no hourly billing, no retainers.

Former information security analyst with HIPAA compliance and HITRUST audit remediation experience. AWS Certified Solutions Architect. Databricks Certified Developer (Apache Spark, Scala). Available immediately. Remote only.

Professional Experience

RusticAgentic — Founder & Lead AI Architect 2024 — Present

https://rusticagentic.agency · Remote

Designed, built, and deployed a production sovereign AI document intelligence platform for law firms — the only legal AI system with post-quantum vault encryption and ML-DSA-65 signed audit trails (NIST FIPS 203/204).

Architected a complete private RAG pipeline: three-tier PDF extraction → legal-aware chunking at section boundaries → semantic embeddings (ONNX Runtime, CUDA) → hybrid vector search (HNSW + BM25) → on-device LLM generation — zero external API calls, zero data egress
Deployed and benchmarked on NVIDIA A100 80GB SXM: 1.7 second average query latency across a 150-document mixed-format legal corpus (PDF, DOCX, PNG, TIFF with OCR)
Implemented post-quantum vault: AES-256-GCM shards with ML-KEM-768 key encapsulation + ML-DSA-65 signed append-only audit chain — every access event cryptographically verifiable
20/20 queries answered with verbatim source citations across NDAs, MSAs, depositions, settlements, IP assignments — zero hallucinations without explicit flagging
Full-stack ownership: Rust (ra-rag, ra-gateway, ra-vault, ra-crypto, ra-audit, ra-ingest) + Leptos WASM frontend + GCP sole-tenant infrastructure

skr8tr — Inventor & Systems Architect 2024 — Present

https://skr8tr.online · Remote

Designed and built skr8tr — the orchestrator built for web developers. Deploy microservices fast, stay compliant, sleep at night.

5 MB control plane vs. Kubernetes 600+ MB — no etcd, no Helm charts, no YAML manifests, no platform engineer required
No Docker/containers required — deploys native binaries, WASM, and full VM workloads directly on GCP infrastructure
Every deploy ML-DSA-65 signed before the platform touches it — no bearer tokens, no unsigned commands accepted
Masterless mesh: no leader election, no single point of failure — any node can coordinate; mesh survives loss of any peer
Built-in HTTP/2 ingress, TLS termination, Prometheus metrics, cgroups v2 resource enforcement · HIPAA / PCI DSS compliance posture built in · Built in C23

duckdatamaster.guru — DuckDB Data Engineer December 2022 — Present

https://duckdatamaster.guru · Remote

High-performance single-node data engineering — replacing expensive Databricks and Snowflake stacks for teams paying $5k–$15k/month for cluster compute on workloads that belong on a single NVMe node.

Benchmarked 172 million rows/second — 167M NYC Yellow Cab records, 48 Parquet files, 5 queries, 971ms wall time — no cluster, no JVM, no Spark
Engineered Spark/Databricks → DuckDB migrations with verified before/after benchmarks; 5–25× performance gains, 80%+ cost reduction
Multi-cloud columnar pipelines: AWS S3 httpfs, Azure Blob Storage, GCP Cloud Storage — native Parquet, zero-copy reads
Authored a DuckDB C++ extension implementing post-quantum cryptography (ML-KEM-768, ML-DSA-65) callable directly from SQL via liboqs 0.15.0
Every deliverable ML-DSA-65 signed for provable chain-of-custody — HIPAA, fintech, and government clients

Ultra Clean Technologies — IT Analyst June 2019 — August 2022

On-Site

Automated enterprise hardware deployments via MS SCCM image creation and push
Administered Active Directory and Office 365 / Teams for a global user base
Managed CrowdStrike endpoint protection and CyberArk privileged access management
Governed VMware Horizon VMs and CCURE physical access control systems

Cognizant (TJX / TJMAXX) — Desktop & Systems Support April 2018 — June 2019

On-Site

Restored mission-critical Store Down scenarios under pressure to ensure business continuity across retail infrastructure
Supported virtual servers and in-store systems via VNC and Hyper-V remote control

CIOX Health, Inc. (now Datavant) — Jr. Information Security Analyst April 2014 — October 2017

On-Site

Engineered a HIPAA-compliant on-site medical records retrieval system with secure client portals
Led HITRUST certification audit remediation and HIPAA compliance initiatives firm-wide
Analyzed security posture using Qualys; led intrusion detection audits and firewall security configuration
Orchestrated vulnerability management and patch cycles across the full server fleet

Endurance International Group (now Newfold Digital) — Level 3 Linux Support July 2012 — February 2014

On-Site

Advanced to Level 3 Linux support; configured VPS environments on PLESK and managed high-traffic Linux servers for 120+ client accounts
Managed WordPress architecture, security hardening, and VPS configuration at scale

Core Competencies

AI & RAG Architecture

Retrieval-Augmented Generation · LLM · Private AI · Air-Gapped Systems · Legal Document Intelligence · Vector Search · Hybrid BM25 / HNSW · ONNX Runtime · GPU Inference · CUDA · Prompt Engineering · OCR · PDF Processing

Security & Compliance

Post-Quantum Cryptography (ML-KEM, ML-DSA — NIST FIPS 203/204) · AES-256-GCM · Attorney-Client Privilege Architecture · Zero-Trust AI · HIPAA · HITRUST · CrowdStrike · CyberArk · Qualys · Data Sovereignty

Cloud & Infrastructure

AWS (EC2, S3, Glue, Athena) · GCP · Azure · Sole-Tenant Compute · GPU Quota Management · Bare-Metal Linux · NixOS · Arch Linux · Kubernetes · Distributed Systems · VPS Administration

Data Engineering

Apache Spark 3.5 (Scala) · Functional Programming · Databricks · DuckDB · Parquet · Columnar Analytics · Multi-Cloud Data Pipelines · ETL Architecture · S3 httpfs · Azure Blob · GCS

Languages & Frameworks

Rust · C / C23 · Python · Scala · SQL · Bash · Nix

Certifications

Databricks Certified Associate Developer for Apache Spark

Databricks · Scala track

Verify Credential ↗

AWS Certified Solutions Architect

Amazon Web Services · Associate

Verify on Credly ↗

Education

Western Governors University — Information Technology · 2008–2011 (3 years completed)

Engagement Terms & Pricing

Available For

1099 Independent Contractor · Corp-to-Corp (C2C) · B2B Vendor Contract

Engagement Model

Flat-fee, fixed-scope only — no hourly billing, no retainers

Location

Remote only

Availability

Immediate — can start within days of signed agreement

Service	Engagement	Fee
Sovereign RAG / AI Platform — GCP	Full build & handoff	$100,000 flat
Sovereign RAG / AI Platform — On-Premises	Full build & handoff	$125,000 flat
skr8tr Web Orchestration	Project-scope deployment	Custom quote
DuckDB — S3 Data Lake Audit	1 week · signed report	$2,500 flat
DuckDB — Data Lake Architecture Review	1 week · signed report	$4,000 flat
DuckDB — Pipeline Migration (single pipeline)	2–3 weeks	$5,000–$12,000

Contact for a Free Scoping Call →