Portrait of Sergei Mellow

Sergei Mellow

Senior Software Engineer

Over a decade building the software behind 911 dispatch and police records, trusted by more than 200 law enforcement agencies across the country.

$ whoami
Backend and integration engineering: versioned REST APIs, 500+ production integrations, AWS GovCloud, and hundreds of on-prem Kubernetes clusters.

200+agencies served
500+integrations live
10+years shipping

About

I am a senior backend and integration engineer with over ten years of experience, the last nine at Mark43 building public-safety software: the records, dispatch, and evidence systems that police departments rely on every day. When someone calls 911, software I built and operate is part of what happens next, so reliability is not a buzzword for me. It is the job.

Before specializing in integrations, I spent over five years as a full-stack product engineer shipping web and mobile features, so I have built products, not just the plumbing between them.

I own systems end to end: I help decide what gets built, design it, build it, ship it, and carry the pager for it in production. I mentor other engineers, manage releases, and work directly with customers, including one of the largest metropolitan police departments in the country, to turn real-world needs into shipped features.

I design, build, and operate public-facing REST APIs and data integrations for high-availability public-safety systems: 200+ state and federal agencies, 500+ production integration instances, all inside FedRAMP- and CJIS-compliant government cloud environments. My work spans API architecture and versioning strategy, the internal integration and ETL frameworks other engineers build on, and the on-prem Kubernetes fleet the whole thing runs on.

I own services across the full lifecycle: architecture, delivery, and production on-call. I mentor engineers, run root-cause analysis and post-mortems, and review AI-generated code before it ships. Off the clock I run a small homelab where I get to break things on purpose; see the projects below.

Experience

Mark43

Senior Integration Engineer · June 2017 to present

Progressed from Software Engineer I to Senior Integration Engineer, focused on systems integration since 2021.

  • Build and run the public APIs and integrations powering records management, computer-aided dispatch, and digital evidence for 200+ law enforcement agencies.
  • Deliver both large custom integrations for individual agencies and reusable integrations adopted across many customers, with 500+ running in production.
  • Modernized two large legacy codebases with zero downtime, using AI tooling to compress months of migration work into weeks, and advised three other teams on doing the same.
  • Serve as release manager, shipping weekly to biweekly releases through QA, staging, and production.
  • Carry years of production on-call for first-responder systems, leading root-cause analysis and writing post-mortems.
  • Partner directly with agency stakeholders, including one of the largest metropolitan police departments in the country, to scope and ship features.
  • Architect versioned REST APIs (OpenAPI) for internal front-end clients, external vendors, and customers; run multiple concurrent versions plus a public developer portal documenting every endpoint.
  • Develop the internal frameworks behind real-time product-to-vendor integration, all scheduled-job integrations, and the ETL tooling other engineers build on, plus an internal CLI used daily by integration engineers.
  • Define deployment architecture for a fleet of hundreds of on-prem Kubernetes clusters, from single-node to HA multi-node.
  • Migrated two large codebases from Java 8 to Java 21 module by module with zero downtime, rewriting components that could not be ported as-is.
  • Automated TLS certificate management with auto-renewal, eliminating manual rotation and expiration outages.
  • Led CI/CD pipeline migrations across multiple large codebases and helped drive observability platform transitions.
  • Production on-call via PagerDuty for first-responder systems: paging-capable alerting, root-cause analysis, post-mortems.

Main Street Computing

Full-Stack Web Application Developer · March 2015 to June 2017

  • Built client-facing web applications end to end with Ruby on Rails, Node.js, and JavaScript on AWS, plus cross-platform mobile apps with Cordova, practicing test-driven development throughout.
  • Worked directly with clients in Agile teams to turn requirements into shipped features.

B.S. in Computer Science, University at Buffalo, The State University of New York (SUNY), 2014

Skills

Languages
Java · TypeScript · JavaScript · Ruby · Python
Databases
MySQL · PostgreSQL · DynamoDB · relational data modeling · raw SQL and via ORMs / DSLs
APIs & Integration
OpenAPI / Swagger · REST API design · public API versioning · third-party & cloud data integrations · developer-documentation portals
Cloud & Infrastructure
AWS (EC2, Lambda, S3, SES, SQS, IAM, ElastiCache, Route 53, Transfer Family) · AWS GovCloud · Kubernetes · Rancher · Terraform · containerized deployments
CI/CD & Delivery
GitHub Actions · TeamCity · Argo CD · progressive delivery · release management · pipeline migration
Observability
Datadog · Grafana · Kibana · New Relic · SignalFx · CloudWatch · PagerDuty
Frameworks
Spring · Ruby on Rails
AI Tooling
Claude Code · Gemini CLI · agentic development workflows

Projects

Things I build on my own time. Each one started as a real problem I wanted solved, not a tutorial.

Homelab and side work, summarized from my own session logs. Identifying details are deliberately scrubbed.

Cloud cost kill switch

A serverless guardrail that automatically shuts off expensive cloud AI APIs before a runaway bill can happen.

Cloud AI services bill by usage, and a bug or a forgotten job can quietly burn money for days. I built an automatic circuit breaker on Google Cloud: when spending crosses a budget threshold, the system disables the expensive services on its own, no human required. It also caught a subtle bug of its own along the way, which I diagnosed and fixed.

Google Cloud Billing budget alerts publish to a Pub/Sub topic; a 2nd-gen Cloud Function (Node.js) consumes them and calls the Service Usage API to disable the AI APIs (Gemini, Vertex) once spend crosses the threshold, using a least-privilege service account scoped to service management only.

The bug worth telling

Budget update events (fired when you edit the budget itself) arrive with alertThresholdExceeded: undefined. My original guard was threshold < 1.0, and undefined comparisons are always false, so the function treated a budget edit as a breach and disabled the APIs prematurely. The fix was an explicit !== undefined check before the numeric comparison. A good reminder that event payloads are part of your API contract, including the fields that are sometimes missing.

Self-hosted AI agent platform

An always-on personal AI assistant platform running on my own hardware, with scheduled jobs and multi-model routing.

I run my own AI assistant infrastructure at home rather than relying on someone else's app: it answers through a chat interface, runs scheduled daily jobs like news briefings, and stays up through upgrades. Operating it has taught me what production AI systems actually need: fallbacks, monitoring, and careful handling of credentials.

A Dockerized multi-model agent gateway running on a home Ubuntu server and a Raspberry Pi, with a Discord front end and cron-scheduled jobs (daily memory initialization, workspace sync, automated web briefings). Model routing uses Claude as primary with Gemini fallback. The interesting operational problems: persisting credentials across ephemeral container upgrades via volume symlinks, hardening headless Chromium web fetches, and keeping cron jobs from silently dying after version bumps.

NJ Playgrounds

A live full-stack web app that helps families find and review playgrounds across New Jersey: nj-playgrounds.com.

Weekend trips with my kids kept starting with the same question: which playground? So I built the answer and put it on the internet: maps, search, and parent reviews for playgrounds across the state, running in production for real users.

Ruby on Rails 8.1 on PostgreSQL, deployed on Heroku: geocoded search including a lat/long-to-ZIP feature, user reviews and ratings, Google sign-in, transactional email via SendGrid, and a mobile bottom-sheet map UI. AI-assisted code review is part of the workflow, and database backup and recovery procedures are documented and tested.

Running this site's server

The website you are reading doubles as a small production environment I operate end to end.

This site runs on a cloud server I have operated for over a decade. I recently audited everything on it, took the operating system through a major in-place upgrade with zero data loss, retired services nobody used anymore, and cleaned out years of accumulated cruft. Owning the whole lifecycle is the point.

A multi-tenant Apache box with Let's Encrypt TLS, carried in place through every Ubuntu LTS release from 16.04 to 24.04, most recently three back-to-back release upgrades run in a detached screen session, with a full-disk snapshot and database dumps as the safety net and every site verified at each hop. The cleanup pass retired an abandoned WordPress install behind a 301 redirect, purged years of dead kernels and packages, and capped runaway logs, freeing roughly six gigabytes on a small VM where that matters.

Home network security review

A full audit of my home network, and a deliberate decision about what not to publish.

I audited every device on my home network the way a professional would assess a small office: what is connected, what is exposed, what needs fixing. Just as important, I concluded the raw results should never be published, because network scans are effectively a blueprint of your home. Knowing what not to share is part of security work.

ARP and ICMP sweeps for inventory, TCP connect scans with banner grabbing for service identification, and hardware trust assessment across roughly 30 devices. Follow-up: a 48-hour rolling packet capture in monitor mode on a Raspberry Pi (hourly tcpdump rotation with compression). The raw data stays private by design: BSSIDs are geolocatable through public wardriving databases, so a published scan is a map to your front door.

Reviving a scientific C codebase

Patched a decades-old lighting-simulation codebase to build on a modern compiler, then used it to answer a real question.

Radiance is a scientific lighting-simulation suite whose code predates most of today's tools. I got it compiling on modern systems, then built a working simulation of a real room to compute physically accurate lighting levels. Old code is everywhere in industry; being comfortable making it work is a durable skill.

Patched the legacy C sources (conflicting extern declarations, pre-ANSI idioms) to compile under GCC 15.2 on ChromeOS via Chromebrew. Then scripted the full pipeline: gensky for a calibrated sky model, oconv to build the octree, rpict for HDR renders, rtrace for illuminance (about 8,100 lux at room center), and falsecolor maps for glare analysis on a physically modeled 4x5x3 m room.

Personal

Before software, there was esports: I competed professionally in Counter-Strike in the mid-2000s, which is where I first learned what practice, teamwork, and performing under pressure actually feel like.

I have been building my own PCs since 2013, and this website spent its first two years being served from a Raspberry Pi in my living room before I moved it to the cloud in 2015. Some habits stick: I still prefer understanding the whole stack, down to the hardware.

Away from screens I chase fresh powder on a snowboard every winter, and spend the rest of the year hiking and biking with my kids.

The Raspberry Pi that served this website for two years

Contact

The fastest way to reach me is email. I am based in Bloomfield, NJ, in the New York City metro area.