Zeshan Nasir
System Administrator · Data Reliability & Sovereign Infrastructure

Zeshan Nasir

System Administrator @ Optimizely  ·  Data Reliability & Sovereign Infrastructure
My primary mandate is to architect solutions that reduce manual toil. I focus on bridging the gap between infrastructure and modern AI workflows to drive Service Desk ticket deflection. I’ve learned that AI initiatives fail without data reliability; an LLM will hallucinate if it feeds on rotting documentation. To solve this, I engineer the knowledge lifecycle in Confluence—enforcing strict metadata labeling, expiration protocols, and standardized templates. By defining these strict data schemas, I provide the deterministic foundation required by our automation teams (using Workato) and AI platforms (like Atlassian ROVO) to safely deploy ticket deflection without the risk of hallucination.

I apply this same discipline to my personal infrastructure. I use the Omega Cluster to experiment with Sovereign AI and architect zero-trust networks, finding ways to solve enterprise compliance headaches (GDPR, HIPAA, SOC2/SD). My environments are heavily automated (Python, Bash) and built to proactively research security incidents and eliminate data exfiltration risks.
4 years @ Optimizely 14+ years in IT Spot Award — Optimizely
Contact GitHub LinkedIn

Projects

Built, running, or in progress

  • Silicon Nexus

    Compliance & Speed: Cloud AI analysis of sensitive data (Okta/Azure logs) violates GDPR/HIPAA compliance. I leverage native ollama-mlx and Apple Unified Memory to run Gemma4 (26B) and Qwen3.6 (35B MoE) models at 67-70 tok/s locally. This provides agentic-speed, offline analysis of security incidents and access logs with zero cloud exfiltration risk.

    🟢 Active Python · MLX · FastAPI · Textual

  • Homelab Cluster

    Zero-Trust Mesh & CPU Inference: Deployed a "ScaleTail" mesh topology across Proxmox nodes (ms-ultra-02, hp260) and an HP ProCurve 24-Port switch. 20+ isolated utilities fronted by Tailscale sidecars. Tuned ik_llama.cpp (MTP, q8_0 KV cache) to force 35B models into standard DDR5 RAM, achieving 47 tok/s prefill for persistent local RAG without GPUs.

    🟢 Locked Proxmox · OPNsense · Tailscale

  • Enterprise Endpoint Infrastructure

    Engineered the knowledge lifecycle in Confluence for Atlassian ROVO and Workato integration. Implemented strict metadata labeling and expiration protocols to ensure AI systems serve only verified, structured truth, driving accurate Service Desk ticket deflection.

    Azure · Intune · Jamf · M365

  • Hospital Network Management

    Network and systems administration for a healthcare environment. Azure Active Directory, secure access controls, operational tooling, and network orchestration under compliance constraints.

    Azure · AD · Networking

Skills

By domain
Enterprise Infrastructure
  • Azure
  • Intune
  • Jamf
  • Active Directory
  • M365
  • Confluence
  • Workato
  • PowerShell
  • AutoPilot
Homelab & Self-Hosted
  • Proxmox
  • OPNsense
  • Docker
  • MagicDNS
  • Tailscale
  • Linux
  • Bash
  • n8n
AI & Local Inference
  • Python
  • MLX
  • FastAPI
  • ik_llama.cpp
  • Qdrant (RAG)
  • Paperless-NGX

Career

14+ years in IT
  • 2026
    System Administrator  Optimizely — Stockholm  ← current
  • 2022
    Associate System Admin  Optimizely
  • 2020
    Network & System Admin  SV Engineering
  • 2012
    System Support Officer  Microtech Industries

MSc · Uppsala University · Stockholm, Sweden

Certifications & Awards

Professional validation
Jamf Certified Associate (2024)
HCIP Routing & Switching
Microsoft Office Specialist
Spot Award — Optimizely

Community

Beyond the terminal

AAOU · Akhuwat — 12+ years of service