AI / LLM Engineering
Enterprise AI Search Deployment
An enterprise AI search and assistant platform surfaced across an organization's Workspace data and a curated internal knowledge base, with agentic actions and a nightly automated ingestion pipeline.
4+ (email, calendar, drive, wiki)
Data sources federated
Nightly, fully automated
Ingestion cadence
Zero
Unreviewed integrations left running
The Problem
Employees needed one place to ask natural-language questions and get answers grounded across multiple, previously siloed information sources (email, calendar, drive, internal wiki/intranet), with the ability to take real actions, governed by proper enterprise authentication.
My Approach
- Configured and wired up federated data stores across the major productivity-suite sources plus a custom internal knowledge corpus, each scoped to appropriate access controls.
- Built an automated, scheduled ETL pipeline that pulls internal wiki content on a nightly cadence, converts it to an indexable format, and publishes it into a "Documents with Metadata" data store — deliberately choosing that indexing mode so search results produce clickable, working citation links back to the source page instead of dead links.
- Enabled agentic actions (not just search) on connected productivity sources, using per-user OAuth so actions execute with the requesting employee's own permissions rather than a shared service identity.
- Ran the rollout as a scoped pilot (small named group) before wider expansion, with a clear go/no-go checklist and a hard trial-to-paid conversion deadline tracked explicitly.
- Piloted a governed, read-only analytics connector so the assistant could answer sales-data questions from a cloud data warehouse — validated it end-to-end against real data, then made the deliberate call to pause and decommission it (revoke the app, firewall the service, retain only the reusable scaffolding) pending a broader security review.
- Established a credential hygiene discipline: rotating any secret that had been exposed in a chat/session transcript, and documenting a rotation runbook for the OAuth client used by the platform.
Stack
AI Platform
Google Cloud Gemini Enterprise (Vertex AI Search / Discovery Engine)Federated Workspace connectorsAgentic actions with per-user OAuth
Pipeline
Cloud Run (scheduled job)Cloud SchedulerPythonSecret ManagerCloud Storage
Identity
OAuth 2.0Domain-wide delegationIAM role scoping
Data Integration (piloted)
Model Context Protocol (MCP) connector to a cloud data warehouse
Practices
Phased pilot rolloutCredential rotation hygieneSecurity-first decommissioning of an unreviewed integration
Skills Demonstrated
- ▸Enterprise search/AI-platform engineering across federated data sources
- ▸OAuth/identity federation and per-user permission enforcement in an AI context
- ▸Building reliable, scheduled ETL pipelines for content ingestion
- ▸Sound security judgment: shipping a pilot but knowing when to pause and gate something on review instead of scaling it
- ▸Vendor-platform troubleshooting (working through undocumented API behavior methodically rather than guessing)