Enterprise Cloud & Security Architect
Strategy that delivers
The Value of of an Enterprise Cloud Architect
Summary of key responsibilities:
1. Cloud Strategy:
Developing a comprehensive cloud strategy aligned with the organization's goals and objectives. This involves understanding business requirements, evaluating cloud solutions, and recommending the appropriate cloud platforms (such as Amazon Web Services, Microsoft Azure, Google Cloud Platform).
2. Cloud Infrastructure Design:
Designing the architecture and infrastructure components required for deploying applications and services in the cloud. This includes defining network configurations, storage solutions, virtual machines, containers, serverless computing, and other resources.
3. Security and Compliance:
Ensuring the security and compliance of the cloud environment. Implementing robust security measures, such as identity and access management, encryption, and monitoring, to protect data and applications. Adhering to regulatory and industry compliance requirements, such as GDPR, HIPAA, or PCI DSS.
4. Scalability and Performance:
Designing cloud solutions that can scale seamlessly to handle varying workloads and user demands. Optimizing performance by leveraging auto-scaling, load balancing, caching mechanisms, and other techniques.
5. Cost Optimization:
Developing strategies to optimize cloud costs by selecting the right pricing models, utilizing reserved instances, rightsizing resources, and implementing cost monitoring and reporting. Ensuring that cloud resources are utilized efficiently to minimize unnecessary expenses.
6. Integration and Migration:
Assessing existing systems and applications and planning their migration to the cloud. Defining integration strategies to connect cloud services with on-premises infrastructure or other cloud providers. Facilitating smooth and efficient data transfers and application integration.
7. Collaboration and Communication:
Collaborating with cross-functional teams, such as developers, operations, and security professionals, to ensure successful implementation and ongoing management of cloud solutions. Communicating cloud architecture and strategies to stakeholders, executives, and technical teams effectively.
I have a deep understanding of various cloud technologies, architectures, and best practices. They need to stay updated with the latest advancements in the cloud industry and continuously evaluate and recommend new tools and services to enhance the organization's cloud capabilities. Examples are:
-
Blockchain: DeFi, AWS Blockchain as a Service, Hyperledger Fabric, Enterprise Blockchain and the Supply Chain, Web3 Application Development, NFT Fundamentals, Metaverse Technology, Blockchain Implementation
-
Generative AI & LLMs: Chat GPT, Transformer Architecture, tokenization & Vectors. Prompt Engineering. Model types & Applications. Machine Learning (Supervised/unsupervised)
From making strategic decisions to developing your capabilities, I’m here to help. Using my expertise and deep understanding of the industry, you’ll receive real solutions and experience true results. Get in touch to book a meeting.
​
​
Munich Re Group
July 2024 to Date
Lead Enterprise Cloud Atchitect
Munich Re are a global reinsurance company, and due to the acquisition of Ergo, there is a need to consolidate the business & IT strategy and create a global cloud strategy. Both entities have a presence private (on-premises with VMWare (VCF)), hybrid (AVS, Azure VMWare Solution) and cloud native (AWS, Azure and GCP)
My role has been to engage with key stakeholders and understand their journey so far. This involved engaging with teams globally, across cybersecurity, finops, regulatory (compliance & legal). A GAP analysis has been conducted and the findings socialised and presented with stakeholders. Due to this industry being highly regulated (BaFin/VAIT), strategies for exit and placement strategies need to be carefully planned.
-
Stakeholder Engagement: Quickly learned the status quo of the MRe and Ergo Azure, AWS and on-premises Landing Zone landscape. This involved understanding their working groups, like Business Technology/Business Services, DevSecOps, EA, SRE & Platform Engineering, to understand their footprint, and processes and policies, from security to tagging and cost management
-
CCoE & Strategic EA: Engage with both entities and expedite the CCoE/EA function, as a global entity.
-
Cloud Strategy: Create a document with the findings, and other supporting MRe material to present to senior stakeholder/sponsors of the cloud strategy. Understanding the Business Strategy, Strategic Pillars, and Focus Areas with Objectives. Propose the cloud guiding principles, in line with the insurance sector and regulatory bodies, to finally produce an exit and a placement strategy, to include all considerations, triggers, and implications
-
Landing Zone Strategy: Understand current architecture across various Landing Zones for hybrid, public and private environments (AVS – Azure VMWare Solutions, VCF, VMWare Cloud Foundation, Azure and AWS) in order to create a global cloud strategy, and in turn develop an exit & placement strategy aligned with the regulatory insurance market. Develop a cloud LZ architecture in Azure & AWS with full automation/orchestration using DevSecOps pipelines in ADO, and native AWS pipelines, to include, security, governance, and compliance
Providing solutions and other options for the global teams in Platform Engineering, DevSecOps, Security. Automation, and IaC. This involved detailed analysis of AVS and VCF and alternatives to migrate, such as Nutanix
Cloud Bridge
Oct 2023 - July 2024
Enterprsie Cloud Solutions Architect
Cloud Bridge are an advanced AWS partner, with presence in UAE, Europe and Far East.
As an Enterprise Solutions Architect I am responsible for:
-
Successfully created a mind-mapping exercise to collate all pre-sales/discovery/scoping calls as well as discovery and analysis of applications prior to migrations.
-
Developed and maintained enterprise architecture models, frameworks, and roadmaps that support the organization's (and its clients) strategic objectives and business processes.
-
Representing Cloud Bridge as a TAM for 2 key clients, while also Collaborating with business stakeholders, IT teams, and other relevant departments to gather requirements, analyse needs, and define architecture solutions that address current and future challenges.
-
Dedicated SA to Leeds County Council to help accelerate council on-premise VMWare applications to AWS (Cloudamize, MPA MAP), following all GDS design principles and guidelines (also used by NHS and DWP)
-
Provided leadership, guidance and expertise on architectural design principles, standards, and best practices to ensure alignment with industry regulations, security protocols, and performance requirements.
-
Lead the design and implementation of scalable and flexible architecture solutions that facilitate interoperability, data exchange, and seamless integration across many systems. (Industries: Rail, health, finance, insurance, satellite, gaming, government and Media). Successfully blended well with CxO’s, Chief Architects & business leaders to build an EA function (TOGAF, Zachman)
-
Masterminded the concept of CCoE and TDA internally and implemented the roles and responsibilities to conduct architecture reviews (TDA), assessments, and audits to ensure compliance with established standards, guidelines, and policies, recommending corrective actions as needed. Introduced the concept of evangelizing and testing new technology: Amazon Q, Bedrock, Amazon CodeWhisperer and SageMaker, Microsoft Copilot. Investigating other hypervisor solutions using HCI (Hyperconverged Infrastructure), such as Nutanix, ProxMox, Xen and KVM
-
Reviewing designs and making sure that clients follow the ‘Well Architected Framework. Perform reviews, and migrations (Assess, Mobilize and Migrate), especially VMWare migrations to AWS, Azure and GCP
-
Expert knowledge in providing Cloud Solutions in, AWS, Azure & GCP, from Landing Zone designs to complex migrations.
-
Producing End to End High level and low-level architecture designs with proven ability to work closely and effectively with DevSecOps and support/SRE teams. (coda.io, Sharepoint, AzureDevOps, notion.io)
-
Designing & developing architectural designs, including system components, interfaces, and integration points, together with blueprints, frameworks, and best practices, using Agile development methodologies (eg, Scrum, Kanban).
-
Successfully delivered DevSecOps Framework with best practices, principles, SDLC, as well as testing and branching strategy
dun & bradstreet
D&B has been undergoing a major transformation in its Data & Analytics space. As part of this initiative D&B have partnered with Google Cloud with a vision of pioneering and leading the data services for the enterprise. My role is to work with the various Stakeholder, understand the business & technical requirements, and translate them to a data driven solution. The strategy is to migrate their current CRM platforms into Google Cloud taking into consideration the vision, key drivers, and challenges. Constructing HLD’s and options papers for GCP various tools: Data Transfer Service, Dataflow, Dataproc, Datafusion, Dataprep, BigQuery, and Looker Studio.
Supporting the on-going development of the strategic reference architecture
Lead the ‘MVP to production’ Data reference architecture, including development Patterns, Principles, Standards and Capabilities
Provide guidance in data modelling, lineage, quality, metadata and governance
Ensure all deliverables and products have been communicated to stakeholders via weekly SteerCo session
Introduce and promote and evangelise architecture best practices in Analytics and Operational System Design
Rationalise and simplify the current data architecture to reduce technical debt and data duplication
Lead Enterprise Cloud Architect
IAGGBS
Jan 2023 - Sep 2023
Enterprise Cloud Solutions Architect
IAG (International Airlines Group) are currently undergoing a massive Digital Transformation to the cloud. The programme is split into several LOB’s (Lines of Business), across multiple Operating Companies (British Airways, Air Lingus, Iberia, Loyalty etc) where I am responsible for:
-
Daily Progress Drive: Led daily efforts to ensure Tata Consultancy Services (TCS) consistently produced high-quality Project Artefacts within set deadlines for migrating on-premises systems to AWS.
-
Diverse Application Portfolio: Managed the migration of various critical applications, including Identity and Access Management (IDAM), Privileged Access Management (PAM), Directory services, NAS, AWS SSO, and more, showcasing versatility in handling complex migrations.
-
Comprehensive Security Reviews: Conducted thorough security reviews across multiple domains, including IAM, Network and Infrastructure Security, Cloud Security, Business Continuity and Disaster Recovery (BC & DR), Monitoring and Incident Response, Threat and Vulnerability Management, Application Security, Data Protection, Governance, Risk, and Compliance.
-
Quality Assurance Collaboration: Collaborated with internal teams, such as Service Introduction, Cybersecurity, and Technical Design Authority (TDA), to perform quality reviews on Project Artefacts and High-Level Designs (HLDs)/Low-Level Designs (LLDs). Ensured solutions met business requirements, quality standards, and cost constraints.
-
Proactive Progress Monitoring: Monitored daily progress of AWS migrations by TCS, ensuring adherence to agreed-upon timelines and design criteria, and promptly addressing deviations.
-
Effective Representation and Reporting: Represented the IAG Programme Manager at key technical governance forums, including the Technical Design Authority (TDA), Security Architecture Board (SAB), and UK Data Centre Expansion (UKDCE) review board. Provided progress updates, endorsed design submissions, communicated solution designs, and ensured TCS delivered high-quality weekly progress reports at Line of Business review meetings. Retained accountability for architecture and design, updated program tracking documents daily, and provided Executive Summary weekly progress reports to the IAG Programme Manager.
bp
Senior Enterprise Cloud Architect
-
Accelerate is a new developer platform for all 20,000 software professionals across bp. The vision here is for all developers to use a single platform, to leverage all the technology, community contributions, best practices, and support channels to help them accelerate the delivery of continuous value for their users in an efficient, stable, compliant, and sustainable manner. Working with various product owners to deliver a useable, resilient, and secure infrastructure in AWS, designing solutions and using design best practices. In tandem, engaging with DevOps engineers, in agile teams, and squads, to deliver several MVP’s
-
Working collaboratively with Digital Security and Cloud Technical Governance to define the to-be architecture, using a clear DevSecOps framework/architecture, incorporating ADO
-
AWS Serverless technologies, microservice app deployments in an AWS ElasticBeanstalk and EKS cluster using terraform and ADO pipelines. Implementing tooling such as Prometheus, Istio AppMesh, Aqua Container Security and Chaos engineering (Operatorhub.io, AWS FIS and kube-monkey)
-
CI/CD designs (ADO), frameworks, best practices, while applying automated testing in Dev, Test, Int, Pre-prod/Prod. Collaborative work ethic using ADO Epics, Feature, and Boards. Creating PBI’s and following through with DevOps engineers
-
Understanding of EA/Business models and frameworks as well as DevSecOps architecture practices
-
Native AWS tooling/services – Shield, WAF, Firewall Manager, ALBs/NLBs, Lambda, cloudformation as well as terraform
-
Serverless, containers (EKS, ECS), monitoring and managed services, EventBridge architecture, Microservices (& Micro-front End Architectures). Observability solution using Open Telemetry and Honeycomb
-
Understanding of modern data paradigms including architecture and technology to support digital use-cases
-
Broad understanding of modern AI & ML paradigms
-
Appreciation of DevOps, CI/CD and Agile SDLC approaches (Agile, SaFE)
Sopra Steria
Oct 2021 to Mar 2022
Senior Enterprise Cloud & Security Architect
-
First Project - As the Lead AWS Enterprise Architect, currently assigned to (ADS) Defence, Aerospace and Security division, designing the new AWS Infrastructure for Morpheus Project. Working as the Lead, cloud-native Architect, my role is to capture the ‘new’ business requirements, as the shift had changed from on-premises, to AWS. Translating those requirements into a viable, operational architectures, that is fit-for-purpose, while also owning the HLD. Overseeing the design & implementation of the AWS infrastructure, from networks, IAM, RBAC, VPC’s, subnets, ELB’s, WAF & cybersecurity (NCSC) framework. The objective is to produce a data lake solution using Oracle products (OAM, OID etc). Services consumed will be: KMS, ACM, Patch Manager, Security Hub (GuardDuty, Secrets Manager), WAF and Firewall Manager etc. Extensive experience in cloud design principles and modern application architectures, that underpin the CAF (Cloud Adoption Framework), while also implementing cloud security principles, such as: Data encryption, operational security, secure configuration change and management, secure user management, external interface protection and auditing.
-
Working closely with other Infosec, business architects, engineers, and analysts (Babcock & MoD) to collectively provide a functional and technological viewpoint into technical solutions, while also providing mentoring and training leadership
-
Collaborate with SMEs from Cloud, Integration, Data, Security & Digital to bring an end-to-end solution architecture for the business requirement, while following the www.ncsc.gov.uk guidelines
-
Providing advice and guidance on Azure Landing Zones, using Microsoft CAF policy, incorporating best practices, governance, and design patterns for IaaS & PaaS)
-
2nd Project – Working collaboratively with various parties, my role is the Technical Lead for designing the HLD to deliver the Digital Toolset for the HE (Highways England), to include a CDM (Common Data Model). There vision is to improve the was we connect with supply chain, and reduce wastage and inefficiencies in how we capture, exploit and manage data.
-
After an initial discovery phase of various sources, the immediate requirement is to produce an MVP in Azure using cloud-native tools, such as, ADLS (Azure Data Lake Storage, ADF, Data Bricks, Synapse Analytics and Power BI)), and ingesting data into various zones (Raw, Structured, Curated and Audit)
-
Lead best practices and create documentation around data governance, data security, and master data management to establish guidelines. Partnering with Kaiasm, and working with Deloitte and Microsoft to deliver the solution
Bio
Professional Consulting
Projects can be challenging; I’m here to lighten the load off your shoulders. I’m an honest and positive professional whose first priority is always the interests of my clients; providing capability, adaptability, and scalability.
I am passionate about the cloud. Always thinking 'out of the box' and providing relevant business and architectural solutions, that are 'fit-for purpose', and add real value to the end customer. A team player, where I can work with all levels of the business, from local operations teams to CxO level
Tremendous experience working as an Enterprise Cloud Architect
Leading business and technical teams (eg business analysts, SMEs, technology architects) and the early stages of a project to complete the scoping with high-level designs
Demonstrate ability to communicate, present and influence credibly and effectively at all levels of a customer's technology organization
Experienced in working and setting up practices for agile architecture practices, including knowledge/qualification on agile and lean architectural frameworks.
Experience implementing and supporting enterprise solutions and large operational platforms
Knowledge of process automation, user experience, and workflows
I Thrive on the unknown: I love to be creative and solve problems businesses are facing, with limited input and resources, in a high-pressured environment
Experienced in leading transformational initiatives that are company-wide
