Profile photo of Marius Mihail Russo-Got

Marius Mihail Russo-Got

also known as Marius Russo

Senior IT Architect & Advisory · NATO Secret cleared (Aug 2022)

Banking · Sovereign DPI & Government · Defence · International Organisations · Bucharest, Romania
NATO / NCIA · UN · UN Secretariat · OICT · UNDP · EU · EEAS · ECB · INTERPOL · GROUPE SOCIÉTÉ GÉNÉRALE · IBM · MOTOROLA · ALCATEL
Senior IT Architect · Advisory25+ years · banking · sovereign DPI · defence · international organisations

Architecture decisions that hold under audit, oversight and political scrutiny.

Architecture authority for banking and financial services, sovereign digital public infrastructure, security and defence, and international organisations — where every decision must hold under audit, oversight and political scrutiny.

Engagements at NATO/NCIA, the United Nations, the EEAS, the European Central Bank, INTERPOL and Groupe Société Générale. 270+ projects delivered across 25+ years — metrics in the strip below.

Marius Mihail Russo-Got — institutional architecture context with NATO, UN, EU, IBM, Alcatel/Nokia and Motorola
270+Projects delivered
76Mission-critical large-scale
US$110MLargest single budget
25+ yrsIndustry experience
~28 moAhead of plan · no delays without signed CR
4.42%Median cost savings · all engagements
4.87/5Client satisfaction · survey-based
99.999%Platform availability
-35%Audit findings (Y1)
39Countries DPI advisory
821Components rationalised
NATO ✓Secret cleared · Aug 2022
270+Projects delivered
76Mission-critical large-scale
US$110MLargest single budget
25+ yrsIndustry experience
~28 moAhead of plan · no delays without signed CR
4.42%Median cost savings · all engagements
4.87/5Client satisfaction · survey-based
99.999%Platform availability
-35%Audit findings (Y1)
39Countries DPI advisory
821Components rationalised
NATO ✓Secret cleared · Aug 2022

Metrics basis: client satisfaction from end-of-engagement surveys (scale 1–5); cost savings median across all tracked engagements; schedule performance reflects zero unilateral delays — every schedule change was formalised through a signed change request, aggregate portfolio position +28 months ahead of baseline. · Recommendation letters and named references available under NDA — not published for GDPR reasons.

Credentials Polytechnic University of Bucharest Harvard — Risk Management Professional TOGAF · COBIT · PRINCE2 · ITIL Master · SAFe SA / POPM ISO 27001 · NIST 800-53 · PCI DSS · SWIFT CSP · GDPR NATO Secret · issued Aug 2022
"
I work for institutions where IT failure is not an option. In those environments, credibility is not a claim — it is a record. Every architecture decision I sign off has to be traceable; every control, evidenced; every delivery, measurable. Each choice must hold under audit, oversight or political scrutiny.

— Marius Mihail Russo-Got · Senior IT Architect & Advisory

Five domains · outcomes & capabilitiesNamed programmes · tracked results · where the work happens

What the work delivered — and where it was built

Named, tracked results from real programmes anchored in evidence packs, mapped to the five domains where the work takes place. Most engagements cross two or more.

Named programme outcomes

NATO / NCIA · 2023–2024

US$3.9M value · 821 components rationalised

Section Head — Content Collaboration. 12 + 24 matrix reports. OPEX up to US$41M / CAPEX up to US$24M.

  • 115 consolidated · 369 retired
  • -58% support tickets via standardisation
  • +74% faster releases · 99.999% availability
EEAS · 2022–2023

+27% releases · -36% MTTR · -52% incidents

Senior PM — Cloud Security & Architecture. Cross-domain backbone consolidation across 12 networks / 267 devices.

  • iWAN / PAN under Zero Trust
  • 224 components → 91 retired, 116 integrated
  • US$1.4M savings · 99.999% availability
UN HQ · UN Secretariat / OICT · 2016–2019

99.98% active-active · RTO <4h / RPO 15 min

Senior IT Officer (Staff Member). 15 + 25 matrix reports. OPEX up to US$56M.

  • 42 networks / 469 devices unified
  • 120,000 users (95% workforce) reach
  • -35% audit findings within 1 year (ISO 27001 + SOC 2)
Groupe Société Générale (BRD) · 2011–2013

848-component portfolio · 39% Y1 savings (3yr)

IT Advisor / IT Security Head. Owned security and technology governance for regulated banking.

  • 408 assessed · 327 retired · 197 consolidated
  • 149 integrations standardised · US$1.9M savings
  • -45% unauthorised access incidents
Innovation Center · 2019–2022

CyberPro AI · 1,750+ hours saved

Section Head — Digital & AI. 39 experts directed; 25+ engineers / architects.

  • AI-driven threat correlation + automated response
  • +53% improvement on AI-enabled use cases
  • 601 assessed · 131 retired · 198 integrated · US$2.6M
Romania DPI · national-scale

ePassport · eVignette · eHealth · eCadastre · eNotar

Architecture authority on Romania's flagship sovereign digital public services. Citizen-facing platforms running at national scale.

  • Identity, e-Governance, mobility, health and land-registry DPI
  • Production-grade national rollouts under regulatory oversight
  • Plus DPI architecture advisory across 39 countries (Europe + worldwide)

Five capability domains

Banking & Financial Services
01 · Banking & financial services · domain

Regulated finance — core banking to payment resilience

Société Générale (BRD) — enterprise rationalisation. Core banking, payments under ISO 20022 / SEPA, SWIFT CSP, PCI DSS, DORA alignment.

  • 848-component portfolio governed at Société Générale (BRD)
  • 10M+ banking customers · enterprise digital channels
  • 39% year-1 savings sustained 3 years · -45% unauthorised-access incidents
  • DORA, EBA, ISO 22301, BCBS 239 alignment
Explore banking work →
DPI & Government
02 · DPI & government · domain

Sovereign digital services trusted by 39 countries

Romania flagship DPI: ePassport · eVignette · eHealth · eCadastre · eNotar. Architecture advisory across 39 countries. UN HQ, UN Secretariat, OICT, UNDP, EEAS, INTERPOL.

  • Romanian sovereign digital services — citizen-facing at national scale
  • 39-country DPI · cross-border identity & e-Governance
  • 120,000-user platforms · 95% workforce coverage (UN HQ)
  • Donor-funded and sovereign programmes under regulatory oversight
Explore DPI & government work →
Security & Defence
03 · Security & defence · domain

NATO Secret-cleared delivery in classified environments

NATO/NCIA Section Head. Zero Trust, C4ISR, governmental cloud, SIEM-ready telemetry. Air-gapped and hybrid-classified delivery across NATO and Innovation Center.

  • NATO Secret · issued Aug 2022
  • 12 + 24 matrix reports led at NCIA · 821 components rationalised
  • Secure integration, HSM/KMS, micro-segmentation
  • CyberPro AI: threat correlation + automated incident response
Explore defence work →
Strategy, Governance & Innovation
04 · Strategy, governance & innovation · capability

Decisions that hold under audit · innovation that survives oversight

Architecture authority, ICFR/COSO, ISO 27001, SOC 2. AI delivery and quantum strategy for sovereign and regulated environments. PoC → MVP → production under governed SDLC.

  • -35% audit findings within 1 year · 100% evidence completeness
  • ~33% audit cycle reduction · ~50% decision lead-time via ADRs
  • CyberPro: +53% improvement · 1,750+ hours saved
  • Quantum strategy advisory for Gulf sovereign engagements
Explore governance & innovation →
Architecture, Delivery & Operations
05 · Architecture, delivery & operations · capability

Target-state authority · delivery discipline · resilient backbone

Full lifecycle: strategy → architecture → delivery → operations. TOGAF, COBIT, SAFe, PRINCE2, ITIL. Active-active production tested in NATO, UN and banking environments.

  • ~50% decision lead-time reduction · TOGAF · COBIT discipline
  • +27% to +74% faster releases · -31% to -44% MTTR · 4.87/5 CSAT
  • 99.999% availability · Active-active 99.98% (RTO <4h / RPO 15 min, tested)
  • 214 networks / 496 active devices · 120+ retired · ~28 months ahead
Explore architecture & delivery →
In their own wordsAttributed to role and institution

What senior clients have said

Feedback from senior accountable officers at programmes where the evidence and outcomes are on the record.

"He gave us a defensible sovereign-cloud adoption pathway when our own teams were arguing in circles. We moved from theoretical debates to a sequenced roadmap that the supervisory board approved on first reading. The decision discipline is what stayed with us."

Director, National Digital Agency

Public sector — central government · 2024 · Sovereign cloud adoption framework

"We needed AI initiatives that could survive a model-risk committee and a regulator. Marius shaped a governed delivery model — PoC to production under SDLC, with audit evidence, lineage controls and explainability gates baked in. No theatre, just throughput."

Head of Group Technology Risk

Tier-1 European bank · 2024 · AI delivery governance framework

"For sovereign quantum strategy, we needed someone who could speak with our cryptography unit and our procurement board in the same week. He did both. The quantum-readiness plan we walked out with is the one we defended in front of national-security oversight."

Director, Sovereign Digital Strategy

Gulf government · 2025 · Quantum-safe migration & hyperscale advisory

"He brought IBM-grade architecture discipline to a sovereign DPI rollout that was on national news every other week. Citizen-facing, production-grade, no incidents at scale. The eGovernment estate he helped design is still our reference architecture today."

Director, National Digital Public Infrastructure

Romania · engagement 2011–2013 · ePassport & eID architecture

"What we wanted was an AI engine that would not blow up under audit. He led the architecture, governance and delivery of CyberPro — AI-driven threat correlation with traceable decisions. 1,750+ hours of analyst time recovered in year one. Real numbers, not slideware."

Programme Director, Innovation Center

Top-5 IT corporate · 2020 · CyberPro AI delivery

"On a large SAP programme where integration risk usually kills the timeline, his architecture discipline kept us inside the control envelope. Decision records, exception governance, evidence packs at every gate — the procurement board called it the cleanest evidence trail they had seen."

Programme Director, Enterprise ERP

Multinational enterprise · 2018 · SAP estate consolidation

Full reference letters and named referees available on request.

Career timeline12 institutional engagements · 1996 → Present · hover to see context

Where the work was done

Each role below opens its named projects on the dedicated Projects page. Hover or focus an entry to read the engagement context.

2024 – PresentPIR2-IT — CIO / CTO23 banks · AI · DLT · quantum · cybersecurityCIO / CTO for PIR2-IT — a 23-bank consortium advisory mandate covering AI delivery, distri… 2023 – 2024NATO / NCIA — Section Head821 components · US$3.9M · 99.999% availabilitySection Head — Content Collaboration at NATO/NCIA. Led 12 direct + 24 matrix reports. Rati… 2022 – 2023EEAS · Brussels — Senior PM+27% releases · -52% incidents · US$1.4MSenior PM — Cloud Security & Architecture at the EU External Action Service, Brussels.… 2019 – 2022Innovation Center — Section Head AI39 experts · CyberPro · 1,750+ hours savedSection Head — Digital & AI at Innovation Center. Led 39 experts, 25+ engineers/archit… 2016 – 2019UN HQ — Senior IT Officer99.98% active-active · RTO <4h · -35% auditSenior IT Officer (Staff Member) at UN HQ — UN Secretariat / OICT. Led 15 direct + 25 matrix report… 2015 – 2016NATO HQ / NCIA / CSU BRXNNHQ Coordinator · US$67M+ budgetNATO HQ / NCIA Coordinator — NNHQ Brussels. Coordinated the new NATO HQ build-out (US$67M+… 2011 – 2015Freelance — 8 framework contractsINTERPOL · ECB · UNDP · ENISA · eIDASFreelance consultant — 8 concurrent framework contracts covering INTERPOL, European Centra… 2008 – 2011IBM — EMEA CoE Defence & eGovePassport · eHealth · eJustice · National PKIIBM EMEA Centre of Excellence — Defence & eGovernment. Led Romania flagship sovereign… 2006 – 2008Motorola · Austin / Bucharest286 programmes · 96 PoCsMotorola — Technical Programme Manager, Austin (Texas) / Bucharest. Managed 286 concurrent… 2002 – 2006Alcatel · Paris / BucharestDefence/Security CoE · eGov · 21+ clientsAlcatel — Centre of Excellence Lead, Paris / Bucharest. Led Defence / Security CoE and eGo… 1996 – 2002Helinick · BucharestIT Director · biometric access controlIT Director at Helinick, Bucharest. Led the company's IT function from the ground up — bio… Cross-cutting39-country DPI advisorySovereign + donor-funded · NDA country list39-country cross-cutting advisory on sovereign and donor-funded Digital Public Infrastruct…
Context CIO / CTO for PIR2-IT — a 23-bank consortium advisory mandate covering AI delivery, distributed-ledger trust models, quantum strategy, cybersecurity governance and sensor-fusion architecture. Independent senior-architect authority across a multi-institution digital backbone.
View all 270+ projects → Full chronological bio →
Complete KPI landscapeSix domains · representative KPIs & deliverables

Measurable impact across six domains

Auto-scroll · prev / next →

Investment oversight, architecture governance, cybersecurity, delivery, cloud resilience and information governance. Each domain opens a dedicated page with representative KPIs, operational scope and typical deliverables.

Strategic & investment oversight

Scale, governance and institutional reach

  • OPEX up to US$110M / CAPEX up to US$42M (role-dependent)
  • 270+ projects · 76 large-scale mission-critical
  • Budgets US$10K–US$110M
  • ~20% annual cost optimisation through enterprise vendor agreements
  • 39% year-1 cost-saving programme sustained 3 years (banking)
Architecture & technology governance

Decision coherence and platform authority

  • Target-state architectures across network, integration, data, identity, security, observability
  • ~50% decision lead-time reduction through ADRs and clear decision rights
  • Hybrid cloud architectures across Azure / AWS / GCP
  • Reference architectures: Zero Trust, micro-segmentation, HSM/KMS
  • Exception governance and standards-based reuse
Cybersecurity, compliance & risk

Audit defensibility for high-trust environments

  • ISO 27001 + SOC 2 alignment delivering -35% audit findings within 1 year
  • 100% evidence completeness where measured · ~33% audit cycle reduction
  • NIST 800-53, PCI DSS, SWIFT CSP, GDPR — used across programmes
  • IAM / PAM with Azure AD / ADFS; HSM / KMS; secure logging standards
  • Zero Trust segmentation, micro-segmentation, secure-by-design SDLC
Program execution & delivery

Operational transformation at enterprise scale

  • Full lifecycle: strategy → architecture → delivery → cutover → operate → retire
  • +27% to +74% faster releases · -31% to -44% MTTR · -33% to -52% incidents
  • ~28 months aggregate ahead of plan; 4.87/5 client satisfaction (where measured)
  • SAFe / Agile + PRINCE2 / PMI + ITIL discipline
  • VoC loops driving CSAT +0.9 / NPS +12 YoY / -41% support tickets
Cloud, platforms & resilience

Digital backbone modernization

  • 99.999% availability across multiple programmes
  • Active-active resilience: 99.98% availability, RTO <4h / RPO 15 min (tested)
  • Network estate work: 214 networks / 496 active devices; 120+ devices retired
  • Landing-zone governance, observability, cost governance
  • Containers (Docker / Kubernetes / OpenShift), CI/CD, IaC (Terraform)
Data protection & innovation

Information governance with emerging technology

  • GDPR-aligned privacy-by-design and lifecycle controls
  • Enterprise DLP and eDiscovery readiness models
  • AI delivery PoC → MVP → production under governed SDLC
  • CyberPro: AI-driven threat correlation + automated incident response
  • Quantum-readiness framing for institutions that need a defensible plan

Advisory engagements

For high-trust regulated programmes that need architecture authority, traceable decisions, governance design, digital backbone consolidation, or audit-ready delivery under pressure.

Check availability → Read the full bio →

Recommendation letters and named references from NATO, UN, EU and banking engagements are available after a mutual NDA. Names not published — GDPR reasons.