Target-state architecture authority across network, integration, data, identity, security and observability. Most recent measured outcome: ~50% decision lead-time reduction through ADR and exception governance on multi-year programmes.
Architect of record for transformation programmes that need a defensible target-state, reusable reference patterns and ADR-based governance. TOGAF + COBIT applied across business, application, data and technology domains.
UN HQ (2016–2019) — institutional architecture for 120,000-user estate, hybrid cloud (Azure + AWS), inter-agency harmonisation. Société Générale (BRD) — 848-component enterprise architecture, ICFR / COSO control alignment. IBM EMEA CoE — 28+ migration projects, TOGAF discipline across capability and interoperability requirements.
Four offers recur on architecture mandates.
Methods are scoped, not decorative. Each mandate runs against a defined framework stack so decisions remain defensible to internal audit, external supervisors and donors.
Capability map, reference architecture, ADRs and exception governance. The institution gets a target-state that survives leadership change.
Reusable reference patterns: designed once, governed centrally, replicated across the portfolio.
Domain-by-domain operating-model alignment instead of project-by-project fragmentation.
Integration architecture across regulated and classified contexts. API gateways, iPaaS, event-driven patterns, secure cross-domain.
Standard artefact set on an architecture mandate.
Architecture earns authority when its decisions are recorded, defensible and reused — not when its diagrams are pretty. Target-state, ADRs and reference patterns are how an institution keeps coherence after the architect leaves.
Engagements filtered by primary domain from the full 270+ project record. Full detail and NDA-gated evidence packs available on request.
Migrated all NATO content-collaboration systems to hybrid cloud. Immutable / audit-ready versioning patterns. PAM/IAM, SIEM/SOAR and GRC platforms integrated with satellite and terrestrial networks for mission-critical environments.
Key activities
Frameworks: NIST 800-53 · ISO 27001 · PCI DSS · NCA ECC · Hybrid-cloud reference architecture
—
Disaster Recovery Centre design and implementation for EEAS critical mission systems. RTO / RPO definition, failover testing and continuity evidence.
Frameworks: ISO 22301 · ISO 27031 · NIST CSF
—
Cloud-security and architecture programmes across AWS, Azure and GCP. Apps migration combined with containerisation, serverless and hybrid-cloud patterns for scalability, automation and operational resilience.
Frameworks: AWS Well-Architected · Azure CAF · GCP Cloud Adoption · DevSecOps · ITIL v3 · ISO 27001
—
Containerised workloads (Docker, Kubernetes, OpenShift) with DevSecOps pipelines (Jenkins, GitLab CI/CD, HashiCorp Vault) enforcing security-as-code across IBM Innovation Center delivery.
Frameworks: DevSecOps · CIS Kubernetes Benchmark · OWASP · ISO 27001 · NIST 800-53
—
Deployment of Microsoft 365 E5 Security Suite across UN workforce — DLP, MFA, Intune MDM, Conditional Access — supporting the global cybersecurity and digital-workplace transformation.
Frameworks: Microsoft Zero Trust · ISO 27001 · NIST 800-53 · GDPR
—
Oracle E-Business Suite R12 upgrade across UN estate with tokenisation and database encryption embedded, aligning ERP security to PCI DSS-grade controls.
Frameworks: PCI DSS · ISO 27001 · NIST 800-53
—
Active-active data-centre architecture with automated failover using VMware SRM and Azure Site Recovery. Tested results: 99.98% availability, RTO < 4h, RPO 15 min.
Frameworks: ISO 22301 · ISO 27031 · NIST CSF
99.98% availability · RTO < 4h · RPO 15 min (tested)
Designed and executed first disaster-recovery centre fail-over. Successful DR plan and business continuity plan. Led server virtualization effort — virtualized 90% of systems infrastructure. AIS audits and system accreditation for classified systems.
—
Led from business case through Go Live: new IBM Data-Center (~8000 m², 99.995%/year). Defined and implemented business and operational processes. Service Catalogue, Budget management, SLA monitoring. Service-provider processes for PaaS, AaaS, SaaS, IaaS (cloud private, hybrid, public). ISO 27001/27002 risk assessment. PCI-DSS & ISO 2700x certification support.
SD consolidation: 45 small SD → 1 central · €500K/year saving
Assessed >3,000 legacy applications, consolidated 839. Defined Motorola Cybersecurity policy and standards (zero-trust concept). Redesigned Internet Access Point and network topology (firmware rules, VPNs, router security, SSL). Established Center for Secure Information Systems (CSIS). Implemented Motorola's first internal/external cybersecurity audit and compliance program.
—
Implemented Oracle PeopleSoft (HRMS, Financial Management Solutions, SCM, CRM, Enterprise Performance Management) and Oracle ESB at organisational level.
US$45M budget executed
Led CMM/CMMI software process improvement programme — achieved Level III. Set up local Motorola PMO (120+ resources) aligned with Freescale's PMO framework. Lean Six Sigma process improvement.
US$2.93M IT savings · 9.88% below budget
Croatia Ministry of Transportation — Ucka Tunnel modernization of integrated electronic safety system.
>€1M
New data centre (Tier 3), cyber security, business continuity and disaster-recovery data centre.
>€250K
Security systems, warehouse management system, SCADA, Building Automation System, HVAC.
—
Security systems, warehouse management system, Building Automation System.
—
Showing 16 of 18 relevant projects · View all on Projects page →
