Dubai, United Arab Emirates
Principal Enterprise and AI Infrastructure Architect with over 28 years of hands-on delivery across enterprise architecture, cybersecurity, cloud platforms, and large-scale AI and HPC infrastructure. Brings rare breadth across the full architecture stack — from board-level governance and TOGAF-grounded enterprise design, through cloud migration and DevSecOps, to bare-metal GPU infrastructure and sovereign AI platform architecture. Proven track record across defence, banking, telecoms, justice, and national AI infrastructure, with strong interpersonal, communication, negotiation, and stakeholder management skills that engage effectively from engineering teams to C-suite executives and government ministers. Entrepreneurial background includes creating start-ups, developing business plans, securing seed capital, and driving commercial strategy — giving well-rounded business acumen that complements deep technical depth. Deep expertise in security architecture: Secure-by-Design, Zero Trust, NIST SP 800-53 Rev.5, ISO 27001, Cloud Security Alliance, and US BIS export compliance (RTE 2.0). Actively developing specialisation in HPC and AI infrastructure for hyperscaler and sovereign AI engagements: GPU compute fabric architecture (InfiniBand NDR, RoCEv2, fat-tree and leaf-spine topologies), GPU collective communications (NCCL, RCCL, AllReduce, ZeRO), DPU/SmartNIC security (NVIDIA BlueField-3, DOCA SDK, IPsec microsegmentation, SPIFFE/SPIRE), and confidential computing (GB300 CC mode, remote attestation, hardware trust chains). Work ethic defined by enthusiasm, ownership, accountability, and adaptability. SC and NPPV3 cleared; British and French national based in Dubai.
This is my Limited company under which I run short term assignements when I am not on long term contracts. The company was created in 2002. - Business Development - Innovation - IT Consulting - Outsourcing - Web Development - Community platforms • Web Agency, CMS, Identity design, eCommerce, PHP, MySQL, Ajax, JavaScript, Xhtml, flash • Technology, in partnering with N2S Consulting Ltd, IT innovation and architecture. • Outsourcing, contractors supply in the UK and EU. www.telesteo.net
Provide IT consultancy services.
I provide CTO strategic advisory, governance guidance, enterprise standards and policies developments, architecture design, compliance assessments and security consultancy. Additionally, I participate in government bid responses for Official to Official Sensitive projects for NEC Digital’s various customers and business units based on specific Statement of Work (SoW). My efforts help the business transform and adapt to rapidly evolving technology while protecting its assets against cybersecurity threats. I introduce and drive the adoption of new toolsets (e.g., Splunk, Snyk.io) and implement new service management frameworks, ensuring these tools deliver demonstrable value for money. Furthermore, I collaborate with a team of analysts to develop a Generative Artificial Intelligence (GenAI) capability for NEC. This involves evaluating and costing various Large Language Models (LLMs), integrating them and exploring use cases (e.g., RFPs, Q&A, helpdesk). We also assess the relevance of their outputs, fine-tune them, and address security aspects, including data, ethics, governance, and deepfake detection.
i2N is a software development company producing Agile Opensource applications participating in the MoJ digital initiative refresh. i2N expressed the wish to gain the capability to sell complete Cloud based SaaS solutions (application & hosting infrastructure) to the MoJ. My role has been to help i2N assess their readiness and then transform to a Public Cloud player, develop accreditable architecture, infrastructure and process capabilities through designing Official and Official-Sensitive cloud based environments. Main deliverables include but are not limited to: • Bid proposals, architecture designs, technical expertise, ISMS, accreditation, ITHCs, governance, guidance, stakeholder & project management. • Provide a level of Information Assurance (IA) and security wrapper to ensure that the code development and the infrastructure designs follows NCSC guidelines and are CSP 14 compliant. Use of Multi-layered defence in depth designs and recommendations (IPS, deep inspection, protective monitoring) as well Infrastructure hardening, encryption (PKI/VPN/TLS). Working with developers on a CI/CD AWS migration to create a DevSecOps capabilities and secure code development. • Produce service-oriented architecture designs, HLDs and LLDs for new, migrated and changed components and capabilities. Perform the service migrations. • Designing and migrating customer public clouds to AWS (Amazon Web Services). • Migrated company’s operations to Azure public cloud and Office365 subscriptions, Exchange Hybrid, Azure AD, Office365 Groups, MDM, Intune, MFA, Microsoft Teams, Sharepoint Online, One Drive for Business etc… • Provide an element of 4th line engineering backup on Cloud systems, security appliances (ex: Palo Alto) and other complex systems when internal resources are not sufficient.
This is a continuation of the previous SC cleared contract with the MoJ with a new AWS cloud migration project for the YJB (Youth Justice Board). • The YJB, an MoJ arm’s length body committed a study to migrate their YJAF (Youth Justice Application Framework) from their UKcloud private hosting cloud to AWS public cloud following the new MoJ OneCloud guidelines, the desire to reduce cost and improve the platform service functionality. Their application was mostly hosted on silo virtual machines running as Java Virtual Machines. • I provided the AWS feasibility study, service mapping, a pre-architecture proposal with a few options for the client to consider though an overarching high-level design and migration path. • The project committed to a lift and shift scenario (functionalities) with a transformation initiative to move the existing Java virtual machines model to a microservice ECS EC2 hosted architecture and some improvement aspect regarding Security and Logging integration using AWS SaaS capabilities and Datadog. • Created from scratch the AWS target state architecture design and proposal, encompassing resources, network connectivity and security integration. • Produced HLDs, LLDs, Operational documents, Configuration Documents, return on investment assessments and cost projections. • Provisioned the initial AWS infrastructure acting as a pilot before we hired CircleCI DevOps to help on the infrastructure build. • We provisioned sandpit, development, engineering, preproduction and production environments in place of the original UKcloud 2 environment for half the overall costs (saving of around £1M). • Acting as principal architect overlooking most functionalities and security design and decisions and changes.
I was hired by Tesco to help assess and improve the security posture of over 300 applications and APIs for a business unit that had no clear view of the actuals and then continue with ongoing Governance and Information Assurance activities. • The initial discovery led to the creation of a new exhaustive cyber security assessment framework around information assurance, vulnerability management, design standards and security posture assessments. • The framework required a direct engagement and commitment from the management, the various business unit directors as well as the engineering teams. It was successfully implemented to the initial early adopters subset, providing excellent results in terms of process repeatability, ease of use and security posture improvement. This led to the Tesco directors asking for the Framework to be deployed globally to the full Colleagues, Finance and Property businesses at Tesco. • The framework assesses development and implementation output from the far left (pre-coding activities around design), through the code pipelines (github, Snyk, SonarQ etc..) to the infrastructure hosting and delivery of the application (AWS and Azure defender) as well as vulnerability management and aggregators such as Cisco Kenna.