Portfolio

Case studies in cloud, governance & security

Each project is framed the way it matters to a business: the problem, the tools, the architecture, what was built, and the value delivered.

Cloud Architecture

A hands-on Azure landing-zone style lab covering networking, identity, and governance baselines.

Problem: Organisations need a repeatable, governed starting point before scaling workloads onto Azure.
Architecture: Hub-and-spoke virtual network with segmented subnets, centralised logging, RBAC, and policy-as-code guardrails.
What was built: Provisioned a multi-subscription style landing zone, role assignments, network security groups, and baseline policies.
Business value: Demonstrates a secure, governed foundation that accelerates safe workload onboarding.

AzureBicepEntra IDAzure PolicyLog Analytics

Cloud Architecture

A multi-tier AWS reference architecture focused on resilience and least-privilege access.

Problem: Teams require a well-architected pattern that balances availability, cost, and security on AWS.
Architecture: Multi-AZ VPC with public/private subnets, load-balanced compute, IAM least-privilege roles, and centralised monitoring.
What was built: Built a deployable template for a resilient web tier, scoped IAM policies, and operational dashboards.
Business value: Provides a production-minded blueprint that maps directly to enterprise reliability goals.

AWSVPCEC2IAMCloudFormationCloudWatch

Governance

An enterprise-style governance handbook covering policies, naming, tagging, and cost controls.

Problem: Cloud sprawl without standards leads to security gaps, runaway cost, and audit pain.
Architecture: A structured governance framework: control catalogue, RACI, naming/tagging conventions, and review cadence.
What was built: Authored governance policies, decision records, and an onboarding checklist for new subscriptions.
Business value: Gives stakeholders a clear, auditable operating model for cloud at scale.

Confluence-style docsAzure PolicyTagging StandardsFinOps

ITSM

ITIL-aligned change and incident processes with approval gates and clear escalation paths.

Problem: Unstructured changes and incidents increase downtime and erode stakeholder trust.
Architecture: Defined workflows for change types, incident severities, approvals, and post-incident reviews.
What was built: Mapped end-to-end change and incident lifecycles with templates, SLAs, and communication plans.
Business value: Reduces risk and downtime while improving auditability and service quality.

ITIL 4ServiceNow-style flowsRunbooksCAB process

Security

A cloud security monitoring lab focused on detection, alerting, and compliance posture.

Problem: Cloud environments need continuous visibility to detect threats and prove compliance.
Architecture: Centralised log ingestion, detection rules, alert routing, and a compliance scoring dashboard.
What was built: Configured detection rules, severity-based alerts, and a posture report against CIS controls.
Business value: Improves mean-time-to-detect and gives leadership a clear security posture view.

Microsoft DefenderSentinel-style SIEMKQLCIS Benchmarks

Dissertation

MSc dissertation building a digital-twin simulator for THz integrated sensing and communication.

Problem: Next-generation THz ISAC systems require simulation before costly physical experimentation.
Architecture: A modular simulation pipeline modelling channel behaviour, sensing, and communication trade-offs.
What was built: Developed the simulator core, parameterised scenarios, and visual analytics of results.
Business value: Enables research-grade experimentation and links advanced engineering to applied cloud compute.

PythonSimulationSignal ProcessingData Visualisation