Contact details
LinkedIn: https://www.linkedin.com/in/drizzlyowl/
GitHub: https://github.com/drizzlyowl/
Location: Bradford, UK
Summary
Platform engineer and technical leader with deep expertise in cloud infrastructure, Infrastructure as Code, and DevOps practices across Azure and AWS. Currently providing technical direction for a Cloud Centre of Excellence managing an enterprise Azure estate of 39 subscriptions across a dual-region hub-spoke topology (~£50k/month cloud spend). Experienced in driving platform transformation — from legacy Terraform remediation and CI/CD standardisation to governance, security, and observability at scale. Strong public sector background with a consistent record of delivering secure, high-availability platforms for critical services.
Certifications
- HashiCorp Terraform Associate
- Microsoft Azure Fundamentals (AZ-900)
Work Experience
British Business Bank – Cloud Centre of Excellence
August 2025 – Present | Tech Lead from March 2026
Embedded within a three-person Cloud Centre of Excellence team as the primary technical authority and Azure SME, reporting into a wider Technical and Security Engineering function. Recognised across the organisation as the subject matter expert for Azure, regularly consulted by other business areas on cloud infrastructure decisions.
- Own architectural decision-making for cloud infrastructure across an estate of 39 Azure subscriptions spanning two UK regions in a mirrored hub-spoke topology (~£50k/month cloud spend, at least 21 production environments).
- Host CCOE daily standups and facilitate backlog grooming sessions with senior technical leaders across the wider organisation to align on priorities and initiatives.
- Led a comprehensive Terraform codebase transformation: remediated config drift between non-production and production environments, imported ClickOps-provisioned resources into state, and rewrote poorly structured legacy code across approximately 15 subscriptions to improve maintainability and consistency.
- Introduced standardised shared CI/CD workflows via Azure DevOps Pipelines across the CCOE, replacing inconsistent per-repo pipelines that relied on deprecated Visual Studio Marketplace extensions and lacked robust production deployment controls.
- Designed and deployed a comprehensive Monitoring Landing Zone covering all 39 subscriptions, including geo-redundant Log Analytics Workspaces, Data Collection Rules (DCRs), Data Collection Endpoints (DCEs), alert rules (Active Directory, NPS, database deadlocks/CPU/DTU, VM CPU/disk/memory, activity log events for AUM failures and VNet peering), severity-scoped Action Groups, and cold storage log export.
- Authored custom Azure Policy definitions and initiatives to configure Diagnostic Settings across key resource types, feeding into the platform Log Analytics Workspace.
- Led the introduction of Private Endpoints across the hub-spoke topology and improved split-horizon DNS resolution by distributing private DNS zones across both UK regions.
- Driving cost optimisation through VM right-sizing, ongoing Azure Cost Management and Cost Analysis, and establishing budget alerts for tier 1 workloads to notify service owners.
- Produced architecture documentation and network topology diagrams in Visio for greenfield and brownfield project work.
- Participated in incident bridge calls and post-mortems; authored best practice configuration baseline guidance for engineering teams.
Department for Education – Regional Services Division
December 2022 – August 2025
Served as the sole DevOps engineer for the Regional Services Division programme for approximately two years, embedded in the cross-cutting technical team and working directly with lead developers across multiple delivery teams.
- Managed approximately 10 containerised workloads, each identically deployed across Dev, Test, and Production environments using Azure Container Apps.
- Designed and maintained CI/CD pipelines using GitHub Actions: building and signing Docker images, publishing to GitHub Container Registry, and triggering ACR pull tasks into a private Azure Container Registry before restarting the Container App against the new image tag.
- Maintained the highest Defender for Cloud Secure Score across DfE subscriptions; the team’s infrastructure was recognised as the gold standard for workload deployments across the department.
- Published reusable Terraform modules that promoted cross-team collaboration and consistent infrastructure patterns across the division.
- Identified and decommissioned legacy Azure resources, delivering approximately £20,000 in annual cost savings.
- Implemented secure-by-design principles throughout, with strong familiarity with Azure Well-Architected Framework guidance.
- Worked with Azure Container Apps, Container Instances, and Container Jobs; implemented infrastructure and application monitoring, logging, and diagnostics using Azure Monitor and Application Insights.
Great Ormond Street Hospital
Short engagement
- Established foundational AWS infrastructure for a greenfield project, focusing on account vending and identity management using AWS Control Tower.
- Built initial deployment pipelines using GitLab CI.
dxw internal platform – Dalmatian
Ongoing, alongside client engagements
- Contributed to dxw’s internal containerised AWS hosting platform, built on ECS, EC2, Aurora RDS, and PostgreSQL RDS, with CloudFront, CloudWatch, Secrets Manager, and WAF — all deployed via bootstrappable Terraform.
- Contributed features to dalmatian-tools, an internal bash CLI enabling developers to trigger deployments via CodeDeploy, initiate Session Manager shell sessions on EC2 instances, and manage WAF IP allowlists.
- Provided out-of-hours on-call support as 1st-line triage and 2nd-line escalation for the hosted platform.
Mixd
November 2015 – October 2022
Lead Technical Architect (April 2021 – October 2022)
- Designed, provisioned, and maintained robust and highly available web hosting solutions for clients using Rackspace OpenStack.
- Automated infrastructure provisioning and configuration management using Ansible and Heat Orchestration templates.
- Responsible for the stability and security of critical public service websites, including NHS Intranets, NHS Trust and CCG websites, North West Ambulance Service, and North Yorkshire Police.
- Engaged with stakeholders to present hosting architecture and ensure alignment with client requirements.
Previous roles: Senior Developer (2018 – 2021), Web Developer (2015 – 2018) Progressed from web development into infrastructure and technical architecture, building a foundation in Linux administration, server management, and performance optimisation.
Skills
- Cloud Platforms
- Microsoft Azure, Amazon Web Services (AWS), Rackspace OpenStack
- Infrastructure as Code
- Terraform (HashiCorp Certified), Ansible, Heat Orchestration
- CI/CD
- Azure DevOps Pipelines, GitHub Actions, GitLab CI
- Containers & Compute
- Azure Container Apps, Container Instances, Container Jobs,
- AWS ECS, EC2, Docker
- Networking
- Hub-spoke architecture, VNet peering, Private Endpoints, Private DNS zones,
- Azure Firewall, NSGs, VPN Gateway, ExpressRoute, AWS VPCs
- Monitoring & Observability
- Azure Monitor, Log Analytics Workspaces, DCRs/DCEs, Application Insights,
- AWS CloudWatch
- Security & Governance
- Azure Policy (custom definitions and initiatives), Checkov, tfsec,
- Microsoft Defender for Cloud, Managed Identities, Entra ID RBAC
- Data & Storage
- Aurora RDS, PostgreSQL RDS, Azure SQL
- Developer Tooling
- Bash scripting, AWS Secrets Manager, CloudFront, WAF
- Soft Skills
- Technical leadership, architectural decision-making, stakeholder engagement, backlog management, incident response, documentation