Download PDF

Matthew Jones

AI & ICT Strategy and Technology Consultant | Cloud & Security Architect | Modern Workplace Specialist and Technical Lead

Summary

Highly accomplished IT professional with almost 30 years of experience designing, implementing, & managing secure, scalable enterprise solutions. Proven track record in optimising infrastructure, cloud, & modern workplace environments to enhance operational efficiency & security. Adept at leading cross-functional teams, driving digital transformation, & enhancing security & resilience through well-architected modern technology solutions. Strong expertise in cloud migrations, modern workplace, emerging AI solutions, IT security, & governance, with additional strengths in strategic planning, stakeholder engagement, & both business & technical analysis.

Work History

Oct/2017Present

Senior Technical Lead – Infrastructure & Architecture

Loyalty New Zealand
  • Led the oversight, technical delivery, maintenance, & monitoring of Loyalty NZ’s ICT infrastructure to ensure seamless operations & alignment with organisational objectives. Led enterprise architecture & strategic planning initiatives to align technology with business goals.
  • Led the architectural design & technical implementation for multiple & key  migrations, including Datacenter to VMware on AWS production migration (completed March 2022) & VMware on AWS to full AWS production migration (completed November 2024).
  • Researched & championed Microsoft 365 Copilot, Viva, Power Platform, Azure & OpenAI, crafting business cases & user stories that underpinned an AI-driven modern-workplace stack.
  • Architected and implemented Zscaler ZIA, ZPA, and ZDX solutions to secure remote access and improve user browsing security and network performance across enterprise environments.
  • Engaged cross-functional stakeholders to capture requirements & define ICT & AI strategic goals, aligning outcomes with Loyalty NZ’s business roadmap.
  • Designed & deployed multiple Modern Workspace solutions, OS upgrades & initiatives across Mac & Windows platforms using Intune, Autopilot, Workspace ONE, Jamf, & other MDM tools. Extensive experience delivering modern workspace solutions through Horizon View & Microsoft AVD VDI deployments.
  • Delivered SharePoint, exchange & other Workplace, legacy-to-modern migrations infused with AI-powered governance & productivity features.  gathering user requirements & ensuring minimal disruption.
  • Extensive experience with Microsoft 365, including Defender, Exchange Online, SharePoint, Teams etc, ensuring secure & efficient collaboration. Skilled in Azure SSO implementation using SAML & OAuth.
  • Collaborated with Dev & DevOps teams using Docker, Kubernetes (EKS) CI/CD Pipelines, using Github & Agile frameworks including Jira & other Atlassian apps. 
  • Collaborated with the Chief Security Manager to architect & implement technical security solutions, aligning with the organisation's security strategy. Translated security & data-governance strategy into scalable solutions (Defender, Purview, AI-assisted threat analytics) through impact analysis & stakeholder collaboration.
  • Designed, implemented, & configured multiple enterprise security solutions, including Zscaler, email filtering, anti-phishing, antivirus/malware, EDR, & application control (via Threatlocker). Managed DMARC, SPF, & DKIM to enhance email security & prevent spoofing.
  • Worked in partnership with internal teams, managed service providers, & security risk managers to scope projects, review proposals & statements of work, ensure compliance with security standards, challenge inefficiencies in upgrades or implementations, & efficiently minimise business risks.
Dec/2016Oct/2017

Architect

Ministry of Education
  • Provided architectural direction, design, & documentation for the ESTI programme, enabling shared hybrid infrastructure & ICT services for sector organisations & Ministry of Education business groups.
  • Created Solution Architecture Descriptions (SADs) & associated documentation to support the onboarding of Education Sector agencies to the ESTI platform.
  • Conducted analysis & requirements gathering to facilitate datacenter migrations & onboarding processes for sector agencies.
  • Developed conceptual migration methods for sector agency datacenters, translating logical designs into actionable technical processes & producing detailed designs for implementation.
  • Designed solutions & produced documentation for on-premise & Azure toolsets, including Identity Management, Privileged Access Management (PIM), Advanced Threat Analytics (ATA), Security Information Event Management (SIEM), & Operations Management Suite (OMS).
  • Prepared cost estimates, business case documentation, installation guides, run procedure manuals, testing plans, & scripts to ensure service readiness for various cloud-based & on-premise tools & services under the ESTI platform.
  • Operated within highly regulated sectors, with experience aligning solutions to compliance and security requirements similar to those in financial services
Jul/2016 Dec/2016

Solution Architect / Technical Lead

Ministry of Education
  • Development & documentation of the Solution Architecture Description (SAD) & associated detailed design for the re-platforming project.
  • Comprehensive technical design covering both front-end IIS/UI components & back-end SQL systems, ensuring seamless integration with Ministry student applications & other systems.
  • Leadership of the technical implementation team, providing direction to align with Ministry infrastructure, processes, & security requirements.
  • Oversight of external vendors managing elements of Ministry infrastructure, including collaboration with Datacom & F5 on relevant solution design aspects.
  • Coordination & support for solution penetration testing in conjunction with internal & external security teams, identifying risks, controls, & implementing mitigations where necessary.
  • Steering the project through Certification & Accreditation (C&A), including risk assessments related to security/privacy management; guiding one application into production as an interim Project Manager.
Jun/2013 Jul/2016

Senior Systems Administrator

Dimension Data
  • Led the design, build, maintenance, support, & documentation of the Ministry of Education's IT infrastructure across two Datacom-managed data centres, Kapua (Production) & Orbit (DR & Pre-Production), encompassing over 100 physical servers over 2000 virtual servers, appliances, & desktops.
  • Contributed as a technical resource for an award-winning server migration project from Wellington to Kapua & Orbit data centres.
  • Played a key role in the development & implementation of New Zealand's first two-way Disaster Recovery capability between Kapua & Orbit using VMware SRM.
  • Served as architect & technical lead on the Airwatch MDM project for Special Education mobile users, including the design, deployment, maintenance, support, & documentation of an on-premise VDI solution.
  • Oversaw multiple VMware-related initiatives such as ESX host cluster design/management, vSAN sizing/configuration/maintenance, VM capacity planning via vRealize, & Horizon View Desktop Services infrastructure with AppVolumes/User Environment Manager.
  • Collaborated in F5 solution design with Datacom for load balancing (GTM/ASM/LTM), while providing expert guidance on diverse projects like datacenter relocations, building transitions & DR failover testing processes.
Nov/2008 Jun/2013

Senior Infrastructure Specialist

NZTA
  • Managed the design & implementation of IT infrastructure for key projects, including Johnston’s Hill, Victoria Park, & Waterview Tunnels.
  • Designed, built, administered, & supported VMware ESX host & guest server clusters to ensure reliable operation.
  • Played a pivotal technical role in constructing a scalable video wall system within the new traffic management center.
  • Developed change management processes & designed workflows to enhance operational efficiency.
  • Administered network security protocols, including patching, firewall configuration, & backup/restoration systems using Commvault.
  • Oversaw Hitachi SAN administration, Brocade fiber switching for redundancy & zoning, as well as IBM Blade/XSeries server hardware support.