- Bachelor of Computing Systems (BCS)
- Certificate in Architectural Draughting (CAD)
Summary
Highly accomplished IT professional with almost 30 years of experience designing, implementing, & managing secure, scalable enterprise solutions. Proven track record in optimising infrastructure, cloud, & modern workplace environments to enhance operational efficiency & security. Adept at leading cross-functional teams, driving digital transformation, & enhancing security & resilience through well-architected modern technology solutions. Strong expertise in cloud migrations, modern workplace, emerging AI solutions, IT security, & governance, with additional strengths in strategic planning, stakeholder engagement, & both business & technical analysis.
Work History
Oct/2017Present
Senior Technical Lead – Infrastructure & Architecture
Loyalty New Zealand
- Led the oversight, technical delivery, maintenance, & monitoring of Loyalty NZ’s ICT infrastructure to ensure seamless operations & alignment with organisational objectives. Led enterprise architecture & strategic planning initiatives to align technology with business goals.
- Led the architectural design & technical implementation for multiple & key migrations, including Datacenter to VMware on AWS production migration (completed March 2022) & VMware on AWS to full AWS production migration (completed November 2024).
- Researched & championed Microsoft 365 Copilot, Viva, Power Platform, Azure & OpenAI, crafting business cases & user stories that underpinned an AI-driven modern-workplace stack.
- Architected and implemented Zscaler ZIA, ZPA, and ZDX solutions to secure remote access and improve user browsing security and network performance across enterprise environments.
- Engaged cross-functional stakeholders to capture requirements & define ICT & AI strategic goals, aligning outcomes with Loyalty NZ’s business roadmap.
- Designed & deployed multiple Modern Workspace solutions, OS upgrades & initiatives across Mac & Windows platforms using Intune, Autopilot, Workspace ONE, Jamf, & other MDM tools. Extensive experience delivering modern workspace solutions through Horizon View & Microsoft AVD VDI deployments.
- Delivered SharePoint, exchange & other Workplace, legacy-to-modern migrations infused with AI-powered governance & productivity features. gathering user requirements & ensuring minimal disruption.
- Extensive experience with Microsoft 365, including Defender, Exchange Online, SharePoint, Teams etc, ensuring secure & efficient collaboration. Skilled in Azure SSO implementation using SAML & OAuth.
- Collaborated with Dev & DevOps teams using Docker, Kubernetes (EKS) CI/CD Pipelines, using Github & Agile frameworks including Jira & other Atlassian apps.
- Collaborated with the Chief Security Manager to architect & implement technical security solutions, aligning with the organisation's security strategy. Translated security & data-governance strategy into scalable solutions (Defender, Purview, AI-assisted threat analytics) through impact analysis & stakeholder collaboration.
- Designed, implemented, & configured multiple enterprise security solutions, including Zscaler, email filtering, anti-phishing, antivirus/malware, EDR, & application control (via Threatlocker). Managed DMARC, SPF, & DKIM to enhance email security & prevent spoofing.
- Worked in partnership with internal teams, managed service providers, & security risk managers to scope projects, review proposals & statements of work, ensure compliance with security standards, challenge inefficiencies in upgrades or implementations, & efficiently minimise business risks.
Dec/2016Oct/2017
Architect
Ministry of Education
- Provided architectural direction, design, & documentation for the ESTI programme, enabling shared hybrid infrastructure & ICT services for sector organisations & Ministry of Education business groups.
- Created Solution Architecture Descriptions (SADs) & associated documentation to support the onboarding of Education Sector agencies to the ESTI platform.
- Conducted analysis & requirements gathering to facilitate datacenter migrations & onboarding processes for sector agencies.
- Developed conceptual migration methods for sector agency datacenters, translating logical designs into actionable technical processes & producing detailed designs for implementation.
- Designed solutions & produced documentation for on-premise & Azure toolsets, including Identity Management, Privileged Access Management (PIM), Advanced Threat Analytics (ATA), Security Information Event Management (SIEM), & Operations Management Suite (OMS).
- Prepared cost estimates, business case documentation, installation guides, run procedure manuals, testing plans, & scripts to ensure service readiness for various cloud-based & on-premise tools & services under the ESTI platform.
- Operated within highly regulated sectors, with experience aligning solutions to compliance and security requirements similar to those in financial services
Jul/2016 Dec/2016
Solution Architect / Technical Lead
Ministry of Education
- Development & documentation of the Solution Architecture Description (SAD) & associated detailed design for the re-platforming project.
- Comprehensive technical design covering both front-end IIS/UI components & back-end SQL systems, ensuring seamless integration with Ministry student applications & other systems.
- Leadership of the technical implementation team, providing direction to align with Ministry infrastructure, processes, & security requirements.
- Oversight of external vendors managing elements of Ministry infrastructure, including collaboration with Datacom & F5 on relevant solution design aspects.
- Coordination & support for solution penetration testing in conjunction with internal & external security teams, identifying risks, controls, & implementing mitigations where necessary.
- Steering the project through Certification & Accreditation (C&A), including risk assessments related to security/privacy management; guiding one application into production as an interim Project Manager.
Jun/2013 Jul/2016
Senior Systems Administrator
Dimension Data
- Led the design, build, maintenance, support, & documentation of the Ministry of Education's IT infrastructure across two Datacom-managed data centres, Kapua (Production) & Orbit (DR & Pre-Production), encompassing over 100 physical servers over 2000 virtual servers, appliances, & desktops.
- Contributed as a technical resource for an award-winning server migration project from Wellington to Kapua & Orbit data centres.
- Played a key role in the development & implementation of New Zealand's first two-way Disaster Recovery capability between Kapua & Orbit using VMware SRM.
- Served as architect & technical lead on the Airwatch MDM project for Special Education mobile users, including the design, deployment, maintenance, support, & documentation of an on-premise VDI solution.
- Oversaw multiple VMware-related initiatives such as ESX host cluster design/management, vSAN sizing/configuration/maintenance, VM capacity planning via vRealize, & Horizon View Desktop Services infrastructure with AppVolumes/User Environment Manager.
- Collaborated in F5 solution design with Datacom for load balancing (GTM/ASM/LTM), while providing expert guidance on diverse projects like datacenter relocations, building transitions & DR failover testing processes.
Nov/2008 Jun/2013
Senior Infrastructure Specialist
NZTA
- Managed the design & implementation of IT infrastructure for key projects, including Johnston’s Hill, Victoria Park, & Waterview Tunnels.
- Designed, built, administered, & supported VMware ESX host & guest server clusters to ensure reliable operation.
- Played a pivotal technical role in constructing a scalable video wall system within the new traffic management center.
- Developed change management processes & designed workflows to enhance operational efficiency.
- Administered network security protocols, including patching, firewall configuration, & backup/restoration systems using Commvault.
- Oversaw Hitachi SAN administration, Brocade fiber switching for redundancy & zoning, as well as IBM Blade/XSeries server hardware support.