
[{"content":" I help organisations achieve 99%+ availability and ISO security certifications through structured DevOps expertise. I\u0026rsquo;ve spent 10 years in the software industry, including 5+ years in dedicated DevOps roles, building scalable infrastructure, leading platform engineering teams, and helping organisations achieve security certifications. Based in London, I currently work as a DevOps Manager.\n5+ Years DevOps ISO 27001 ICAgile Certified Azure AWS Kubernetes Docker Terraform CI/CD Experience # DevOps Manager Oct 2022 - Present Lumanity Provisioned and deployed new cloud-native applications across Azure, AWS, and Cloudflare within days, maintaining high availability at scale Mentored a skilled team of Platform and Systems Engineers, driving technical growth and delivery excellence Delivered Terraform-based Infrastructure as Code across multi-cloud environments, enabling repeatable zero-downtime deployments Hardened CI/CD pipelines with automated security gates and vulnerability remediation workflows, eliminating all high-severity findings before customer release Led the organisation to ISO 27001 certification, coordinating application security testing, standardising code review practices, and enforcing unit testing and static code analysis Drove ISO 42001 AI governance initiatives, establishing responsible AI deployment frameworks and policies across the organisation Leveraged Azure AI Foundry and AWS Bedrock to design and deliver AI-integrated platform solutions DevOps Engineer May 2020 - Oct 2022 Innovative Edge Migrated applications from on-premises to cloud-native infrastructure, improving availability from under 95% to over 99% and significantly reducing operational overhead Built CI/CD pipelines using Azure DevOps and GitHub with integrated SonarQube analysis, reducing issue discovery and turnaround time from months to minutes Deployed containerised, scalable microservice workloads using Docker and Kubernetes Secured the identity perimeter with Azure Entra ID, implementing MFA with conditional access, SAML SSO, Self-Service Password Reset, and Privileged Identity Management Led cross-business adoption of Agile working practices, improving delivery cadence and team alignment DevOps Engineer Aug 2018 - May 2020 IRIS Software Group Joined a Release Engineering team building CI/CD tooling that supported software delivery across multiple product lines Automated business processes and complex deployments using PowerShell and Ansible, reducing human error frequency and enabling consistent releases Applied Git, Azure DevOps, and unit testing best practices throughout the development lifecycle, raising code quality standards across the team Developed C# solutions using MVVM, WPF, and object-oriented design, bridging developer and operations responsibilities Worked in an Agile methodology, collaborating with scrum master and stakeholders to ensure smooth processes and releases Analyst Programmer Jun 2016 - Jul 2018 Gentrack UK Collaborated closely with client stakeholders in an on-site delivery model, building strong cross-functional communication skills across technical and business teams Contributed across the full software development lifecycle from design through implementation and testing, establishing a rigorous foundation in delivery quality Enforced code review, automated testing, and version control standards, developing early quality engineering habits Worked to Agile Scrum methodologies to improve turnaround time of client issues and enhancements Education # BSc (Hons) in Mathematics \u0026amp; Physics 2013 - 2016 Royal Holloway, University of London Foundation in analytical thinking and problem-solving that I continue to apply to the complex architecture and optimisation challenges I face in my day-to-day. Core Competencies # Leadership \u0026amp; Management # Team Leadership Cross-functional Communication Agile Methodologies Mentorship Cloud \u0026amp; Infrastructure # Azure AWS Kubernetes Terraform CloudFlare Docker Development \u0026amp; Automation # CI/CD C# PowerShell SQL Process Automation Certifications \u0026amp; Compliance # Security \u0026amp; Compliance ICAgile Certified ISO 27001 ISO 42001 Technical Proficiencies # Cloud/Infra Tools Azure AWS AI GitHub Cloudflare Terraform Docker Kubernetes PowerShell SQL Helm C# SonarQube Office 365 Linux WSL Postman Azure DevOps Azure AD/Entra ID Kubernetes Service Blob Storage Functions Logic Apps Networking AI Foundry EC2 Route 53 S3 Amplify Bedrock MCP Claude Code Cline Azure AI Foundry AWS Bedrock Google Gemini/Vertex AI ","date":"23 February 2025","externalUrl":null,"permalink":"/about/","section":"Shivan Malde","summary":"","title":"About","type":"page"},{"content":" I help organisations achieve 99%+ availability and ISO security certifications through structured DevOps expertise, without disrupting your team.\nSpecialising in Azure, AWS, Kubernetes, Terraform, and CI/CD pipelines, with a security-first approach.\nView My Services How I Work # Security \u0026amp; Compliance\nLed teams to achieve ISO 27001 and ISO 42001 certifications. Infrastructure designed with security at the foundation, not as an afterthought.\nAsync-First Delivery\nYou get daily progress updates, video walkthroughs, and detailed documentation. Work proceeds on your timeline without interruption.\nProduction-Ready Code\nEvery project delivers Terraform modules, CI/CD pipelines, and comprehensive documentation your team can actually maintain.\nReady to Fix Your Infrastructure? # I work with organisations who need DevOps expertise but don\u0026rsquo;t need - or can\u0026rsquo;t justify - a full-time hire. Projects proceed on a structured sprint basis with full documentation and knowledge transfer.\nView My Services ","date":"23 February 2025","externalUrl":null,"permalink":"/","section":"Shivan Malde","summary":"","title":"Shivan Malde","type":"page"},{"content":" DevOps consulting for organisations that need infrastructure expertise without a full-time hire. Specialising in Infrastructure as Code, Enterprise-scale CI/CD, and AI-Enablement, delivered asynchronously through structured sprints with full documentation.\nLet\u0026rsquo;s discuss your infrastructure needs and create a roadmap to production-ready systems. No billable implementation without discovery. Every engagement starts with a thorough technical assessment. Contact Me Assessment Services # Short, fixed-scope engagements that give you a clear picture of where you stand and a prioritised roadmap, without committing to a full implementation project.\nFixed Scope ISO 27001 Readiness Assessment Know exactly where you stand before the auditors arrive\nI conduct a structured gap analysis of your current controls against ISO 27001 Annex A and deliver a prioritised roadmap your team can act on immediately.\nKey Deliverables:\nCurrent controls assessment against ISO 27001 Annex A Risk register baseline Prioritised remediation roadmap Auditor-ready gap report Ideal For: SaaS companies preparing for ISO 27001 Stage 1 audit or pursuing certification for the first time\nFixed Scope DevOps Platform Health Check Find out what\u0026#39;s holding your team back before investing in a fix\nI audit your existing pipelines, infrastructure, and deployment processes and score them against best-practice benchmarks.\nKey Deliverables:\nCI/CD pipeline \u0026amp; branching strategy review IaC state \u0026amp; drift assessment Secrets management \u0026amp; security posture review Scored report with prioritised recommendations Ideal For: Teams who want to understand their infrastructure gaps before committing to a larger engagement\nFixed Scope AI Governance Assessment Prove your AI tooling is safe, auditable, and under control\nI review your engineering team\u0026rsquo;s AI tool usage against ISO 42001 controls and deliver the policy documentation to satisfy stakeholders and certifiers.\nKey Deliverables:\nAI tooling inventory \u0026amp; data risk review Policy pack: acceptable use, data classification, incident response ISO 42001 control gap analysis Auditor-ready documentation Ideal For: Engineering teams using AI coding tools who need board-level confidence or audit readiness\nImplementation Services # Longer engagements for teams ready to act on their gaps. Every implementation project begins with a scoping sprint before any production code is written.\nDiscovery Included CI/CD Pipeline Architecture Stop crossing your fingers every time you deploy\nI design pipelines that integrate security, testing, and deployment logic into a single source of truth.\nKey Deliverables:\nSDLC Audit \u0026amp; Branching Strategy Automated Security Scanning Production Promotion \u0026amp; Rollback Logic Self-service deployment capabilities Ideal For: Teams shipping frequently who need confidence in their releases\nDiscovery Included IaC Migration \u0026amp; Hardening Prove your infrastructure is in a known state - to auditors and yourself\nI migrate your legacy cloud footprint to versioned, modular Terraform or OpenTofu code.\nKey Deliverables:\nCloud Asset Inventory \u0026amp; Drift Analysis Modular Multi-Environment Design Automated State Management \u0026amp; Recovery Policy-as-Code guardrails Ideal For: Teams with manual infrastructure processes or compliance requirements\nDiscovery Included AI Development Infrastructure Adopt AI coding tools without introducing security or compliance risk\nI design and implement the infrastructure, guardrails, and processes that let your engineering team use AI tooling safely; with the audit trail to prove it to stakeholders and certifiers.\nKey Deliverables:\nAI tooling deployment and configuration (Claude Code, OpenCode, or equivalent) Cloud-based model infrastructure on Azure or AWS Security policy and access controls for AI tool usage, aligned to ISO 42001 Integration with existing code analysis and security infrastructure Ideal For: Engineering teams who want to adopt AI tooling but need security or compliance requirements met first\nWhat You Get # Deliverables Every project includes: Technical roadmap document with phased implementation plan Comprehensive documentation and runbooks for your team Team training session to ensure knowledge transfer Post-handoff support for a smooth transition How It Works # Week 1 The Scoping Sprint Discovery Phase We start with a thorough audit of your current infrastructure and configuration. I provide a Technical Roadmap before a single line of production code is written.\nThis includes:\nCurrent architecture assessment Gap analysis \u0026amp; risk identification Technology stack review Strategic implementation plan Weeks 2-12 Execution \u0026amp; Automation Implementation Phase I build the Terraform modules or CI/CD pipelines asynchronously. You receive daily logs and video walkthroughs of the architectural changes, progressing at a pace that fits around your team without disruption.\nThis phase ensures:\nIncremental deliverables with full documentation Knowledge transfer sessions Production-ready code with testing Runbook handover Frequently Asked Questions # How long does a typical engagement take? Most projects complete within 8-16 weeks, depending on scope and complexity. The discovery phase typically takes 1-2 weeks, followed by 7-14 weeks for implementation delivered asynchronously to minimise disruption to your team. What happens after implementation? Post-implementation support includes documentation, team training, and optional ongoing maintenance to ensure your team is fully self-sufficient. Do you work with specific cloud providers? I specialise in Azure and AWS, but have experience with multi-cloud strategies including GCP and hybrid environments. What size organisations do you work with? I am experienced in all sized companies from startup to enterprise, though my main focus is growing SaaS companies (20-200 employees) who need DevOps expertise to support their growth; particularly those preparing for or navigating security certifications like ISO 27001. Can you help with existing infrastructure? Absolutely. The discovery phase is designed to assess what you have and recommend either evolution or strategic migration paths. What\u0026#39;s included in the discovery phase? The discovery phase includes a comprehensive audit of your current infrastructure and configuration, gap analysis, risk identification, and a detailed technical roadmap with recommendations. Ready to Modernise? # Let\u0026rsquo;s discuss your infrastructure needs and create a roadmap to production-ready systems. Start Intake Form ","date":"5 February 2025","externalUrl":null,"permalink":"/services/","section":"Shivan Malde","summary":"","title":"Services","type":"page"},{"content":"","externalUrl":null,"permalink":"/authors/","section":"Authors","summary":"","title":"Authors","type":"authors"},{"content":"","externalUrl":null,"permalink":"/categories/","section":"Categories","summary":"","title":"Categories","type":"categories"},{"content":" This form helps me understand your infrastructure challenges and determine how I can help. I will aim to review your submission and be in touch within 2 business days to arrange a discovery call. ","externalUrl":null,"permalink":"/intake/","section":"Shivan Malde","summary":"","title":"Contact Me","type":"page"},{"content":"","externalUrl":null,"permalink":"/series/","section":"Series","summary":"","title":"Series","type":"series"},{"content":"","externalUrl":null,"permalink":"/tags/","section":"Tags","summary":"","title":"Tags","type":"tags"}]