Cloud platform architecture · governance · modernisation
Tony Zaarour
Cloud Platform Architect / Senior Platform Engineer with hands-on experience designing, governing, and modernising AWS platforms in regulated and enterprise environments.
Best fit: messy estates that need clearer guardrails, stronger operating boundaries, better automation, and less platform theatre.
Selected impact
What changes when I am useful
Improved compliance execution across a regulated multi-account AWS estate through guardrails, reporting, and control redesign.
Delivered material annual AWS savings through commitment optimisation, workload modernisation, and lifecycle control.
Re-architected resource-heavy workloads into event-driven ECS task patterns to improve isolation, scaling, and maintainability.
Reduced critical website dropouts for Australian Museum from roughly 20 per day to zero.
Core strengths
Where I tend to add value fastest
Experience
Recent roles
Squiz
Senior DevOps Engineer
- Own the internal AWS platform across a complex multi-account environment supporting shared operational workloads.
- Act as the de facto platform architect for major initiatives across governance, compliance, workload modernisation, and cloud operations.
- Built reporting, alerting, and guardrail capabilities to improve audit readiness and compliance execution.
- Improved platform governance through control redesign and organisation-wide guardrails.
- Modernised long-running workloads into event-driven ECS task patterns and reduced reliance on oversized always-on compute.
- Managed commitment optimisation and cloud efficiency work that delivered material annual savings.
- Led the AWS side of migration from data centre to AWS, including documentation and team enablement.
Versent
DevOps Engineer
- Delivered cloud infrastructure, automation, and operational improvements for enterprise client environments.
- Built reusable deployment tooling, reporting modules, alarm automation, and private API monitoring capabilities.
- Designed and implemented a serverless anti-virus solution using Trend Cloud One.
- Led migration from legacy email infrastructure to AWS SES with stronger security and operational controls.
- Built CI/CD pipelines using GitHub Actions and ECS runners with OIDC-based short-lived AWS access.
AXE Group
Junior DevSecOps Engineer
- Automated deployments, Linux configuration, and security-related operational tasks.
- Maintained Ansible playbooks and environment management workflows.
- Built Shell, Bash, and PowerShell tooling for deployment and operational support.
OpenMRS
Junior DevOps Engineer
- Supported infrastructure and platform operations for the OpenMRS open-source community.
Technology
Tools and platforms I work in
AWS, AWS Organizations, Control Tower, IAM Identity Center / SSO
Terraform, AWS CDK, CloudFormation
ECS, Fargate, Lambda, Step Functions, EC2, SSM, Docker
GitLab CI, GitHub Actions, AWS CodePipeline, Python, Bash, JavaScript, TypeScript
Security Hub, AWS Config, GuardDuty, Inspector, CloudWatch, Dynatrace, Sumo Logic, Cloudflare, AWS WAF, Vanta
Links