About Me


Hi, my name is Sergiy. I’m a technical consultant with over twenty years of experience developing and deploying private, hybrid and public cloud solutions. I am a Senior Technical Consultant at Microsoft Industry Solutions Delivery, helping enterprise customers adopt Azure Cloud by architecting secure landing zones and platform foundations, enabling DevOps and Infrastructure as Code (IaC) governance, and migrating and modernizing their workloads to Azure IaaS and PaaS services.

I enjoy helping teams learn Azure cloud services’ capabilities by providing technical guidance and support. I have worked with various technologies, languages and frameworks, and I am always looking for opportunities to work with something new.

The things that I currently have the most experience working with:

Projects


Azure Landing Zone & Secure Platform Foundation – SAP RISE Enablement

Overview: Architecture design, implementation, and rapid deployment of a greenfield Azure Landing Zone and secure platform foundation, including application landing zones and network connectivity enablement for an SAP RISE on Azure onboarding.
Sector/Company: One of Canada’s largest electricity transmission and distribution utilities.

As part of the Microsoft delivery team, I contributed as a platform and landing zone architect. I facilitated architecture and design workshops with the customer's platform, networking, and security stakeholders, and I co-authored the platform architecture design document covering governance, networking, identity, and security decisions. Together we defined a hub-and-spoke landing zone aligned to the Microsoft Cloud Adoption Framework (CAF) and Well-Architected Framework, along with the platform automation and operating model.

The platform is built as code using Azure Verified Modules (AVM) with Terraform Enterprise and Azure DevOps CI/CD pipelines, enabling policy-as-code governance and repeatable, rapid deployment of both the platform landing zone and application landing zones (App ALZ). The security design follows the Microsoft Cloud Security Benchmark (MCSB) and leverages Azure Policy, Azure Firewall, network security groups (NSGs), Microsoft Defender for Cloud, Microsoft Sentinel, Entra ID Privileged Identity Management (PIM) with just-in-time (JIT) access, and Azure Key Vault.

Beyond the greenfield landing zone, I am working with the customer and delivery teams to prepare the organization for SAP RISE on Azure. This includes designing the secure network connectivity and integration between the enterprise landing zone and the SAP RISE managed environment, and readying the platform for upcoming AI-enabled workloads. The result is a secure, automated, and governance-aligned Azure foundation that accelerates workload onboarding and establishes repeatable deployment patterns for future enterprise and AI workloads.


Application Modernization – Azure PaaS Re-platform & Infrastructure Enablement

Overview: Infrastructure preparation and Azure platform enablement for re-platforming a legacy .NET web application to Azure Platform-as-a-Service (PaaS), delivered together with the customer’s application, DevOps, and security teams.
Sector/Company: A leading Canadian life and health insurance and wealth management organization.

Working alongside the customer's application, DevOps, and security teams, I focused on the infrastructure side of the modernization, defining and validating the target-state Azure platform for a legacy ASP.NET web application being re-platformed from on-premises Windows Server / IIS to Azure Platform-as-a-Service (PaaS).

Partnering with the customer's DevOps team, who owned the Terraform execution in their environment, I helped align the target architecture across Azure App Service, Azure SQL Database, Azure Blob Storage, Azure Key Vault, Managed Identity, Microsoft Entra ID (OIDC), Application Insights, and private endpoints, and validated Infrastructure as Code (IaC) readiness and GitLab CI/CD infrastructure and application pipelines across Development, UAT, and Production environments.

I also contributed to establishing a reusable Azure Kubernetes Service (AKS) hosting pattern that the customer's teams could adopt for future container-based workloads, and led knowledge-transfer and operational handover sessions with the customer and delivery teams, which enabled their administrators and application owners to independently operate the platform.


Azure 2.0 Platform Enablement – Secure Network & PaaS Foundations

Overview: Design and implementation of secure Azure 2.0 cloud foundations and Platform-as-a-Service (PaaS) infrastructure to support enterprise AI workloads and modernization initiatives.
Sector/Company: Largest cooperative financial group in North America and a major Canadian provider of insurance and financial services.

As part of the Azure 2.0 delivery team, I developed reusable Infrastructure as Code (IaC) using Terraform, including modular network, security, and PaaS components aligned with enterprise cloud governance standards. I also designed and implemented Azure DevOps CI/CD pipelines to automate deployment, validation, and lifecycle management of Azure infrastructure.

Working with the broader Azure 2.0 initiative team, I helped deliver a secure Azure landing zone and core PaaS services that enabled the enterprise AI platform. The solution followed the Microsoft Well-Architected Framework and Azure AI workload design principles, ensuring scalability, security, and operational excellence.

This initiative enabled the organization to modernize cloud operations, accelerate adoption of AI workloads, enhance customer experiences, and support the development of internal AI tools through a robust, secure, and automated Azure cloud foundation.


Cloud Migration - Rearchitect for Azure PaaS

Overview: Design, and proof of concept (PoC) of a shared platform migration from on-premises datacenters to Azure Kubernetes Service (AKS).
Sector/Company: Canadian provincial government agency.

In my role, I worked with the agency's architecture and application teams to assess shared platform system complexity and define rearchitect modernization paths, e.g., VM based web and app tier applications rearchitecture to microservices hosted on Azure Kubernetes Service (AKS).

Working closely with the agency app team, I helped them get the shared platform up and running in their Azure proof of concept (PoC) environment. Infrastructure as Code (IaC) and Configuration as Code (CaC) practices were implemented together to build and maintain the PoC environment. The PoC included the migration of Java applications to Docker containers and deployment to AKS using Azure DevOps CI/CD pipelines.

To enable this transformation, we utilized the following tools: HashiCorp Terraform and Azure DevOps CI/CD pipelines with GitHub repositories, ensuring a seamless and efficient process.

This cloud migration will enhance the security of the shared platform using the latest Azure cloud security features. It will also streamline the application development process, scale platform components based on traffic demand, and ensure disaster recovery and business continuity through the elasticity of Azure public cloud.


Cloud Migration - Refactor for Azure IaaS and PaaS

Overview: Design, implementation and orchestration of Azure Cloud Adoption via refactoring applications to PaaS-based services.
Sector/Company: Canadian multinational insurance company and financial services provider.

As a lead for the Intake and Migration team, I worked with application, data, and platform specialists to assess business application complexity and define refactoring modernization paths, e.g., SQL Server migration to SQL Managed Instance or Azure SQL. As part of the refactoring process, my team migrated the applications utilizing Infrastructure as Code (IaC) and Configuration as Code (CaC) approaches.

To enable this transformation, the team utilized the following tools: HashiCorp Vault, Terraform, Packer, Chef Automate, Jenkins CI/CD pipelines, and Azure DevOps Boards, ensuring a seamless and efficient process.

This was one of the practice's larger multi-year modernization programs, spanning a broad portfolio of business applications and representing significant, sustained annual Azure cloud consumption. It significantly impacted the organization's digital landscape by refactoring applications to use Azure PaaS services, resulting in increased efficiency and agility.


Cloud Migration - Rehost (Lift and Shift) to Azure IaaS

Overview: Design, implementation and orchestration of Azure Cloud Adoption via rehosting VMs to public cloud.
Sector/Company: Largest clean power generator in eastern Canada.

In my role, I worked with the customer's infrastructure team to evaluate virtual machines (VMs) and their underlying components for potential rehosting them to Azure Cloud as IaaS VMs. As part of my responsibilities, I prepared and executed the migration of these virtual machines to predefined Azure Landing Zones with Azure Migrate. I also supported the team after the migration by optimizing the virtual machines and ensuring their operational efficiency, and provided post-migration support to ensure everything was functioning correctly. As part of the Lift and Shift approach, the IIS NLB web services were migrated and modernized to use Azure Load Balancers.

As a result of the project, hundreds of VMs were successfully migrated to the Microsoft Azure Cloud, where they were optimized for performance. In addition to Azure Migrate, I leveraged various tools like ARM templates, PowerShell scripts, Azure Automation, and Azure DevOps Services to simplify and enhance migration tasks. This transformation was a significant milestone in the organization's cloud journey, improving operational efficiency and paving the way for further cloud innovation.


Microsoft Cloud Adoption Framework for Azure

Overview: Design and implementation of Cloud Adoption Framework and Landing Zones.
Sector/Company: Private sector companies and government agencies in Canada.

In my role, I designed and implemented Azure Scaffolding, following the Microsoft Cloud Adoption Framework for Azure. This approach laid the crucial groundwork for a robust architecture that scales effectively and ensures high reliability, exceptional flexibility, dynamic adaptability, and inherent redundancy.

By utilizing Infrastructure as Code (IaC) practices, I worked with each organization's operational teams and leveraged ARM templates, PowerShell scripts, Azure Automation, and Azure DevOps Services to build resilient Landing Zones. The impact of this effort led to a fundamental shift in how these teams approached cloud resources and services. Together they started seamlessly migrating on-premises infrastructure and application components to the public cloud, marking a pivotal moment in their digital transformation journey. This transformation saved time and resources and empowered the organizations' teams to explore the full potential of Azure's capabilities.

Experience


Microsoft / Senior Technical Consultant
January 2011 - present

I’m a technical consultant at the Microsoft Industry Solutions team, helping enterprise customers with their journey to Microsoft Azure Cloud. My primary focus is architecting secure Azure landing zones and platform foundations, enabling DevOps and Infrastructure as Code (IaC) governance, and migrating and modernizing on-premises workloads to industry-aligned hybrid and public Azure IaaS and PaaS services.

The38Dev / Founder and Technical Consultant
August 2009 - December 2010

I founded The38Dev to provide technical consulting services to small and medium-sized businesses. I helped my clients with their IT infrastructure, including on-premises and cloud-based solutions. I also provided technical support and training to my client’s IT teams.

While at The38Dev, I worked as a technical consultant specializing in designing and deploying Microsoft Endpoint Manager products and solutions. During this time, I worked as a subcontractor for Microsoft Canada’s Microsoft Consulting Services, now known as Microsoft Industry Solutions.

Full resume available at my LinkedIn profile.

Industry Certifications


I have acquired a range of Microsoft and industry wide certifications over the years. Rather than list them all here, I maintain an up-to-date records in my Microsoft transcript, along with additional accreditations and certifications on the Credly badges website. In addition, a list of public projects I’m currently working on is available at GitHub.