Blueprint · not a CV · London · [email protected]
Infrastructure blueprint & operating vision
This page explains how I think about building and running software platforms — the load-bearing ideas, layers, and techniques — distilled from many years across regulated finance, high-traffic consumer systems, hybrid cloud, and bare-metal estates. It is intentionally anonymous about past employers: the value is the pattern language, not the logos.
Why “blueprint”
A blueprint is not a list of jobs. It is a drawing you can build from: load paths, interfaces, constraints, and tolerances. My work has always been to turn fuzzy requirements into repeatable systems — automation, observability, security, and cost — so teams can ship without trading away safety or clarity. That is the sense in which this page is a blueprint: intent, structure, and method, grounded in practice.
Intent
Platforms should be predictable under load, explainable under audit, and affordable over time. The through-line of my career is designing and operating environments where delivery speed and regulatory rigour are not opposites — where guardrails, pipelines, and telemetry make velocity sustainable.
Principles
- Automation-first. If a human repeats it weekly, it belongs in code or a pipeline.
- Observable by default. Metrics, logs, and traces are part of the product, not an afterthought.
- Least privilege, provable. Identity, data access, and change control must survive scrutiny — PCI-DSS-style thinking generalises well beyond card data.
- Cost as a signal. Waste is often a design smell: network layout, scheduling, managed-service boundaries, retention policies.
- Boring operations. Prefer clear failure modes, runbooks, and rollback over heroic fixes.
Layers (mental model)
I picture production estates as stacked responsibilities — each layer has contracts upward and downward:
Foundation
Accounts, networking, identity, encryption, and baseline hardening — the non-negotiables that everything else assumes.
Compute & workload
Kubernetes where orchestration buys resilience and density; VMs or bare metal where latency, licensing, or regulation demand it — often in the same story.
Delivery
IaC (Terraform, CloudFormation, CDK), CI/CD, GitOps, and artefact promotion — reproducible paths from commit to production.
Observability
Prometheus/Grafana stacks, CloudWatch, structured logging — chosen for signal-per-pound, including when migrating off expensive managed observability at scale.
Governance
Audit evidence, access reviews, data residency, and change discipline — especially in financial and regulated contexts.
Developer experience
Self-service where safe; guardrails that fail closed; tooling that reduces toil without hiding risk.
Techniques & craft
Across cloud and hybrid estates, recurring technical moves include:
- Designing and running many production Kubernetes clusters (notably on AWS EKS) with HA, upgrades, and tenant-appropriate isolation.
- Migrating legacy orchestration to Kubernetes — improving deployment cadence, resilience, and often run cost when the old model was a drag on change.
- Re-architecting observability — e.g. from vendor-managed Prometheus to self-hosted patterns where scale made economics and control decisive.
- Network and placement tuning — prefix delegation, subnet and pod layout — to remove hidden spend in high-traffic clusters.
- Building centralised permission and access systems for large database estates (Python services, evolving toward Kubernetes-native patterns).
- Image and host hardening — automated golden images with CIS-aligned checks baked into the pipeline.
- Multi-cloud and hybrid reality — AWS-heavy platforms with selective use of other clouds; regulated workloads spanning cloud and physical datacentres.
- Compliance cadence — repeated PCI-DSS-style audit cycles without pretending risk lives only in a spreadsheet.
Stack fluency spans AWS (including Lambda, VPC, CloudHSM, hybrid patterns), Kubernetes, Terraform, Ansible/Chef-class config management, CI/CD (GitHub Actions, GitLab, Jenkins, Bitbucket Pipelines), and languages Python and Go for glue and services — plus the usual shell and IaC ergonomics.
Business & collaboration
Infrastructure work sits between product urgency and organisational risk. I am used to translating between engineering, security, and leadership: what an audit actually needs, what an SLA actually measures, and where cloud bills come from. Independent practice sharpened that — short feedback loops, clear ownership, and outcomes that have to stand up in production and in review.
Teaching, writing & presence
Practice is only half the story — lifting others is part of the same blueprint. I have trained many students over time in Python, Java, and DevOps skills (pipelines, cloud primitives, and how to think in systems, not only syntax).
I still write long-form technical articles on Medium — insights.nsource.io — on AWS, Kubernetes, and how infrastructure meets real constraints.
That work sometimes surfaces in the press: AI Data Press featured a conversation on Kubernetes, AI-era infrastructure, and the challenges operators face today.
I stay close to the field in person too: AWS re:Invent (2022) and KubeCon Amsterdam (2026) — to compare notes with practitioners and bring back what actually matters on the ground.
What practice has proven (anonymised)
Without naming organisations, the recurring proof points look like this:
- Tens of production Kubernetes clusters delivered and operated for demanding clients.
- Large observability cost reductions after deliberate redesign at scale.
- Strong network-level savings in busy clusters after correct IP and placement strategy.
- Multiple consecutive audit cycles in regulated financial services.
- Extreme traffic spikes absorbed without outage when campaigns hit faster than marketing forecasts.
- Hybrid and on-prem paths satisfying national regulators alongside global cloud.
Learning & credentials
- University of Oxford
- Artificial Intelligence: Introduction — completed; 10 CATS points awarded.
- Formal degrees
- Bachelor of Science, Computer Software Engineering (Fırat University). Associate’s degree, Investments and Securities (Anadolu University).
- Cloud & platform
- AWS Certified Solutions Architect – Associate; AWS Partner: Generative AI Technical – Specialized; Cilium IPAM / eBPF-related training; Cisco CCNA; additional vendor certificates as listed on professional profiles.
Beyond work and teaching: hands-on IoT projects, chess, cooking, and philosophy — habits that keep thinking sharp; they sit alongside the blueprint, not inside it.