Projects & Engagements

Every named engagement

133 named projects and engagements — 1996 to present. Architecture, cybersecurity, cloud adoption, DPI and governance across NATO, UN, EEAS, DoD, ECB and sovereign governments.

Available for senior advisory
NATO Secret · valid Aug 2027 25+ years · 270+ projects 📍 Bucharest · Europe · Global
Projects & engagements133 named engagements · 1996 to present · organised by role

Every named engagement

133 named projects and engagements across 25+ years. Filter by domain or jump to a role from the career timeline. References and case-study detail available for qualified mandates.

Mar 2024 – Present

PIR2-IT — Chief Innovation Officer / CTO

Worldwide / Remote · Full-timepir2-it.com ↗

Designed AI- and Zero-Trust-enabled platforms for sovereign / institutional clients and large-scale banking transformation for top-tier banks. Senior technical authority on cybersecurity platforms with measurable MTTR reduction.

About PiR2-IT — Independent architecture and engineering firm focused on regulated and mission-critical environments. Services span enterprise and solution architecture, cybersecurity architecture, AI governance and enablement, delivery governance, and engineering prototyping. Active verticals: digital public infrastructure, defence and security, banking transformation, and complex institutional programmes. All work is mission-scoped, NDA-protected where required, and delivered under governed autonomy principles. pir2-it.com ↗
Production
DPI · DLT · AI · Zero Trust

Digital Public Infrastructure Trust Platform — Single Point of Trust

PIR2-IT · European government context · 2020 – Present · Ref: Prj001

DLT-enabled, AI-supported, Zero Trust eGovernment platform designed for national-scale digital public infrastructure. Treats trust as a system property rather than a policy statement — centralising identity assurance, policy enforcement, evidence generation and service integrity. Architecture prototype (validated concept) applied to a European government transformation programme.

Key capabilities

  • DLT evidence layer — immutable audit trails for transactions, access decisions and service states; verifiable receipts; real-time audit readiness
  • Zero Trust as operating model — continuous authorisation, least privilege, policy-as-code enforcement, tamper-evident logging
  • AI under governance — guided digital journeys, anomaly detection, case routing and explainable operational analytics; all outputs policy-bounded and reviewable
  • Interoperability — legacy systems, APIs, event-driven patterns and cross-institution workflows under controlled compliance rules
  • Cross-institution accountability at national scale — traceable decisions, structured evidence, aligned service integrity

Frameworks: Digital Public Infrastructure · DLT evidence architecture · Zero Trust (NIST SP 800-207) · AI governance / explainability · EU eIDAS interoperability

4× security posture · 4× elimination of operational dead time · 72% less duplication · 12% fraud reduction · 45% less information loss

Production
Governance · AI Oversight · GARI

Governance Execution Framework — GARI Accountability Architecture

PIR2-IT · Complex international institution · 2020 – Present · Ref: Prj002

Execution-ready governance framework with AI-assisted oversight for public institutions and multilateral programmes. Transforms governance from recommendation-based activity into structured accountability architecture. Delivered across 35 institutional engagements; flagship reference programme: ~250–300 personnel, USD 45M+ annual budget.

Key capabilities

  • Single Point of Institutional Clarity — aligns mandate, execution and oversight without centralising operational authority
  • Auditability by default — decisions, processes and resource flows traceable through structured accountability chains and embedded reporting logic
  • AI-assisted analysis — dependency mapping, anomaly and inefficiency detection, accountability-chain analysis, workflow optimisation; all outputs reviewable and institutionally controlled
  • RACI-aligned governance layers, evidence-based execution monitoring and institutional learning loops
  • Cross-institution integration for ministries, agencies and multilateral programmes

Frameworks: Governance execution architecture · Algorithmic audit principles · RACI · AI-assisted analytical oversight · Evidence-based execution monitoring

41 contracts renegotiated · 21 terminated · 29 irregularities identified · 6 non-operational positions · −36% OPEX · USD 1.33M costs avoided

Prototype · In testing
AI · Sensor Fusion · Defence

Sensor Fusion & Autonomous Mobility Platform — Mission-grade AI

PIR2-IT · 2024 – Present · Ref: Prj004

Prototype AI platform combining high-performance computer vision, radar + camera sensor fusion and audit-ready reporting for regulated mission environments. Master–agent orchestration model with modular architecture. Currently in iterative hardening and integration validation.

Key capabilities

  • Radar + high-performance camera fusion — improved confidence scoring, reduced false positives, anomaly detection
  • AI perception and event detection optimised for edge deployment in demanding field conditions
  • Multi-sensor detection picture: radar, RF direction finding, EO/IR cameras, acoustic — fused into single operating picture
  • AI-assisted classification with confidence scoring, traceable evidence (time, location, sensor provenance, decision logs)
  • Geofencing, policy-defined alerting and escalation workflows with human governance
  • Automatic evidence trails and structured logs for oversight, accountability and post-event analysis
  • GNSS-challenged resilience — redundancy and graceful degradation
  • Zero Trust security across sensors, edge compute and services; tamper-evident logging
  • V&V discipline: requirements → design → implementation → test evidence traceability; regression controls; configuration baselines

Boundary: detection, awareness, secure integration, governance, V&V. No weaponization or interception.

Prototype platform · Zero Trust · Audit-ready · Edge AI

Advanced demonstrator
AI · UAS · Governed Autonomy · Defence

Governed Autonomous Systems Architecture — AI-Enabled Modular UAS

PIR2-IT · 2024 – Present · Ref: Prj003

Modular AI-enabled UAS demonstrator built around a mothership coordinating multiple deployable sub-vehicles under governed operating logic. Treats autonomy as an engineering, governance and assurance problem — not novelty. Architecture, AI systems engineering, cybersecurity, integration and V&V delivered as a validated demonstrator for regulated operational environments.

Key capabilities

  • Mothership + sub-vehicle distributed operations — modular subsystem boundaries for reconfiguration, maintainability and lifecycle control
  • Edge AI onboard: real-time perception, situational awareness, sensor fusion and tracking to reduce false positives
  • Autonomy support for routing, task allocation and contingency handling within non-lethal, governed scope
  • Multi-vehicle coordination; anomaly detection and interference awareness
  • Predictive health monitoring for reliability and maintainability across test cycles
  • AI outputs logged, traceable and explainable — designed for oversight and post-event review
  • Threat-informed design, Zero Trust principles, security-by-design
  • Traceability from requirements to architecture, implementation and test evidence; configuration baselines; decision logs
  • Resilience in GNSS-challenged environments through graceful degradation
  • Interoperability considerations aligned with coalition and multi-stakeholder environments

Boundary: architecture, AI systems engineering, cybersecurity, integration, governance, assurance. No weaponization or interception.

Advanced demonstrator · Modular · Distributed · Explainable AI · Zero Trust

Banking · multi-client

23 international and Romanian banks — transformation & cybersecurity

Worldwide · 2024 – Present

Large-scale banking transformation and cybersecurity programmes — core-banking migrations, data-centre consolidation, cybersecurity modernisation. Named clients: UNFCU, EIB, Société Générale, HSBC, BNP Paribas, Credit Suisse.

23-bank portfolio

Cybersecurity · PAM / IAM

Enterprise PAM / IAM — satellite + Azure AD + AD FS

Worldwide · 2024 – Present

Enterprise PAM/IAM solutions integrating satellite networks, Azure AD and on-prem AD FS — improving privileged-access governance and authentication security.

Cybersecurity · Platforms

Palo Alto · CyberArk · CrowdStrike · DLP · SIEM · DDoS

Worldwide · 2024 – Present

Product Owner & senior technical authority across cybersecurity platforms (Palo Alto, CyberArk, CrowdStrike, DLP, SIEM, vulnerability management, DDoS). Automation and advanced diagnostics.

MTTR reduced by up to 58%

AI · Energy / Public sector

Romanian Ministry of Energy — AI engine + energy modelling

Romania · 2024 – Present

AI natural-language engine and online energy-system modelling platform supporting EU energy-transition planning.

eJustice AI · Armenia · Phase 2

eJustice AI — Armenia 2025–2026 (Phase 2 AI Agentic Upgrade)

Armenian Government & National Police · Yerevan · 2025 – 2026 (direct continuation of 2014–2015 UNDP/EU programme)

Phase 2 AI agentic upgrade for the National Police criminal justice platform — direct continuation of the 2014–2015 full-lifecycle eJustice programme. Deliverables: AI case routing and decision-support (NLP-based); EU AI Act governance framework (bias assessment, transparency, auditability, human-in-the-loop safeguards); national trainer certification in responsible AI; supervision and audit of implementation.

EU AI Act compliance framework · ~€60M programme (cumulative Phase 1 + 2)

eJustice AI · Georgia · Phase 2

eJustice AI — Georgia 2026 (Phase 2 AI Agentic Upgrade)

Georgian Government · 112 Emergency Services / eJustice · Tbilisi · 2026 (direct continuation of 2014–2015 UNDP programme)

Phase 2 AI agentic upgrade for the 112 Emergency Services / eJustice platform — direct continuation of the 2014–2015 full-lifecycle programme. Deliverables: AI dispatch optimisation and predictive resource allocation; AI transparency and accountability framework; national trainer certification in AI adoption; supervision and audit of implementation.

UNDP / EU frameworks · ~$50M programme (cumulative Phase 1 + 2)

AI Governance · eJustice · 35 States

AI Governance & Agentic eJustice — 35 States (EU AI Act Aligned)

PIR2-IT · Worldwide · 2024 – Present

AI-enabled eJustice and DPI governance across 35 states, fully aligned to the EU AI Act. Scope: NLP case routing and triage; predictive court scheduling; AI-assisted legal document processing; automated cross-border judicial cooperation flows (e-CODEX/ECRIS-compatible); digital evidence chain-of-custody; citizen-facing identity-verified portal; human-in-the-loop safeguards; full audit trails. National governance domains: justice and law enforcement, public administration, healthcare, financial regulation, energy and critical infrastructure, defence. Full ToR lifecycle delivered (diagnostic → vision → architecture → governance → roadmap → delivery → M&E → supervision and audit → continual improvement).

Role: supported clients in producing financing, M&E and supervision documentation required by multilateral institutions — no direct contract with WBG, JBIC, Asian Development Bank or EBRD.

Frameworks: WBG | JBIC | ADB | EBRD | EU | FIDIC

DPI · 35 States · eIDAS

Digital Public Infrastructure — 35 States

PIR2-IT · Worldwide · 2024 – Present

eIDAS-compatible digital identity and trust services; data exchange and interoperability (API/iPaaS/ESB/eventing); e-signature, electronic notary, and national PKI; citizen-facing portals. Phased roadmaps, funding strategies, M&E frameworks, and supervision of implementation for each engagement across 35 states. Professional services delivered throughout the full project lifecycle for the majority of citizens in each country.

Role: supported clients in producing financing, M&E and supervision documentation required by multilateral institutions — no direct contract with WBG/ID4D, UNDP/UNOPS or EBRD.

Frameworks: WBG ID4D | EU Structural Funds | FIDIC | UNDP/UNOPS

In production · ~45% scope
AI · Publishing Governance · Editorial

eAI-PR / MAPE — AI Publishing Governance Ecosystem

PIR2-IT · UN · NATO · EEAS · IBM context · 2024 – Present · Ref: Prj005

AI-driven publishing governance ecosystem of specialised AI personas under strict human-in-the-loop design, serving content strategy across editorial, multilingual, compliance and performance dimensions. Built on experience at UN, NATO, EEAS and IBM. Orchestrated via LangGraph · AutoGen · AWS Bedrock · Azure AI Studio. One consolidated implementation ~45% of full scope in production with four further modules in active testing. Scale: ~1,000–3,000 platform users; 200–600 concurrent operators; 27+ languages.

Five capability groups

  • A — Editorial Excellence: multi-tier automated editing, intelligent abstracting, narrative fluency tuning, multimodal asset blueprinting, AI graphics, editorial scheduler, content classification. KPI: 53% content cycle-time improvement
  • B — Logical Auditing & Credibility: mathematical/logical sanity auditing, source verification and provenance mapping, dynamic citation engine, reputation intelligence and OSINT. KPI: −27% content/governance errors; zero statistical hallucinations before publication
  • C — Institutional Alignment & Political Risk: geopolitical sensitivity screening, diplomatic localisation (border/territory nomenclature enforcement, dual-agent back-translation, confidence scoring for human veto), EU AI Act / ISO 42001 / NIST AI RMF compliance. KPI: zero reputational/political incidents
  • D — Web Performance & Real-Time Interaction: behavioural click/heatmap tracking, real-time KPI dashboarding, A/B testing automation, deep engagement scoring. KPI: +32–45% active users; +21% UX optimisation
  • E — Format Analysis & UI/UX: automated layout auditing, WCAG accessibility scanning, multi-device responsive QC. KPI: consistent cross-device reading experience worldwide

Stack: LangGraph · AutoGen · AWS Bedrock · Azure AI Studio · Adobe Analytics · GA4 · Hotjar · EU AI Act · ISO/IEC 42001 · NIST AI RMF

53% cycle-time reduction · −27% errors · +32–45% active users · 1,750+ hours saved · USD 3.9M structural value optimised · 27+ languages · zero diplomatic incidents

May 2021 – Present

Freelancer — Chief Information Officer

Greater London, England, UK · Part-time, on-site
AI Governance

AI-driven governance application

London, UK · 2021 – Present

AI-driven governance application designed to strengthen accountability, transparency and decision traceability across complex public- and private-sector organisations. Integrates AI, automation and governance principles to support responsible decision-making, risk management and compliance with legal, ethical and operational requirements. Provides an end-to-end view of decision processes, linking strategic objectives, policies, responsibilities and measurable outcomes into a coherent governance framework.

2020 – 2023

Romania Government / European Union — Specialist Advisor (B2B)

Romania (B2B) · Government & EU Programmes

Advisory services across 38+ ministries / public-sector stakeholders covering governance, enterprise architecture, cybersecurity and project implementation. Smart outsourcing / IT-service procurement initiatives.

Public
AI policy · Smart-outsourcing

Romania Govt & EU Programmes — AI policy & smart-outsourcing advisory

Romania · 2020 – 2023 · 38+ ministries / stakeholders

Research and policy initiatives on the impact of AI and emerging technologies on national and organisational strategies. Advisory on governance, enterprise architecture, cybersecurity and project implementation across multi-stakeholder environments. Smart outsourcing / IT-service procurement initiatives.

Key activities

  • Led research on AI impact across national strategy, governance and operating models
  • Delivered advisory across enterprise architecture and cybersecurity for regulated multi-stakeholder programmes
  • Supported smart-outsourcing / IT procurement: requirements, evaluation criteria, operational constraints
  • Aligned proposals with EU programme constraints and national policy direction

Frameworks: TOGAF · ISO 27001 · NIST CSF · GDPR · EU AI Act readiness · ITIL v3

38+ ministries / public-sector stakeholders

Aug 2023 – May 2024

NATO / NCIA — Head of Section (interim) · NDW / CPS

The Hague, NL · B2B – IWC PE · short-term

Interim Head of the Content Collaboration Section at NATO/NCIA, accountable for the end-to-end service lifecycle (SLAs / OLAs) of collaboration and cybersecurity platforms across classified environments. NIST 800-53, ISO 27001, PCI DSS and NCA ECC alignment. Bridge between mission leaders, engineers and compliance teams.

Classified · NDA
Governance · Cloud · DevSecOps · NATO Secret

NATO CS-NDW — Governance Framework · Cloud Adoption · DevSecOps

NATO / NCIA · NDW / CPS · The Hague · 2023 – 2024 · Ref: interim Head of Section

Defined and operationalised the governance framework for the Content Services — NATO Digital Workplace (CS-NDW) programme. Covered cloud adoption strategy, security cloud architecture and DevSecOps integration across a classified NATO environment.

  • CS-NDW governance framework — decision authority, accountability chains, escalation paths, ARB integration
  • Cloud adoption roadmap for NATO classified and unclassified environments — hybrid cloud boundaries, policy-as-code
  • Security cloud architecture — Zero Trust alignment, classification-aware access controls, compartmentalisation
  • DevSecOps pipeline design — security gates, automated compliance checks, release governance in NATO Secret domain
  • STANAG and NAF alignment across architecture decisions; CD&E methodology applied to capability requirements
  • Stakeholder governance across 32 NATO nations — executive reporting, audit evidence, decision registers

Frameworks: NAF · STANAG · NATO INFOSEC · Zero Trust · DevSecOps · CD&E · PRINCE2 · ISO 27001

📄 Letters of recommendation available · Named contacts provided upon request · NDA applies to classified details

Public
Content Collaboration · Section lead

NATO NDW / CPS — Content Collaboration Section (interim head)

NATO / NCIA · The Hague · Aug 2023 – May 2024

Interim Head of Section accountable for the end-to-end service lifecycle of Content Collaboration platforms (Semantic MediaWiki and associated). Direct accountability for SLAs / OLAs across classified environments, service-change governance, CAB representation, KPI definition and reporting.

Key activities

  • Coordinated and monitored 2nd- / 3rd-line support, incident investigation and root-cause resolution
  • Served as first point of escalation for major incidents affecting the services
  • Coordinated change enablement and release / deployment, representing services at CABs by delegation of the SAO
  • Authorised new release packages and supported transition into service operation
  • Defined and reported KPIs and associated service metrics; proactively monitored them

Frameworks: NIST 800-53 · ISO 27001 · PCI DSS · NCA ECC · ITIL v3 (service lifecycle) · PRINCE2

SLA / OLA portfolio · classified environments

Public
Hybrid cloud · Content collaboration

NATO content-collaboration hybrid-cloud migration

NATO / NCIA · The Hague · 2023 – 2024

Migrated all NATO content-collaboration systems to hybrid cloud. Immutable / audit-ready versioning patterns. PAM/IAM, SIEM/SOAR and GRC platforms integrated with satellite and terrestrial networks for mission-critical environments.

Key activities

  • Designed secure-infrastructure architecture aligning controls with NIST 800-53, ISO 27001, PCI DSS and NCA ECC
  • Delivered 3rd-line operational support and advanced troubleshooting across classified estates
  • Integrated satellite-enabled PAM/IAM with SIEM/SOAR and GRC for cross-domain access governance
  • Translated complex security-architecture concepts into actionable guidance for stakeholders

Frameworks: NIST 800-53 · ISO 27001 · PCI DSS · NCA ECC · Hybrid-cloud reference architecture

Public
InfoSec · Privacy · Awareness

InfoSec policy, phishing exercises & PII handling

NATO / NCIA · The Hague · 2023 – 2024

Oversaw all InfoSec policies tied to Content Collaboration lifecycle management. Designed and led phishing / social-engineering exercises and awareness training. Managed privacy complaints and internal risk registers. Conducted internal audits and served as escalation point for incidents affecting PII.

Frameworks: ISO 27001 · GDPR · NIST CSF · NATO information-handling directives

Jun 2022 – Dec 2023

European External Action Service (EEAS) — Technical Project Manager / hybrid Cloud / Cyber Security

Brussels, BE · B2B – IWC (Aubay) · 50+ member team

EEAS Portfolio Manager of Infrastructure with focus on cyberspace environment (incl. EUMIL military C3). Cloud security and architecture across AWS, Azure and GCP. Apps migration, networking, satellite and cybersecurity engineering. ISO 27001 · PCI DSS · GDPR · HIPAA · TOGAF.

Public
EEAS · Cyber programme

EEAS Cyber Security & Architecture programme

EEAS · Brussels · Jun 2022 – Dec 2023

Co-led the EEAS Portfolio Manager of Infrastructure function focusing on technical aspects, integration and operation of critical mission systems. Defined yearly EEAS portfolio (Technical Coherence, Digital Transformation, Cyber Defence) and aligned projects / programmes for cross-EEAS coherence.

Key activities

  • Led a 50+ member team across apps migration, networking, satellite and cybersecurity engineering
  • Deployed NGFW (Palo Alto, FortiGate, Check Point), WAF, IDS/IPS, sandbox, EDR, DLP, vulnerability management, PAM, IAM and DDoS protection
  • Served as escalation point for 3rd-line troubleshooting and architecture validation; single point of contact with vendor 3rd-line
  • Established cloud-governance frameworks, cost-optimisation and performance-monitoring practice
  • Performed TOGAF modelling, architecture and design across capability targets, operational requirements and interoperability requirements

Frameworks: TOGAF · ISO 27001 · PCI DSS · GDPR · HIPAA · NIST 800-53 · COBIT · ITIL · IIBA · IREB · PRINCE2 · Agile

Team 50+ · multi-domain portfolio

Public
EU BICES · Intelligence networking

EU BICES — intelligence networking support

EEAS · Brussels · 2022 – 2023

Support and architecture for EU BICES (Battlefield Information Collection and Exploitation System) within EEAS portfolio. Secure intelligence networking and cross-domain interoperability across member-state and partner-organisation feeds.

Frameworks: NATO STANAG · NAF · TOGAF · ISO 27001

Public
EU Space · Satellite

EU Space & satellite security architecture

EEAS · Brussels · 2022 – 2023

Security architecture for EU Space programmes and hybrid satellite / terrestrial networks. PAM/IAM, SIEM/SOAR and GRC platforms integrated with satellite communications for mission-critical EU operations.

Frameworks: ISO 27001 · NIST 800-53 · TOGAF · PCI DSS · GDPR

Public
EU Intelligence Applications

EU Intelligence Applications — architecture & security

EEAS · Brussels · 2022 – 2023

Architecture, security and integration support for the EEAS Intelligence Applications portfolio. Controlled-access models and cross-domain integration patterns.

Frameworks: TOGAF · ISO 27001 · NIST 800-53

Public
C3 · Cyberspace

EEAS C3 cyberspace requirements & architecture

EEAS · Brussels · 2022 – 2023

Manage cyberspace environment (including EUMIL military sector C3) and analyse upcoming cyberspace requirements. Develop architectural diagrams, block diagrams and systems-engineering artefacts for capability evolution.

Key activities

  • Capture, develop, analyse and evaluate capability requirements
  • Maintain requirements traceability and version / configuration control
  • Develop PoCs using hypothesis testing, MCDA, experimentation and wargaming
  • Collaborate with 24 national / international military and civilian organisations including 9 Centres of Excellence and 5 universities

Frameworks: TOGAF · NATO STANAG · NAF · IIBA · IREB · ISO 31000

Public
DR · Continuity

EEAS Disaster Recovery Centre

EEAS · Brussels · 2022 – 2023

Disaster Recovery Centre design and implementation for EEAS critical mission systems. RTO / RPO definition, failover testing and continuity evidence.

Frameworks: ISO 22301 · ISO 27031 · NIST CSF

Public
DMS · Secure integration

EEAS Document Management System

EEAS · Brussels · 2022 – 2023

Document Management System architecture and secure integration for EEAS, with traceability and audit-ready versioning across institutional content lifecycle.

Frameworks: ISO 27001 · GDPR · ISO/IEC 24760 (identity) · TOGAF

Public
Oracle EBS · Encryption

EEAS Oracle EBS upgrade with encryption & identity governance

EEAS · Brussels · 2022 – 2023

Secure cloud migration and Oracle E-Business Suite upgrade with embedded encryption (AES-256), tokenisation, identity governance and data-protection controls.

Frameworks: ISO 27001 · PCI DSS · GDPR · NIST 800-53

Public
Apps migration · Hybrid cloud

EEAS apps migration & hybrid-cloud adoption

EEAS · Brussels · 2022 – 2023

Cloud-security and architecture programmes across AWS, Azure and GCP. Apps migration combined with containerisation, serverless and hybrid-cloud patterns for scalability, automation and operational resilience.

Frameworks: AWS Well-Architected · Azure CAF · GCP Cloud Adoption · DevSecOps · ITIL v3 · ISO 27001

Feb 2019 – 2024

IBM — Section Head — Digital & AI · Innovation Center

Worldwide · 39 direct / indirect reports

Lead the Innovation Center. Information-security strategy and large-scale systems initiatives for Innovation Center and its sensitive clients. SIEM operation with AI/ML threat-hunting. Cyber Crisis Management programme delivery.

U.S. DoD · Multi-cloud

U.S. DoD JEDI / JWCC — Cloud Access Management (CAM)

Innovation Center · 2019 – 2022

Advisory architect for Cloud Access Management (CAM) within the U.S. Department of Defense JEDI / Joint Warfighter Cloud Capability (JWCC) programme — subcontract via Innovation Center, no direct DoD contract. Designed a zero-trust multi-cloud access layer spanning AWS, Azure, GCP, and OCI — ITAR, FedRAMP, and DoD IL5 compliant. Architecture aligned to JADC2 (Joint All-Domain Command and Control) interoperability requirements.

Key activities

  • Zero-trust CAM architecture across four hyperscalers (AWS GovCloud, Azure Gov, GCP GovCloud, OCI)
  • FedRAMP High and ITAR compliance design; DISA STIG alignment
  • JADC2 interoperability integration — multi-domain, multi-classification
  • Product Owner across agile delivery streams; architecture governance and ADR authority

Frameworks: FedRAMP · ITAR · DISA STIG · NIST 800-53 · Zero Trust (NIST SP 800-207) · JADC2

Classified programme value

IT Audit · Financial Services

IT audits & security assessments — banks & multinationals

IBM · 2019 – 2024

Lead IT audits and security assessments for clients across Financial Services (Citibank, DB, Group Société Générale, Raiffeisen), Service Industry, Public Sector (Interpol, EU), Healthcare, and Manufacturing (Mercedes Benz, EADS).

Cyber Crisis Management

Cyber Crisis Management programme

IBM · 2019 – 2024

Advise, implement and manage the Cyber Crisis Management programme — strategic crisis decision-making, large-scale crisis response. One of the largest, most respected teams of crisis and continuity management professionals.

SIEM · AI / ML

SIEM platforms with AI / ML threat-hunting

IBM · 2019 – 2024

Operate SIEM platforms with threat-hunting capabilities. Combined proactive and reactive incident management using AI, Machine Learning, Elastic Search, cloud technology to rapidly adapt and respond to cyber disruptions. Real-time decisioning for ongoing security incidents.

Global SOC

Global Security Operations Center oversight

IBM · 2019 – 2024

Oversee Global SOC positions in daily tasks and projects. Selection of technology (cloud, SOA, etc.), devices and software for the network and information security infrastructure. Cryptographic key management in support of CIO function as Single Point of Authority.

NDA — named in CV
CyberPro · AI cyber platform

CyberPro — AI-driven cybersecurity platform

Innovation Center · 2019 – 2024

Designed, developed and operationalised "CyberPro", an AI-driven cybersecurity platform integrating SIEM (Splunk, QRadar), SOAR (Cortex XSOAR, IBM Resilient), EDR (CrowdStrike, Carbon Black, Defender for Endpoint) and DLP (Symantec, Microsoft Purview) for real-time threat correlation and automated incident response.

Key activities

  • Network defence with Palo Alto, FortiGate, Check Point, IDS/IPS (Snort, Suricata), Zscaler, Proofpoint
  • Unified risk dashboard integrating SIEM + GRC metrics
  • Third-party risk assessments, policy mapping, SOC 2 / ISO 22301 business-continuity validation
  • ISO 27001 audit readiness, PCI DSS gap analyses, GDPR compliance

Frameworks: ISO 27001 · PCI DSS · NIST 800-53 · ISO 22301 · SOC 2 · GDPR · COBIT 5 · ITIL v3

+53% improvement · 1,750+ hours saved

NDA — named in CV
Zero Trust · Encryption

IBM Zero Trust · micro-segmentation · HSM key management

Innovation Center · 2019 – 2024

Zero Trust architectures, network micro-segmentation and encryption programme (TLS 1.3, AES-256, HSM-based key management) for defence and financial-services clients of the Innovation Center.

Key activities

  • Architected hybrid and multi-cloud environments (Azure, AWS, GCP) with secure connectivity, monitoring and identity governance
  • Centralised IAM (Azure AD, Okta, CyberArk PAM) with cloud-native monitoring (Azure Sentinel, AWS GuardDuty, Security Hub)
  • Enforced secure-design standards across requirements, design and deployment with teams of 25+ engineers / architects

Frameworks: Zero Trust (NIST 800-207) · ISO 27001 · NIST 800-53 · PCI DSS · TOGAF

NDA — named in CV
DevSecOps · Containers

IBM DevSecOps pipeline — containers + secrets management

Innovation Center · 2019 – 2024

Containerised workloads (Docker, Kubernetes, OpenShift) with DevSecOps pipelines (Jenkins, GitLab CI/CD, HashiCorp Vault) enforcing security-as-code across Innovation Center delivery.

Frameworks: DevSecOps · CIS Kubernetes Benchmark · OWASP · ISO 27001 · NIST 800-53

DPI · ePassport · Romania

Romanian Electronic Passport — sovereign programme (€30M)

Innovation Center · Romania · 2019 – 2022

Architecture and programme management for the new Romanian ePassport sovereign programme — €30M contract. PKI infrastructure, biometric system, ICAO Doc 9303 compliance, chip personalisation, border control integration. Training for 500+ users. ISO 27001 and EU security standards. Distinct from the 2008–2010 initial deployment.

€30M contract · 500+ users trained

DPI · Land registry · Romania

Romanian National Agency of Cadastre & Land Registration — NACLR

Innovation Center · Romania · 2019 – 2022

Digital transformation of the National Agency of Cadastre and Land Registration — national land registry digitisation, workflow automation, PKI-secured records, cross-agency data integration. EU-funded programme delivered within Innovation Center.

EU-funded national programme

DPI · Trade facilitation · Romania

Ministry of Finance — Single Window (cross-border trade Romania / EU)

Innovation Center · Romania · 2019 – 2022

Single Window platform for cross-border trade between Romania and EU — Ministry of Finance integration. Streamlined customs declarations, multi-agency data exchange, EU interoperability framework compliance.

National DPI · EU interoperability

Aug 2016 – Jul 2019

United Nations HQ — Senior Information Technology Officer

New York, NY, USA · 16 direct reports · Fixed-term, full-time

Lead UN Cybersecurity Requirements and Operation. Direct reporting to CITO. ISO 900X, Agile, PMI, Prince2, TOGAF, COBIT, ITIL, ISO 31000, ISO 2700X, NIST, ISO 2000, DevOps.

UN Cyberspace · Single Point of Authority

UN cyberspace concept & member-state recognition

UN HQ · New York · 2016 – 2019

Defined UN cyberspace concept and influenced UN member states to recognise UN as Single Point of Authority for UN and member-state cyberspace. Stakeholder management with budget secured to develop the collective cyberspace, cyber-security programme planning, and cyber-risk implementation.

US$125M (2015) + US$124M (2016) member-state budgets

SIEM · AI / ML

UN SIEM platforms — real-time AI / ML threat-hunting

UN HQ · 2016 – 2019

Designed, implemented and operated UN SIEM platforms with real-time, automated threat-hunting capabilities. Combined proactive and reactive incident management using AI, ML, Elastic Search, cloud. Real-time decisioning for security incidents.

Hybrid cloud · Azure + AWS

UN hybrid cloud (Azure + AWS), IoT, DLT, big data, virtualization

UN HQ · 2016 – 2019

Drove cloud requirements, security controls and implementation (Azure and AWS), IoT, DLT, big data, virtualization, Office 365, BCP, code development, DevSecOps. Aligned security, technology, application and financial/business processes to new cloud environment and mobile.

Significant cost savings via Microsoft / Oracle / Cisco renegotiation

DevSecOps · AI

DevSecOps automation with AI-driven answers

UN HQ · 2016 – 2019

Automated DevSecOps with AI-driven security and vulnerability detection in continuous delivery workflow. Every build checked every time. Risk assessment based on actual libraries called in context of the environment and dependencies.

United ID · Inter-agency

United ID — UN System inter-agency harmonisation

UN HQ · 2016 – 2019

Worked at Enterprise level to increase system-wide harmonisation on ICT matters through inter-agency mechanisms (United ID). Common ICT security approaches and solutions (processes, standards) for the entire UN System. Liaised with Finance, HR and internal-affairs units across UN — Umoja system.

Blockchain · UN strategy

UN blockchain community & strategy

UN HQ · 2016 – 2019

Created a blockchain community and acted as leader to develop a strategy for the UN. Spoke at UN events on Digital ID solutions / Blockchain, Bitcoin / Ether / cryptocurrencies, TechNovation Day: Blockchain.

Public
M365 E5 · Endpoint security

UN M365 E5 Security Suite deployment

UN OICT · 2016 – 2019

Deployment of Microsoft 365 E5 Security Suite across UN workforce — DLP, MFA, Intune MDM, Conditional Access — supporting the global cybersecurity and digital-workplace transformation.

Frameworks: Microsoft Zero Trust · ISO 27001 · NIST 800-53 · GDPR

Public
Oracle EBS R12 · Encryption

UN Oracle EBS R12 upgrade — tokenisation & database encryption

UN OICT · 2016 – 2019

Oracle E-Business Suite R12 upgrade across UN estate with tokenisation and database encryption embedded, aligning ERP security to PCI DSS-grade controls.

Frameworks: PCI DSS · ISO 27001 · NIST 800-53

Public
DR · Active-active DC

UN active-active data-centre architecture

UN OICT · 2016 – 2019

Active-active data-centre architecture with automated failover using VMware SRM and Azure Site Recovery. Tested results: 99.98% availability, RTO < 4h, RPO 15 min.

Frameworks: ISO 22301 · ISO 27031 · NIST CSF

99.98% availability · RTO < 4h · RPO 15 min (tested)

Public
Smart-Outsourcing

UN Smart-Outsourcing programme (SOC · infrastructure · DevSecOps)

UN OICT · 2016 – 2019

Smart-Outsourcing programme covering SOC, infrastructure and DevSecOps operations. Delivered USD 3.2M OPEX savings while maintaining PCI DSS Level 1 compliance.

Frameworks: ITIL v3 · PCI DSS · ISO 27001 · COBIT 5

USD 3.2M OPEX savings

Public
Enterprise agreements

UN enterprise agreements — Microsoft + AWS with security / performance KPIs

UN OICT · 2016 – 2019

Negotiated enterprise agreements with Microsoft and AWS embedding performance and security KPIs. Yielded ~20% annual cost optimisation across UN workloads.

Frameworks: Vendor governance · Microsoft Cloud Adoption Framework · AWS Well-Architected · ITIL v3

~20% annual cost optimisation

Public
Zero Trust · Awareness

UN Zero Trust + security-awareness enterprise programmes

UN OICT · 2016 – 2019

Enterprise-wide Zero Trust programme combined with security-awareness training, improving organisational resilience and compliance maturity. ISO 27001 / PCI DSS / GDPR / SOC 2 audit findings reduced by 35% within one year.

Frameworks: Zero Trust (NIST 800-207) · ISO 27001 · PCI DSS · GDPR · SOC 2

-35% audit findings within 1 year

Public
Blockchain · IBM stack

Freelance — eGovernment Blockchain engine designed, sold & integrated into IBM

Concurrent freelance · Sep 2015 – Aug 2019

Concurrent freelance B2B engagement during the UN HQ years. Conceptualised a state-of-the-art Blockchain engine tailored for e-government — cryptographic assurance, controlled access models, immutable evidence trails. Successfully negotiated the sale to IBM and coordinated its integration into IBM's global public-sector solution stack.

Frameworks: Hyperledger Fabric · Quorum · Corda · ISO/IEC 24760 · TOGAF · NIST 800-53

ICJ & ICC · The Hague

ICJ & ICC — International Courts Digitalisation (The Hague)

International Court of Justice & International Criminal Court · The Hague · 2016 – 2019

Senior IT Adviser and Architect for digitalisation programmes at the ICJ and ICC. Defined digital transformation vision, guiding principles (judicial independence, rule of law, security, accessibility), and KPI framework for each institution. Designed target architecture: multi-tier case management platform with classified document handling, e-filing with legally binding digital signature chain-of-custody, secure cross-border evidence exchange, encrypted judicial record repository, hearing management system, and interoperability with UN Secretariat, UNDP, and member-state delegations via secure API/ESB layer. Security-by-design for classified and highly sensitive judicial records; data governance model aligned to international judicial data protection standards; access control and full audit trail for judge, counsel, and registry workflows. Financed under UN internal budget; delivery supervised and audited against UN OICT standards.

UN internal budget (OICT standard)

UNAT / UNDT · Digital Justice

UNAT & UNDT — Digital Justice Strategy, Target Architecture & Delivery

UN Administrative Tribunal & UN Dispute Tribunal · New York · 2016 – 2019

Defined digital justice transformation strategy for the UN Administrative Tribunal (UNAT) and UN Dispute Tribunal (UNDT): strategic vision, guiding principles (user-centricity, rule of law, institutional independence, digital-by-default), measurable objectives, and KPI framework. Designed target architecture: multi-tier case management platform with API-first integration layer, identity federation (UN United ID), e-filing with digital signature chain-of-custody, secure document exchange (encrypted at rest and in transit), automated hearing scheduling engine, and interoperability with UN HR (PeopleSoft), legal registry, and finance (ERP) systems via ESB/API middleware. Security-by-design and privacy-by-design embedded throughout; GDPR-aligned data governance model for judicial records. End-to-end delivery through go-live with phased roadmap, change management plan (Prosci/ADKAR), M&E framework (case throughput, e-filing adoption, scheduling efficiency, user satisfaction), and supervision/audit of implementation. Outcome: full digitalisation of both tribunals serving UN staff globally across 190 countries.

UN internal budget (OICT standard)

18-Country Digitalisation · Asia & Africa

18-Country Digital Public Services Programme — Asia & Africa

UN HQ (OICT) · Afghanistan, Bangladesh, Cambodia, Ethiopia, Kenya, Myanmar, Nepal, Pakistan, Rwanda, Senegal, Tanzania, Uganda, Zimbabwe & others · 2016 – 2019

Digital public services, national identity infrastructure, e-governance platforms, and capacity building across 18 UN member states in Asia and Africa. Professional services delivered throughout the full project lifecycle — diagnostic, strategic vision, governance framework, phased roadmap, target architecture, change management plan, M&E framework, supervision and audit of implementation — for the majority of citizens in each country.

OPEX US$56M / CAPEX US$12M (UN HQ portfolio)

Sep 2015 / Jan 2016 – Aug 2016

NATO HQ / NCIA / CSU BRX — Principal NNHQ IT Services Coordinator

Brussels, BE · 13 direct reports · Fixed-term, full-time

Coordination of personnel and equipment migration into the New NATO HQ. ANWI / AVI / ESS contractor coordination. NNHQ Target Architecture & Baseline Architecture. ISO 900X, Agile, PMI, Prince2, TOGAF, COBIT, ITIL, ISO 31000, ISO 2700X, NIST, ISO 2000, ISO/IEC 24760, DevOps.

NNHQ Target Architecture

NNHQ Target Architecture & ICT migration

NATO HQ · Brussels · 2015 – 2016

Coordinate with NNHQ Transition Office (HQTO) for migration of personnel and equipment into the NNHQ. Coordinate with ANWI project (Infrastructure-as-a-Service hosting all business and applications). Comment and propose ICT migration paths. Maintain ICT technical drawings, space allocation and inventory. Contribute to NNHQ Target Architecture (TA) → Baseline Architecture (BA).

US$67M+ budget executed

ANWI · AVI · ESS

ANWI / AVI / ESS contractor coordination

NATO HQ · 2015 – 2016

Coordinate with NNHQ contractors — Active Network Infrastructure (ANWI) for IaaS, Audio-Visual Infrastructure (AVI), Electronic Security Services (ESS). Vendor relationships and IT-related contracts.

DR · Virtualization

Disaster recovery + 90% server virtualization

NATO HQ · 2015 – 2016

Designed and executed first disaster-recovery centre fail-over. Successful DR plan and business continuity plan. Led server virtualization effort — virtualized 90% of systems infrastructure. AIS audits and system accreditation for classified systems.

Jun 2011 – Sep 2015

Freelance — IT Expert / IT Adviser (eight framework contracts)

Bucharest base · Worldwide · up to 39 direct reports

Eight independent advisory framework contracts spanning banking, EU institutions, UN agencies, defence and digital identity.

INTERPOL · Singapore

INTERPOL Global Complex for Innovation — IT Security Advisor

Singapore · Jan 2015 – Sep 2015 · 90 working days · via a top-tier international management consultancy, Singapore

Led six task forces to deliver strategy, observations and recommendations for enhancing institutional, operational, legal and technical frameworks for digital identity and cybercrime. Business analysis, strategic and security challenges, new concept and strategy translated into business and technical requirements for the National Cyber Review II (NCR) — spanning 197 INTERPOL member states. Drafted methodology for cyber-defence policy, concepts and capabilities at national level. Engagement via a top-tier international management consultancy, Singapore.

National Cyber Review II · 197 member states

EU · eIDAS Regulation

Senior IT Adviser — EU Regulation 910/2014 (eIDAS)

EU · Jan 2011 – Sep 2015 · 140 working days

Senior IT advisory framework contract on Regulation (EU) No 910/2014 — electronic identification and trust services for electronic transactions in the internal market (repealing Directive 1999/93/EC).

SSEDIC · EU + international

SSEDIC — Single European Digital Identity Community (5-year programme)

EU · 2009 – 2015

5-year consultation period with 200+ European and international eID experts and stakeholder organisations. Recommendations and roadmap for the Single European Digital Identity Community supporting Horizon 2020.

UNDP · Tbilisi

Emergency services architecture — Georgia (112)

Tbilisi, Georgia · Oct 2014 – Oct 2015 · 50–90 days

Architecture, coding, security, operation and data-protection of emergency services. Enterprise Architecture Strategy & Roadmap. Technical roadmap for emergency video-call service. BMC Remedy Suite + Kinetics framework. Established a Center for Secure Information Systems & Digital Identity. Trained the trainers. http://112.ge

M50$ committed

UNDP / EU Advisory · Yerevan

National digital identity for Armenia — Police IT system

Yerevan, Armenia · Mar 2014 – Oct 2015 · 60–90 days

Armenian Government & Armenian Police — new IT system: digital identity architecture, cyber-security, data centre, DRC, personal data protection, risk management. Single secured and unified information environment (e-Governance). Roadmap and budget for interoperability with criminal justice, voting, idCard, passport, cadastre, justice, car registration, insurance.

M60$ committed

UNOPS · Kabul

Digital identity, people registration & voting — Afghanistan

Kabul, Afghanistan · Aug 2013 – Jul 2015 · 75 days

Validate business model, functional requirements, and obtain support for new digital identity management for people registration and voting. Solution Design Team management. Technical roadmap for implementation. Lead consulting team (3 experts). Risk assessment and mitigation.

M36$ budget

European Central Bank · Frankfurt

ECB cloud / digital architecture & cryptocurrency

Frankfurt, DE · Sep 2014 – Nov 2015 · 120 working days

Lead Solution Design team for modern cloud / digital and cryptocurrency architecture. Identify and document business flows, data exchanges, identity authorisation and security level. Integrations with European and governmental agencies. Updated Business Continuity Plan.

ENISA · EU

ENISA — National Cyber Security Strategy framework

EU · Aug 2013 – Dec 2013 · 60 working days

Member of expert advisory group defining the National Cyber Security Strategy (NCSS) framework and action plan to improve security and resilience of EU national infrastructures and services. Part of the task force ensuring that national eIDs work for cross-border public-service access in EU.

Société Générale (BRD) · VAUBAN

VAUBAN — IT PMO Head / IT Director, Banking Transformation

BRD Bank — Groupe Société Générale · Bucharest · May 2011 – Aug 2013 · Full-time

PMO effective operation, IT Strategic Planning and Banking Transformation Programme. Set-up Center for Secure Information Systems. Enterprise Architecture Strategy & Roadmap. Coordination with PMOs/CSICs in Croatia, France, Russia, Bulgaria, Moldova. New Core Banking — INFOSYS Finacle / Oracle Flexcube. Cards & alternative channels (Mobile/Internet Banking, WU@ATM, WU@POS, prepaid). 900+ servers, 550+ applications, 120+ audit recommendations closed (89%).

US$3.93M IT savings · US$2.88M vendor negotiations · US$63M budget · OPEX -44.2%

Cernavoda Nuclear Power Plant

Cernavoda NPP (Nuclearelectrica / SIVECO) — IT Advisor

Romania · Sep 2013 – Aug 2015 · 190 days

Restructured entire SMS system (BMC 8.5 → 9), new workflows. Reengineered processes for Change & Service Request, Unified Event Management with event correlation, Service Catalogue and Service Level Management. Cyber-security audit per NRC Title 10 §73.54, NRC RG 5.71, NEI 08-09, NEI 13-10, 10 CFR 73.54, NIST SP800-53/82, ISO 2700x. Audit of DCS, HMI, PLC, RTU, SCADA. 100% audit compliance achieved.

Romanian Immigration Office

Document Management & Portal System — Romanian Immigration

Romania · May 2013 – Aug 2013 · 69 days

SMC implementation based on IBM Tivoli Suite. EU Secret level — implications for information security and technical design (Approved products, certification, homologation). Solution design with Azure cloud, Microsoft 2008 Suite, MS SQL 2008. Custom software development (700 person-days). WEB Services / XML integration. Enterprise IBM servers, Enterprise SAN, LTO, LAN/WAN, CA IAM, PKI. Established small PMO.

eHealth Romania

IT Health System — ePrescription, ePatientFolder

Romania · Sep 2013 – Aug 2015 · 90–120 days

Solution design with Oracle WebLogic and DB 11g. Custom software development (700 person-days, Java). Integration via Web Services / XML. IBM Cloud, Mobile devices, VMware, Oracle Finance, BPM, IBM servers, Enterprise SAN, LTO, LAN/WAN, IAM Oracle, PKI, BCP. Data centre relocation. SAP NW Identity Management implementation. Center for Secure Information Systems with trained trainers. ISO 2700x compliance support. PMO setup.

Aug 2008 – Jul 2011

IBM — Senior IT Adviser / CoE Manager · EMEA CoE Defence & Security · CoE eGovernment

Bucharest, RO · Worldwide · up to 52 direct reports / 120 indirect

Lead the IBM EMEA Centre of Excellence for Defence & Security and Centre of Excellence for eGovernment / Digital Identity. Subject-matter expert for sovereign DPI rollouts.

Transfond · Romanian inter-banking

Transfond — electronic payment & inter-banking compensation

Romania · 2008 – 2011

IT system for electronic payment (T24, Murex, TI+) and inter-banking compensation. Process design and compliance with international mechanisms. Data protection. PCI-DSS & ISO 27001 certification. 30T transactions/day. 99.9998% availability.

IBM Data-Center · Tier 4

IBM Data-Center — Tier 4 (~8000 m²)

Romania · 2009 – 2011

Led from business case through Go Live: new IBM Data-Center (~8000 m², 99.995%/year). Defined and implemented business and operational processes. Service Catalogue, Budget management, SLA monitoring. Service-provider processes for PaaS, AaaS, SaaS, IaaS (cloud private, hybrid, public). ISO 27001/27002 risk assessment. PCI-DSS & ISO 2700x certification support.

SD consolidation: 45 small SD → 1 central · €500K/year saving

Multi-bank · Risk & Core Banking

ECB · EU · CE · ING · Citibank · JPM · Raiffeisen · Société Générale · CEC Bank

Multi-country · 2008 – 2011

IT Risk Analysis System (ISO 2700x). Solution design of new Core Banking. Cloud private/public PoC. Data centre relocation, HW/SW/MW/NW/SAN consolidation. Set-up Business Intelligence Competence Center (Data Architecture, Quality, Governance, BI & Executive Dashboard).

Raiffeisen Bank Romania

Raiffeisen — Risk & Card upgrade + CSIS

Romania · 2008 – 2011

Upgraded Risk Analysis System (Murex), Card System (Murex), RISC and x86 server infrastructure. Center for Secure Information Systems: SIEM, DB Security, ISMS & ISR, MDM, Managed Security Services. Process improvement (ITIL).

Romanian MIA · Cyber Security

Romanian Ministry of Internal Affairs — National Cyber Security

Romania · Oct 2008 – May 2011

Large-scale cyber-defence system (>€4M, EU funds). Unitary mechanism of reaction and response to security incidents. Risk reduction, knowledge, capabilities and decision mechanisms in the Romanian Government. 250 offices / 500,000 assets across the country. Service Management System (Tivoli Business Service Manager), SLA monitoring. ISO 2700x, NIST. http://www.natowatch.org/node/1532

>€4M (EU funds)

NDA
Romanian MIA · ePassport

Romanian Electronic Passport — sovereign programme

Romania · Aug 2008 – Nov 2010

Architecture + project management of large-scale system covering full ePassport lifecycle. Sensitive environment. Training for 500+ users. 4 main sites / 4 Tier-3 data centres, 45+ offices in Romania, 250+ offices worldwide. Business continuity. New business and operational processes. ISO 27001 risk assessment, audit, policy.

>€30M

DPI · Cadastre Romania

Romanian National Agency of Cadastre & Land Registration

Romania · 2008 – 2011

Roll-out of enterprise IT system (infrastructure, application, business processes) for cartographic products and Ortophotoplan coverage (GIS), cadastral plans, topographic plans for the entire country.

>€7M

EU + Romanian Min. Finance

Single Window — cross-border trade Romania / EU

EU + Romania · 2008 – 2011

European Commission and Romanian Ministry of Finance. Single Window application and infrastructure (design, project management, training, change management). Set-up Business Intelligence Competence Center.

>€2.3M (EU funds)

Universitatea de Vest Timișoara

IBM Blue Gene Supercomputer

Romania · 2008 – 2011

Only supercomputer of its size in Romania and one of 3 in Central / Eastern Europe at the time. 13.9 TFlops compute power: 1024 processors, 4096 cores, 4 TB RAM, 32 I/O nodes.

DPI · ePassport

National ePassport programmes (multi-country)

Romania · Moldova · Bulgaria · Slovenia · Poland · Spain · Hungary · Egypt · Nigeria · UAE · 2009 – 2011

Subject-matter expert for national biometric travel-document architecture, secure issuance chain, ICAO-compliant chip personalisation, PKI trust services, border-control integration.

Multi-country sovereign programmes

DPI · National eID

National eID and citizen identity (multi-country)

Romania · Moldova · Bulgaria · Croatia · Poland · Slovenia · Spain · Hungary · Egypt · Nigeria · UAE · 2009 – 2011

Sovereign citizen-identity platforms — authentication, credential issuance, national PKI integration. End-to-end Digital Public & Private Business — citizen onboarding and cross-border eID access (eIDAS interoperability).

Multi-country sovereign programmes

DPI · eHealth

National eHealth — patient registration & ePrescription

Romania · Moldova · Ukraine · Armenia · Georgia · Greece · 2009 – 2011

Patient registration, ePrescription, EHR exchange, identity-linked patient access, audit-ready clinical data flows.

DPI · Cadastre

Cadastre / land-registry digitalisation (multi-country)

Romania · Bulgaria · Moldova · Ukraine · Hungary · Russia · 2009 – 2011

Sovereign land-registry digitalisation — geospatial data integrity, registration workflows, judiciary and notary interoperability.

DPI · eJustice

eJustice Romania

Romania · 2009 – 2011

Citizen access to justice services based on digital identification.

DPI · National PKI

National PKI Romania

Romania · 2009 – 2011

Root and subordinate CAs, certificate lifecycle, trust anchors for sovereign identity and document services.

DPI · eNotar

eNotar — Bulgaria + Moldova

Bulgaria · Moldova · 2009 – 2011

Electronic notary services — identity-bound electronic signatures, document integrity, registry-of-acts interoperability.

EU · EURODAC + Asylum DB

EURODAC + Asylum DB

EU · 2009 – 2011 (advisory continuing)

Senior IT Adviser on EURODAC — fingerprint datasets to determine responsibility for examining asylum applications across EU States.

Telekom Romania (FwC)

Telekom Romania — NGN, MPLS, M2M, OSS/BSS upgrade

Romania · 2008 – 2011

Framework contract upgrade and extension of NGN, MPLS, M2M, OSS/BSS. Whole-system transformation. IT Security audit (ISO 27001).

FwC >€30M

IBM + Vodafone

IBM + Vodafone — M2M / Cloud & Virtualisation / IoT PoC

Worldwide · 2009 – 2011

Proof of concept for M2M system: private hosted virtualisation (VMware ESX / IBM POWER LPAR) and private cloud PoC (2010–2011), M2M connectivity, AaaS, BSS/OSS integration and transformation plan. Security architecture.

Public
IBM EMEA CoE · Defence & Security

IBM EMEA Center of Excellence — Defence & Security (internal CoE leadership)

IBM EMEA · Worldwide / Bucharest · 2008 – 2011

Led the IBM EMEA Center of Excellence for Defence and Security. Defined and managed business and technical requirements; architected / designed critical military systems; co-led development, verification and validation across 28+ IT upgrade / migration projects.

Key activities

  • Defined yearly IBM Portfolio across Technical Coherence, Digital Transformation and Cyber Defence
  • Performed TOGAF modelling, architecture and design across capability targets and interoperability requirements
  • Direct support of national / international / multi-national C2, C3, C5 activities
  • Collaborated with 146 national / international military and civilian organisations including 36 Centres of Excellence

Frameworks: TOGAF · COBIT · ITIL · PRINCE2 · RUP · ISO 900X · ISO 27K · ISO 31000 · NIST · C2I / C3I / C4ISR / C5I · VMware ESX/vSphere · IBM POWER LPAR · IBM z/VM · Hyper-V · Virtualisation architecture

28+ IT upgrade / migration projects · 146 orgs · 36 CoEs

IRIS · SNCFR · National Railway

IRIS — SNCFR National Railway Digital Transformation

Societatea Naţională a Căilor Ferate Române (SNCFR) · Romania · 2008 – 2011

Enterprise IT architecture for national railway digital transformation. Scope: safety-critical systems, passenger services, operations infrastructure, and IT/OT integration. Architecture definition, technology roadmap, and delivery oversight for one of Romania's largest state-owned transport enterprises.

IBM Romania national programme

Aug 2006 – Aug 2008

Freescale / Motorola — Program Manager

Bucharest, RO + Austin, TX · 31 direct / 110+ indirect reports

Motorola Center of Excellence for Cybersecurity (CoE-CS). Crypto-X and digital/biometric identity programs. CMM/CMMI Level III software process improvement. ISO 900X, Agile, PMI, Prince2, TOGAF, COBIT, ITIL, NIST, ISO 27xxx, CMMI, SDLC, DevOps.

Motorola CoE-CS

Motorola Center of Excellence for Cybersecurity (CoE-CS)

Worldwide · 2006 – 2008

Developed and led Motorola CoE-CS. Strategy and design of major systems initiatives around information security worldwide. Recognised as main pillar — invested in: US$18M (2006) and US$26M (2007). 35 experts directed; 23 new experts hired with 108 internationally recognised certifications.

US$18M (2006) + US$26M (2007)

Crypto-X · Biometric ID

Crypto-X program — digital / biometric identity & authorisation

Worldwide · 2006 – 2008

Established the Crypto-X programme and digital / biometric identity and authorisation initiatives. Coordinated Linux software developers across USA, Canada, Brazil, China, India, UK, France, Germany on cores, peripherals and device drivers (crypto devices, digital identification, IP Security protocols).

Application rationalisation · CSIS

Motorola estate cyber-rationalisation + CSIS

Worldwide · 2006 – 2008

Assessed >3,000 legacy applications, consolidated 839. Defined Motorola Cybersecurity policy and standards (zero-trust concept). Redesigned Internet Access Point and network topology (firmware rules, VPNs, router security, SSL). Established Center for Secure Information Systems (CSIS). Implemented Motorola's first internal/external cybersecurity audit and compliance program.

Oracle PeopleSoft · ERP

Oracle PeopleSoft — HRMS, FMS, SCM, CRM, EPM

Worldwide · 2006 – 2008

Implemented Oracle PeopleSoft (HRMS, Financial Management Solutions, SCM, CRM, Enterprise Performance Management) and Oracle ESB at organisational level.

US$45M budget executed

CMMI L3 · PMO

CMM/CMMI Level III + Motorola Romania PMO (120+ resources)

Bucharest · 2006 – 2008

Led CMM/CMMI software process improvement programme — achieved Level III. Set up local Motorola PMO (120+ resources) aligned with Freescale's PMO framework. Lean Six Sigma process improvement.

US$2.93M IT savings · 9.88% below budget

Sep 2002 – Sep 2006

Alcatel — Senior Architect / CoE-PM Manager

Timișoara · Paris · Bucharest · 45 direct / 144 indirect reports

(Co)Lead Alcatel Center of Excellence for Banking, Security & Intelligence + Regional Centre of Excellence for eGovernment. 27+ large-scale projects (US$98.84M total).

Romanian MIA · EURODAC

EURODAC — Romania (EU funds)

Romania · 2002 – 2006

EURODAC system — EU asylum-applicant identification via fingerprint datasets. Business-intelligence flows and implementation. EU Secret.

>€3M (EU funds)

Border Police

Border Protection integrated system

Romania · 2002 – 2006

Border Protection integrated system — radars, mobile surveillance, military equipment. OSS modernisation. EU Secret.

>€13M (EU funds)

Croatia · Ucka Tunnel

Ucka Tunnel — modernization of integrated electronic safety system

Croatia · 2002 – 2006

Croatia Ministry of Transportation — Ucka Tunnel modernization of integrated electronic safety system.

>€1M

Bulgaria · Corridor IV

Bulgarian Min. Transportation — Corridor IV GSM-R rail

Bulgaria · 2002 – 2006

New integrated telecom rail system (including GSM-R) on Corridor IV Pan European.

>€29M (EU funds)

Bulgaria · Min. Energy

Bulgarian Min. Energy — optical fibre + tele-transmission + CSIS

Bulgaria · 2002 – 2006

New optical fibre and tele-transmission system. Established a Center of Security Information Systems (ISO 2700x). Designed and executed audit on enterprise network, VPN and key applications. Automated continual auditing system/database.

>€3M (EU funds, FIDIC)

Romanian Min. Transportation

Black Sea + Danube surveillance

Romania · 2002 – 2006

Black Sea and Danube surveillance — CCTV, radars, telecom, special devices, GIS.

Metro Dubai · offer

Metro Dubai — telecom solution offer

UAE · 2002 – 2006

Prepared offer for Dubai Metro — telecom solution, risk identification/quantification/analysis, project estimation.

Teletrans Romania

Teletrans — integrated IP + PABX telecom system

Romania · 2002 – 2006

New integrated telecom system (IP, PABX). OSS/BSS integration and whole-system transformation.

>€3M (FIDIC)

Paris CDG Airport

Paris Charles de Gaulle Airport — Borderless Networks

France · 2002 – 2006

Borderless Networks infrastructure — routing, switching, network security, application delivery networking, Unified Computing System, Storage, Wireless, Security and Identity Services Engine.

Otopeni · Cluj · Cogalniceanu Airports

Romanian airports — telecom + IT security + SCADA

Romania · 2002 – 2006

Otopeni Airport — unified telecommunication, IT security, IP. Cluj Airport — SCADA, telecom, IT security; audit of DCS/HMI/PLC/RTU/SCADA. Cogalniceanu Airport — unified telecom, SCADA, audit of control systems.

Orange Romania

Orange Romania — backbone + GSM + OSS/BSS transformation

Romania · 2002 – 2006

Telecom system: backbone & GSM systems, OSS/BSS, whole-system transformation.

FwC >€40M

Telekom Romania

Telekom Romania — Borderless Networks + SAP IDM

Romania · 2002 – 2006

Borderless Networks infrastructure (routing, switching, network security, application delivery, UCS, Storage, Wireless, Security and Identity Services Engine, NGN, MPLS, PABX, M2M, OSS/BSS). SAP NLM and SAP NW Identity Management implementation. Cyber investigations, computer forensics, threat intelligence, vulnerability assessments and incident response.

FwC >€40M

Traumatology Network Hospitals

Traumatology Hospitals — IP + telemedicine PoC

Romania · 2002 – 2006

Telecom solution (IP) and telemedicine proof of concept across the network.

<€1M (EU funds)

AETS Kozloduy NPP

Kozloduy Nuclear Power Plant — SCADA + telecom audit

Bulgaria · 2002 – 2006

Audit and modernisation of SCADA and telecommunications systems. Process optimisation. Roadmap definition.

Cernavoda NPP (subcontractor)

Cernavoda NPP — telecom roadmap + IT security audit

Romania · 2002 – 2006

SIVECO subcontractor — audit and roadmap for telecommunication system. IT security audit. IT infrastructure and I&C system: DCS, HMI, PLC, RTU, SCADA.

OMV Petrom

OMV Petrom — Tier 3 data centre + DR

Romania · 2002 – 2006

New data centre (Tier 3), cyber security, business continuity and disaster-recovery data centre.

>€250K

DPI · ePassport

National ePassport — France · Germany · Morocco · South Africa

Multi-country · 2002 – 2006

Subject-matter expert for national biometric travel-document — secure issuance, PKI trust services.

>€32M

DPI · National eID

National eID and citizen identity (multi-country)

Romania · Moldova · Bulgaria · Croatia · Poland · France · Germany · Morocco · South Africa · 2002 – 2006

National eID and digital identity — sovereign citizen-identity platforms, authentication, credential issuance.

Multi-country sovereign programmes

DPI · DigiNotar Romania

DigiNotar — Romania

Romania · 2002 – 2006

DigiNotar — electronic notary trust services for Romania.

DPI · Civil registration

Civil registration — France · Romania · Germany · Morocco · South Africa

Multi-country · 2002 – 2006

Civil registration — births, marriages, deaths, identity-linked registry.

NDA — named in CV
Société Générale (Alcatel-era)

Société Générale — telecom & secure-banking network integration

Romania / EMEA · 2002 – 2006

Alcatel-era engagement with Groupe Société Générale: secure banking network integration, OSS/BSS modernisation and core-banking telecom infrastructure (predecessor to the later VAUBAN programme delivered as freelance 2011 – 2013).

Frameworks: ITIL v3 · COBIT · ISO 27001 · PCI DSS

NDA — named in CV
BCR (Banca Comercială Română)

BCR Bank — Alcatel-era core-banking & telecom network integration

Romania · 2002 – 2006

Alcatel-era BCR Bank engagement: core-banking telecom and network integration, secure-network projects across the European banking estate.

Frameworks: ITIL · ISO 27001 · PCI DSS · TOGAF

NDA — named in CV
BNR (Banca Națională a României)

BNR — National Bank of Romania — telecom & network

Romania · 2002 – 2006

Alcatel-era engagement with BNR (National Bank of Romania): telecom and secure-network integration for central-bank operations.

Frameworks: ITIL · ISO 27001 · TOGAF · Central-bank operational standards

NDA — named in CV
CEC Bank

CEC Bank — Alcatel-era telecom & network integration

Romania · 2002 – 2006

Alcatel-era CEC Bank engagement: telecom and secure-network integration for the Romanian state savings bank estate.

Frameworks: ITIL · ISO 27001 · TOGAF · PCI DSS

Public
Alcatel CoE · Defence / Security / Intel

Alcatel Center of Excellence — Defence, Security & Intelligence (internal CoE leadership)

Alcatel Romania · Timișoara · 2002 – 2006

(Co-)Led the Alcatel Center of Excellence for Defence, Security and Intelligence markets, with the Alcatel Romania Enterprise Architecture function. Defined the yearly Alcatel Romania Technical Portfolio across ICT Architecture, Digital Workplace, Digital Transformation and Cyber Defence.

Key activities

  • Aligned portfolio across Alcatel Information Enterprise; identified programmatic / technical touchpoints
  • Performed TOGAF modelling, architecture and design for completeness, consistency and clarity
  • Developed PoCs using hypothesis testing, MCDA, experimentation, wargaming and simulation
  • Collaborated with 46 national / international military and civilian organisations including 17 Centres of Excellence

Frameworks: TOGAF · COBIT · ITIL · PRINCE2 · PMI · ISO 900X · ISO 31000 · NIST · VMware ESX · Network virtualisation · VLAN · MPLS · SCADA

Aug 1996 – Sep 2002

Helinick SRL — Senior System Engineer / IT Director

Bucharest, RO · 5–14 direct reports

35 projects on time and on budget. Hands-on systems engineering, infrastructure and secure operations. Biometric / control-access projects (iris, fingerprint, face recognition, barcode/proxy cards).

Magurele Nuclear Lab

Magurele nuclear research lab — SCADA + biometric security + I&C

Romania · 1996 – 2002

SCADA system, biometric security systems, instrumentation & control.

Cernavoda NPP (UTI)

Cernavoda Nuclear Power Plant — biometric security

Romania · 1996 – 2002

Biometric security system for Cernavoda NPP (via UTI).

Banking · Citibank

Citibank — biometric security + Building Automation

Romania · 1996 – 2002

Biometric security systems and Building Automation System for Citibank.

Banking · BRD + BCR

BRD Bank · BCR Bank — security systems + BAS

Romania · 1996 – 2002

Security systems and Building Automation System for BRD Bank and BCR Bank.

Orange Romania

Orange Romania — security + site rehabilitation + data center

Romania · 1996 – 2002

Security systems, site rehabilitation, data centre.

Ericsson

Ericsson — security + I&C + telecom systems

Romania · 1996 – 2002

Security system, I&C installation, telecommunication systems.

Philip Morris

Philip Morris — SCADA + WMS + BAS + HVAC

Romania · 1996 – 2002

Security systems, warehouse management system, SCADA, Building Automation System, HVAC.

British American Tobacco

BAT — security + warehouse mgmt + BAS

Romania · 1996 – 2002

Security systems, warehouse management system, Building Automation System.

Sodexho · Selgros · Metro

Retail — Sodexho pass · Selgros · Metro

Romania · 1996 – 2002

Security systems and Building Automation System for retail clients Sodexho pass, Selgros and Metro.

Romanian airports

Baneasa · Henri Coanda · Tarom — airport security + BAS + PSS

Romania · 1996 – 2002

Security systems, Building Automation Systems, and PSS (Tarom) for Romanian airports and airline.

Romanian MoD + MIA

Romanian Ministry of Defence + Ministry of Internal Affairs

Romania · 1996 – 2002

Security systems, Building Automation System, PKI for the Ministry of Defence and Ministry of Internal Affairs.

Helinick — IT strategy + ERP

Helinick IT strategy, roadmap & ERP selection

Helinick · Bucharest · 1996 – 2002

Current-state assessment, IT strategy and roadmap. Evaluation and selection of new ERP. Reorganisation of Technical Services and Applications teams. Annual IT business plan and budget. System & networking administration. Database design (Windows / Linux / UNIX). Cyber investigations, computer forensics, vulnerability assessments and incident response.

US$200K+ Y1 OPEX savings · US$150M+ annual budget · 35 projects on time / on budget

References, certifications and recognitions available upon request. Engagement-confidential metrics and case-study detail available for qualified mandates. Contact for advisory mandates →