Ziaur Maktadir

I am a senior security and platform engineering specialist with over 20 years of experience designing, securing, and operating large-scale technology platforms across financial services, payments, insurance, and regulated enterprise environments. My career spans the evolution from traditional on-premise infrastructure to modern cloud-native, SaaS, and AI-driven platforms, giving me a deep understanding of both foundational engineering principles and contemporary cloud security challenges.

My core strength lies in cloud and SaaS security engineering, embedding security as an enabling capability rather than a control barrier. I design and implement security architectures that prioritise resilience, scalability, automation, and regulatory alignment, with hands-on delivery across AWS, GCP, Azure, hybrid estates, and private cloud platforms. I have led the secure build-out of multi-tenant SaaS services, API platforms, and data-intensive systems, ensuring strong identity boundaries, cryptographic protection, and continuous compliance.

I am highly experienced in DevSecOps, integrating policy-as-code, CI/CD security controls, infrastructure-as-code, and automated remediation into engineering workflows. I routinely work with Kubernetes, microservices, and container platforms, embedding security into delivery pipelines without slowing product velocity. My background includes deep expertise in cryptography and key management (HSMs, PKI, KMS, certificate lifecycle automation, post-quantum readiness), as well as vulnerability management, threat modelling, and incident response.

A significant part of my work has focused on data platforms and AI/ML environments, including the design and operation of secure private-cloud and NVIDIA DGX-based AI platforms using OpenStack and Kubernetes. I have supported data science and analytics teams through secure, SaaS-style internal platforms built on OpenShift, Kubeflow, Spark, and Jupyter, applying Zero Trust principles, strong observability, and workload isolation.

I am equally comfortable operating at strategic and hands-on levels, from defining security roadmaps, reference architectures, and compliance strategies (SOC 2, ISO 27001, PCI DSS, GDPR, DORA, NIST), to writing automation code and troubleshooting complex production issues. I am known for introducing structure and security maturity into fast-moving environments, translating risk into engineering decisions, and building platforms that customers and regulators can trust.

Above all, I specialise in making secure cloud and SaaS platforms work at scale, enabling innovation while maintaining confidence, compliance, and operational excellence.