Eugine Dsylva
Cloud Security Architect
Sydney, Australia · Open to remote / global
I design and build cloud security programs that hold — hands-on from architecture through delivery, for enterprises moving fast on AWS and Azure.
Cloud Security Architect across AWS, Azure, and hybrid environments — hands-on from architecture through delivery. Experience across enterprise infrastructure, network, and cloud security.
Six years focused entirely on cloud-native security at enterprise scale in Australia, with earlier work across regulated environments in the UAE and Qatar.
Current focus — CNAPP operationalisation and AI Security Posture Management.
What I deliver
servicesI step in as an independent technical partner — turning complex cloud security risk into automated, code-first protection your teams can operate at scale.
Secure-by-design multi-cloud architecture
I design and deploy scalable multi-account landing zones with automated policy-as-code guardrails, strict identity boundaries, and continuous CNAPP visibility — catching misconfigurations before they reach production.
Zero Trust network & edge architecture
I eliminate legacy high-risk network paths by engineering hub-and-spoke topologies, edge consolidation, and granular segmentation. From API gateway hardening and network security uplift to WAF enforcement — isolating threats and preventing lateral movement.
DevSecOps & pipeline security
I shift security left by embedding automated controls directly into CI/CD and GitOps pipelines — from IaC scanning and secrets management to container image hardening and full-spectrum application security testing. Compliance built in, not bolted on.
Outcomes
selectedDelivered across multi-year enterprise cyber transformation programs and government engagements in NSW.
Securing a lift-and-shift cloud estate from the ground up
Challenge
80+ AWS and Azure accounts, limited security visibility, no landing zone, no guardrails, no posture management baseline.
Outcome
Ran a full security assessment and crown jewel threat modelling exercise. Designed and delivered a Landing Zone architecture, automated cloud security guardrails, and continuous CNAPP visibility across the entire estate.
Zero Trust network & edge architecture at scale
Challenge
300+ public-facing web apps and APIs had no centralised ingress control, no edge consolidation, and no API gateway enforcement — leaving the core data estate exposed.
Outcome
Engineered a Zero Trust hub-and-spoke network topology, consolidated the edge, hardened API gateways, and centralised WAF enforcement — securing 300+ web apps without interrupting active delivery pipelines.
Eradicating configuration drift at pipeline level
Challenge
Rapidly expanding cloud footprint required compliance at scale. Manual reviews and late-stage audits were bottlenecking deployment speed and introducing configuration drift.
Outcome
Embedded IaC scanning, secrets management, and full-spectrum CNAPP controls directly into CI/CD and GitOps pipelines — engineering teams ship verified, compliant code to production with compliance built in, not bolted on.
Meet my Digital Twin.
A live demo of the project — an AI built to represent me across chat, voice, and scheduling. Ask it anything about my work, book time, or reach me directly.