About Me

Architecting AWS landing zones and scalable cloud platforms from the ground up

Vitale Mazo

Hello, I'm Vitale Mazo

I'm a Senior Cloud Platform Engineer with over 19 years of hands-on experience in enterprise IT, specializing in architecting AWS platforms and landing zones from the ground up. My focus is on building standardized, policy‑compliant cloud foundations using AWS Control Tower, Account Factory for Terraform (AFT), Service Catalog, CloudFormation, and Terraform.

I bring deep expertise in designing multi‑account AWS architectures, automating platform provisioning with CodeBuild and CodePipeline, and orchestrating hybrid environments across AWS, Azure, and GCP. I enable development teams to rapidly deliver value through self‑service infrastructure, GitOps workflows (FluxCD, ArgoCD), and robust governance with guardrails and observability built in.

I hold a Master's Degree in Network & Communications Management with a focus on Information Security, and a Bachelor of Science in Computer Science with a concentration in Computer Forensics.

Senior Cloud Platform Engineer Profile

Senior Cloud Platform Engineer with 19+ years across AWS, Azure, and GCP. Deep expertise in architecting AWS landing zones and platform foundations using Control Tower, Account Factory for Terraform (AFT), Service Catalog, and CloudFormation. Proficient in Kubernetes, Terraform (IaC), CodeBuild/CodePipeline, advanced network engineering, and distributed systems. I implement DevSecOps and SRE practices to deliver reliability, performance, and security in large‑scale hybrid/cloud platforms.

Core Competencies

AWS Landing Zones & Control Tower AWS Platform Engineering (AFT, Service Catalog) CloudFormation & CodeBuild/CodePipeline Cloud Architecture & Multi‑Cloud DevOps, GitOps & Platform Engineering Kubernetes & Container Platforms Terraform & Infrastructure as Code Zero Trust & Network Security SRE, Reliability & Observability Hybrid Migrations & DR/HA

Cloud & DevOps

AWSAzureGCPAWS Control TowerAWS Service CatalogAWS AFTCloudFormationAWS CodeBuildAWS CodePipelineDockerKubernetesTerraformOpenTofuArgo CDFlux CDHelmKustomizeHashiCorp VaultGitLab CI/CDGitHub ActionsJenkins

Networking & Security

Zero TrustVPNFirewallsIAMSecurity GroupsNetwork FirewallAWS Transit GatewayAWS Cloud WAN (Core Network)Azure Virtual WAN

Automation & Scripting

PythonBashAnsibleGitTerraformOpenTofuPacker

Infrastructure

VMware ESXiSANDR & HAHPC (GPU) ClustersColocation (Colo)Data Center Rack & StackNetBox (DCIM)AWS Direct ConnectAzure ExpressRoute

Compliance & Standards

SOC 2HIPAAPCI DSSFedRAMPNIST

Contact Information

vitalemazo@gmail.com

+1-718-790-1150

Austin, Texas, U.S.A

Languages

English Russian
Get In Touch Download Resume

Professional Experience

1

Sr Cloud Platform Engineer

COUNTRY Financial

Austin, TX • July 2023 — Present

Architect and deploy AWS landing zones using Control Tower, Account Factory for Terraform (AFT), and Service Catalog to provision standardized, policy‑compliant accounts at scale. Build multi‑cloud platform foundations (Azure/AWS) with Terraform, CloudFormation, and Kubernetes. Automate infrastructure pipelines via CodeBuild/CodePipeline and GitLab CI/CD, integrating DevSecOps with SRE best practices and zero‑trust networking.

  • Designed AWS landing zone architecture with Control Tower and AFT for multi‑account governance
  • Built Service Catalog portfolios and CloudFormation templates for self‑service provisioning
  • Automated platform pipelines using CodeBuild, CodePipeline, and GitLab CI/CD
  • Standardized Terraform modules and platform patterns across environments
  • Implemented shift‑left security, SRE observability baselines, and zero‑trust controls
2

Sr Cloud Platform Engineer

Bright Health

Austin, TX • January 2020 — June 2023

Built AWS platform foundations with CloudFormation and Terraform for healthcare analytics workloads. Designed multi‑account strategies using AWS Organizations and Service Catalog. Deployed Docker/Kubernetes microservices on EKS, automated CI/CD with CodeBuild and GitHub Actions, and modernized monoliths into containerized services.

  • Established AWS multi‑account governance with Organizations and CloudFormation StackSets
  • Automated infrastructure pipelines with Terraform, CodeBuild, and GitHub Actions
  • Delivered container platforms on EKS for healthcare analytics
  • Enabled advanced data ingestion and AI/ML pipelines (SageMaker, Azure ML)
3

Sr Cloud Platform Engineer

U.S. Department of Veterans Affairs

Austin, TX / Remote • April 2019 — August 2020

Architected secure AWS GovCloud landing zones and Azure.GOV platform foundations with CloudFormation, Terraform, and Jenkins for FedRAMP‑regulated workloads. Deployed HPC clusters to support AI‑driven modules and enhanced multi‑region failover with identity‑based security.

  • Designed AWS GovCloud landing zone patterns with CloudFormation and Terraform
  • Delivered FedRAMP/NIST‑aligned hybrid cloud platform architectures
  • Built HPC clusters to support AI workloads at scale
  • Reduced operational overhead via IaC and automated provisioning pipelines
4

Sr Systems Architect / Engineer

Novus Partners / SEI

New York, NY • March 2014 — March 2020

Implemented Docker/Kubernetes in AWS/Azure for high‑volume financial analytics. Orchestrated DR strategies with VMware ESXi and SAN replication. Provisioned HPC resources to accelerate risk analysis and historical analytics.

  • Production‑grade Kubernetes on AWS/Azure
  • VMware ESXi + SAN replication DR designs
  • Scaled big‑data workflows for analytics
  • Hardened multi‑cloud routing and continuity
5

Sr Network Infrastructure Administrator

National Bank of Kuwait (NBK)

New York, NY • November 2012 — March 2014

Deployed VMware ESXi, SAN storage, and advanced network security for datacenter consolidation. Implemented Cisco WAN/VPN/firewall policies to safeguard core banking apps; designed HA for critical workloads.

  • Datacenter consolidation with VMware ESXi & SAN
  • Cisco‑based WAN/VPN/firewall hardening
  • High‑availability blueprints for core banking
  • Hybrid datacenter/cloud platform enablement

Education & Certifications

Education

Master of Network & Communications Management

Graduate School of Management

2013

Information Security (Honors)

Bachelor of Computer Science

University of Computer Science

2012

Computer Systems Forensics (Summa cum laude)

Certifications

32 total across 9 vendors

Active

Microsoft Certified: DevOps Engineer Expert Microsoft · Expires Mar 2027
Microsoft Certified: Azure Developer Associate Microsoft · Expires Mar 2027
Microsoft Certified: Azure AI Engineer Associate Microsoft · Expires Jun 2027
Microsoft Certified: Cybersecurity Architect Expert Microsoft · Expires Nov 2026
Cisco Certified Network Associate Security (CCNA) Cisco · Expires Feb 2027
NVIDIA Certified Professional: Agentic AI NVIDIA · Expires N/A
Zscaler ZDTA 1K Zscaler · Expires N/A
Zero Trust Certified Associate (ZTCA) Zscaler · Expires Jan 2027

Previously Held

Microsoft Certified: Azure Solutions Architect Expert Microsoft
Microsoft Certified: Azure Security Engineer Associate Microsoft
Microsoft Certified: Azure Administrator Associate Microsoft
AWS Certified DevOps Engineer – Professional AWS
AWS Certified Security – Specialty AWS
AWS Certified Solutions Architect – Professional AWS

+ 10 more expired certifications

View All 32 Certifications →