Ryan Williamson

• Senior technical lead providing Azure DevOps and platform engineering in support of Deloitte's Tax business for the firm's suite of applications used to serve clients at scale.
• Own Azure CI/CD pipelines, infrastructure-as-code (Bicep, ARM, Terraform), and release engineering practices keeping mission-critical tax applications running reliably and securely.
• Provision and manage Azure environments end-to-end — resource group design, networking (NSGs, private endpoints), identity through Entra ID and RBAC, and platform observability.
• Embed DevSecOps controls — secret scanning, policy-as-code with Azure Policy, least-privilege RBAC, secrets management via Key Vault, and security gates — directly into Azure DevOps and GitHub Actions pipelines.
• Partner with developers and operations to align Azure platform strategy with delivery velocity, scaling infrastructure alongside increasingly demanding compliance workloads.
• Operate under Deloitte's rigorous standards for client data integrity and regulatory compliance, treating security and governance as first-class engineering concerns rather than late-stage afterthoughts.

• Served as senior technical lead on the iCMS POP DevOps team (6–15 engineers), driving Azure adoption, platform automation, and reliability across the team's portfolio of supported workloads.
• Core contributor to a multi-year data center migration moving Deloitte's on-premises infrastructure to a multi-cloud footprint across Azure, AWS, and GCP, including workload assessment, network and identity planning, lift-and-shift execution, and post-migration optimization.
• Shifted the team from traditional sysadmin operations to a cloud-first, automation-driven model — replacing manual server provisioning, patching, and configuration management with PowerShell, ARM/Bicep, and Azure DevOps pipelines.
• Designed and operated Azure environments at scale — hundreds of subscriptions — including resource group strategy, network segmentation with NSGs and private endpoints, and identity via Entra ID and RBAC.
• Implemented production observability with Dynatrace and Azure Monitor, giving the team end-to-end visibility into application performance and infrastructure health across cloud and on-prem workloads during the migration.
• Partnered with security and compliance teams to apply DevSecOps controls — IAM, threat and vulnerability management, Key Vault-backed secrets, Azure Policy, and least-privilege RBAC — across new cloud workloads.
• Designed for resilience: high availability architecture across availability zones, automated patch management, and documented disaster recovery procedures for cloud-resident workloads.
• Practiced SRE fundamentals — incident management, blameless post-mortems, and root-cause-driven remediation — reducing repeat incidents through systemic fixes rather than tactical patches.
• Mentored junior systems administrators on Azure, PowerShell, and migration tooling, raising the team's overall cloud fluency in parallel with the data center exit.

• Administered Windows Server, Active Directory, and supporting infrastructure for the iCMS POP DevOps team's portfolio, ensuring high availability for the platforms the team supported.
• Maintained core platform services — DNS, Group Policy, file and print services, monitoring, and backup — across geographically distributed environments.
• Built PowerShell automation for routine operational tasks (user provisioning, server build-outs, patch deployment, health checks), eliminating significant manual toil and standardizing previously ad-hoc workflows.
• Contributed to early cloud-adoption efforts on the team — initial Azure IaaS workloads, hybrid networking, Entra ID integration — laying the groundwork for the full multi-cloud migration that followed.
• Owned incident response and change management for production systems, with hands-on involvement in critical-period readiness for client deliverables and regulatory deadlines.
• Collaborated with networking, application, and service-desk teams to triage cross-functional issues, often serving as the connective tissue that turned ambiguous incidents into clear remediation plans.
• Promoted to Lead Systems Administrator in 2022 in recognition of expanding scope, platform ownership, and technical leadership.

This resume. Static site on Azure Static Web Apps, Python Azure Function backed by Cosmos DB serverless, Bicep IaC, GitHub Actions CI/CD with gated tests, custom domain with DigiCert-issued SSL via Namecheap DNS. Deployed end-to-end at zero monthly cost.