Skip to main content
Shivan Malde | DevOps Manager and Platform Engineer

Services

DevOps consulting for organisations that need infrastructure expertise without a full-time hire.

Specialising in Infrastructure as Code, Enterprise-scale CI/CD, and AI-Enablement, delivered asynchronously through structured sprints with full documentation.

Let’s discuss your infrastructure needs and create a roadmap to production-ready systems. No billable implementation without discovery. Every engagement starts with a thorough technical assessment.


Contact Me

Assessment Services
#

Short, fixed-scope engagements that give you a clear picture of where you stand and a prioritised roadmap, without committing to a full implementation project.

Fixed Scope

ISO 27001 Readiness Assessment

Know exactly where you stand before the auditors arrive

I conduct a structured gap analysis of your current controls against ISO 27001 Annex A and deliver a prioritised roadmap your team can act on immediately.

Key Deliverables:

  • Current controls assessment against ISO 27001 Annex A
  • Risk register baseline
  • Prioritised remediation roadmap
  • Auditor-ready gap report

Ideal For: SaaS companies preparing for ISO 27001 Stage 1 audit or pursuing certification for the first time

Fixed Scope

DevOps Platform Health Check

Find out what's holding your team back before investing in a fix

I audit your existing pipelines, infrastructure, and deployment processes and score them against best-practice benchmarks.

Key Deliverables:

  • CI/CD pipeline & branching strategy review
  • IaC state & drift assessment
  • Secrets management & security posture review
  • Scored report with prioritised recommendations

Ideal For: Teams who want to understand their infrastructure gaps before committing to a larger engagement

Fixed Scope

AI Governance Assessment

Prove your AI tooling is safe, auditable, and under control

I review your engineering team’s AI tool usage against ISO 42001 controls and deliver the policy documentation to satisfy stakeholders and certifiers.

Key Deliverables:

  • AI tooling inventory & data risk review
  • Policy pack: acceptable use, data classification, incident response
  • ISO 42001 control gap analysis
  • Auditor-ready documentation

Ideal For: Engineering teams using AI coding tools who need board-level confidence or audit readiness

Implementation Services
#

Longer engagements for teams ready to act on their gaps. Every implementation project begins with a scoping sprint before any production code is written.

Discovery Included

CI/CD Pipeline Architecture

Stop crossing your fingers every time you deploy

I design pipelines that integrate security, testing, and deployment logic into a single source of truth.

Key Deliverables:

  • SDLC Audit & Branching Strategy
  • Automated Security Scanning
  • Production Promotion & Rollback Logic
  • Self-service deployment capabilities

Ideal For: Teams shipping frequently who need confidence in their releases

Discovery Included

IaC Migration & Hardening

Prove your infrastructure is in a known state - to auditors and yourself

I migrate your legacy cloud footprint to versioned, modular Terraform or OpenTofu code.

Key Deliverables:

  • Cloud Asset Inventory & Drift Analysis
  • Modular Multi-Environment Design
  • Automated State Management & Recovery
  • Policy-as-Code guardrails

Ideal For: Teams with manual infrastructure processes or compliance requirements

Discovery Included

AI Development Infrastructure

Adopt AI coding tools without introducing security or compliance risk

I design and implement the infrastructure, guardrails, and processes that let your engineering team use AI tooling safely; with the audit trail to prove it to stakeholders and certifiers.

Key Deliverables:

  • AI tooling deployment and configuration (Claude Code, OpenCode, or equivalent)
  • Cloud-based model infrastructure on Azure or AWS
  • Security policy and access controls for AI tool usage, aligned to ISO 42001
  • Integration with existing code analysis and security infrastructure

Ideal For: Engineering teams who want to adopt AI tooling but need security or compliance requirements met first

What You Get
#

  1. Deliverables

    Every project includes:

    • Technical roadmap document with phased implementation plan
    • Comprehensive documentation and runbooks for your team
    • Team training session to ensure knowledge transfer
    • Post-handoff support for a smooth transition

How It Works
#

  1. Week 1

    The Scoping Sprint

    Discovery Phase

    We start with a thorough audit of your current infrastructure and configuration. I provide a Technical Roadmap before a single line of production code is written.

    This includes:

    • Current architecture assessment
    • Gap analysis & risk identification
    • Technology stack review
    • Strategic implementation plan

  2. Weeks 2-12

    Execution & Automation

    Implementation Phase

    I build the Terraform modules or CI/CD pipelines asynchronously. You receive daily logs and video walkthroughs of the architectural changes, progressing at a pace that fits around your team without disruption.

    This phase ensures:

    • Incremental deliverables with full documentation
    • Knowledge transfer sessions
    • Production-ready code with testing
    • Runbook handover

Frequently Asked Questions
#

How long does a typical engagement take?
Most projects complete within 8-16 weeks, depending on scope and complexity. The discovery phase typically takes 1-2 weeks, followed by 7-14 weeks for implementation delivered asynchronously to minimise disruption to your team.
What happens after implementation?
Post-implementation support includes documentation, team training, and optional ongoing maintenance to ensure your team is fully self-sufficient.
Do you work with specific cloud providers?
I specialise in Azure and AWS, but have experience with multi-cloud strategies including GCP and hybrid environments.
What size organisations do you work with?
I am experienced in all sized companies from startup to enterprise, though my main focus is growing SaaS companies (20-200 employees) who need DevOps expertise to support their growth; particularly those preparing for or navigating security certifications like ISO 27001.
Can you help with existing infrastructure?
Absolutely. The discovery phase is designed to assess what you have and recommend either evolution or strategic migration paths.
What's included in the discovery phase?
The discovery phase includes a comprehensive audit of your current infrastructure and configuration, gap analysis, risk identification, and a detailed technical roadmap with recommendations.

Ready to Modernise?
#

Let’s discuss your infrastructure needs and create a roadmap to production-ready systems.


Start Intake Form