Cloud Adoption case 1:

As a sole transformation director, I dedicatedly managed & drove a full portfolio logistic enterprise digital transformation program.

It includes over 50 business applications (functionalities) from initiatives to the execution, Contract value is over $7M accumulatively. Transformed the IT infra from 100% on-premise into a cloud-first/agile-based platform. Saved 600k operation expense.

Phase 1: Migration & Modernization:

• Supply the LOE and project budgeting
• Azure landing zone setup, governance policy design against the planned apps lifecycle change
• Azure DevOps best practice adoption, primarily in adopting DevOps strategy• Azure DevOps best practice adoption, primarily in adopting DevOps strategy
• Azure Kubernetes Service enablement to containerize the business applications.
• Modernize the retail management system to integrate VLM and Pick to Light systems
• API consolidation & security enhancement
• M365 security enhancement. SharePoint migration & modernization
• Azure AD integration with existing ADDS

Phase 2: Optimize, Governance & Compliance:

• Quality plan & process enhancement for cloud resource provisioning.
• Security transformation (Endpoint protection, DLP consulting, SIEM & SOAR deployment)
• Setup the application onboarding automation program
• Tagging strategy development & implementation

Cloud Adoption case 2:

As the program manager & technical advisor, I lead a divinified solution team in APAC to migrate a Singapore MNC conglomerate on-premises workloads from three Singapore locations to the AWS Singapore region. It transformed over 60 apps, across 8 BUs. It saved over 10M annual IT budget as well as made the business more agile and improved 30% operation efficiency.

• The project begins with an Assess phase using the Cloudamize tool to perform data collection, application dependency mapping, and right-sizing analysis.

• Following assessment, a Target State Design establishes a multi-account AWS Landing Zone governed by AWS Control Tower, which utilises dedicated Organizational Units (OUs) for production, shared services, and security.

• Network connectivity is designed as a hybrid architecture incorporating AWS Direct Connect for primary traffic, Cato Networks for VPN and internet egress, and Palo Alto virtual firewalls for centralised traffic inspection.

• Workloads are migrated using seven distinct waves (Wave 0 to Wave 6), prioritised by business impact, application functionality, and technical complexity. The migration strategies employed include Rehost (lift and shift), Rebuild, Replatform (OS upgrades), and Rearchitect (serverless transformation).

• To ensure operational consistency, a detailed Server Build Instruction manual governs the creation of new instances, mandating OS hardening, domain joining, and the installation of security agents including Trend Micro, Crowdstrike, and Tanium.

Finally, the infrastructure includes a hybrid backup solution using Veritas NetBackup, which integrates on-premises and AWS environments with tiered storage in Amazon S3.

Business Transformation

Managed an over $2M contract value end to end Dynamic CRM 365 project delivery for an entertainment account. Migration from legacy CRM system into D365 system. Formed a more integrated Microsoft based enterprise administration and business application system.

• Wireframe the business process flow, performed fit-gap analysis, design the security models, assisted to configure the MS Dynamic Sales module.
• Managed the offshore team to deliver the non-functional components of this project.
• Collaborated with internal & external teams for integration & migration with other applications.
• Perform the Stakeholder management by facilitating the regular project steering committee cadences. Create/present the reports with visual dashboarding, monitoring key metrics, performing risk assessment, plan, analysis & mitigation.

Security Transformation

Acts as the pivot consulting role to lead a finance customer key initiatives security transformation projects. Transformed & upgraded its security architecture to improve its posture management to fulfill the modernized security and compliance standard by following ISO27001 standard.

• Establishing Security Standards, Procedures & Guidelines to meet the industrial compliance requirements. Conduct regular vulnerability management. Leveraging online knowledge portal to deliver Security Awareness & Training. Security Continuous Monitoring – Security Log Monitoring service. Business Impact Analysis (BIA) & Risk Assessment
• As a consulting Lead for a Beyond VPN program to gradually sunset legacy VPN systems. Design & delivery Security Transformation Program with segmentation & adaptive access control solution. Upgrading network architecture into SD-WAN and integrate SASE solution. Delivered XDR solution by using Microsoft Defender XDR.
• Microsoft Defender for endpoint solution consulting and project delivery for a conglomerate with integration of Managed Service SIEM platform – FortiSIEM, Vulnerability & Threat Intelligence (XDR, EDR alerts, log & event detection), assist the customer adopted DevSecOps practice.

China Project

As China LoA, I successfully setup and operate the data center, hosting services in China for a 11M revenue business.

• Manage the business initiative with leadership team for budgeting & on boarding the hosting business in China
• Setup the business cadences which covers P&L, Operations, Pricing, Procurement model in mainland China.
• Participated in the meetings with legal & finance team for budget booking & support the business plan for WOFE filing
• Established the pricing/re-selling model with local partners
• Product localization with product owners
• Account onboarding
• Explore and formalize the ICP requirement & license
• Standardize the process for colo/hosting service into the internal systems

.

China & Hong Kong Data Center setup & cost optimization:

Lead this business initiative & program independently from building up SH2 Shanghai Data Center in 2014 to drive over 200k MRR with 6 MNC accounts till optimizing the data center setup for SH2 & HK7 in 2019 and saved $1.6M for both data centers.

• Service POD setup to interconnect with US & EMEA regions hosting network.
• Landed 6 MNC accounts into the hosting platform with different private cloud solutions.
• Lead the regional initiative to scale down the hosting service to save the cost. Supply the business case creation by conducting rev/cost analysis to implementation.
• Contributes to $1.6M USD cost saving annually with both HK7 and SH2 data centers. Work closely with product, engineering, finance & sales leaders for both reviewing bookings, costings and the scaling down options of the infra.

SOC onboarding program:

Launch the 1st SOC product in APAC in 2017 to generate 50k MRR.

• Acted as a security consultant: Delivered an end-to-end self-developed ex-CenturyLink SIEM solution to a customer in education sector. Includes conducting workshops to understand the existing security gaps & vulnerabilities, SIEM portal setup, log collector, event forwarder setup, customer data source ingestion configuration, event schema mapping, parser configuration & tuning, Kibana visualization tool setup, event correlation (leads & clues), use case baseline & SOC onboarding.