Azure Landing Zones
Designing and implementing robust, scalable foundations for enterprise clouds. Meeting strict governance requirements with structured organizational growth.
Martin Rylko
Senior Cloud Architect & DevOps Engineer
Building secure, enterprise-grade infrastructure on Microsoft Azure. From Enterprise Landing Zones through CI/CD pipelines to full Infrastructure-as-Code automation with AI-powered security.
14+ years of experience
20+ Azure projects
15+ happy clients
Ostrava, CZ · Remote EU
Core Expertise
Automation (IaC)
Bicep, Terraform, CI/CD pipelines in Azure DevOps. Eliminating manual work, zero human-factor errors and fast, repeatable production deployments.
Security & AI Compliance
Azure Sentinel, Cloud Security Posture Management, AI-driven threat detection and full adaptation of NIS2 and ISO 27001 security frameworks directly into cloud architecture.
Architecture Portfolio
Reference architectural solutions from real enterprise projects and case studies.
FinTech Sector
Microservices on Azure Kubernetes Service (AKS)
Complete re-architecture of a monolithic application into a containerized environment with full CI/CD integration and high availability across two regions.
Enterprise Security
Hub & Spoke Cloud Network Topology (NIS2+ Ready)
Building centrally audited networking with Azure Firewall, Next-Gen virtual appliances and WAF v3 for full NIS2 compliance.
Architect's Blog
Notes from production – Azure, IaC tips, AI in cloud and cloud security news.
NIS2 and Azure: A Practical Compliance Checklist for Architects
How to prepare your Azure environment for the NIS2 directive – concrete steps from Azure Policy through Defender for Cloud to logging and incident response.
#Azure#NIS2#Security
Read more Building an Azure Landing Zone with Bicep
A practical guide on how to effectively structure your Bicep code for deploying an enterprise-ready Azure Landing Zone (ALZ).
#Azure#Bicep#Landing Zone
Read more More articles coming soon
My Architecture Journey
From on-premises datacenters and Hyper-V clusters through enterprise cloud architecture to the freedom of Freelance consulting.
05/2024 – Present
Freelance Azure Architect
Freelancer / Consultant
Cloud Security, IaC automation and NIS2 compliance.
AzureTerraformKubernetesAI
06/2022 – 04/2024
Enterprise Landing Zone Architect
H&M Group
Enterprise Azure Landing Zones, VM migration and CI/CD at global scale.
AzureTerraformBicepAzure DevOps
01/2021 – 05/2022
Azure Service Architect
Tietoevry
Azure ARM templates, DevOps and datacenter transformation.
AzureARM TemplatesDockerPowerShell
10/2018 – 12/2020
Infrastructure Architect
Tieto Czech (OneCloud)
Software-Defined Datacenter, Hyper-V HA/DR clustering and PowerShell automation.
Hyper-VSDDCPowerShellS2D
02/2016 – 09/2018
IT Infrastructure Admin
Brembo Czech
60+ servers, Hyper-V clusters, Active Directory, Industry 4.0.
Hyper-VADSCCMWindows Server
What clients say
Testimonials from real projects – from FinTech startups to enterprise manufacturing.
“Martin designed our Azure Landing Zone from scratch. The result is a robust, secure environment that meets all our compliance requirements while saving costs.”
“NIS2 implementation through Azure Policy saved us months of auditing. Martin knew exactly what and where to configure without us having to read hundreds of pages of specs.”
“Martin's Bicep modules are so well written that we still use them today. The CI/CD pipeline he set up has been running for over a year without a single issue.”
Frequently Asked Questions
Common questions I get from companies considering cloud collaboration.
Have an Azure project?
Looking for an experienced architect for Landing Zone design, cloud security or a complete DevOps assessment? Reach out – I'd love to schedule a discovery call.