Home About Certifications Experience Skills Education
Information Security Architect

Sanjeewa Fernando

CISSP · CISM · CRISC · AWS Pro · Azure Pro · TOGAF 10

Strategic and business-focused Security Architect with extensive experience designing enterprise-scale security architectures across global transformation programs including Data and AI. Trusted advisor to senior stakeholders across multi-cloud and highly regulated environments.

Get In Touch View Experience
Gloucester, UK British Citizen +44 7904 811 987 Credly Profile
About Me

Security by Design, Delivered at Scale

I am a Strategic Information Security Architect with a proven track record of designing and governing enterprise-scale security architectures across complex global transformation programs — including Data, AI, and cloud migrations.

My expertise spans Zero Trust architecture, cloud security (AWS, Azure, GCP), AI governance, and regulatory compliance across frameworks including NIST CSF, ISO 27001, GDPR, PCI-DSS, and SOC 2. I bridge the gap between technical security requirements and business strategy.

As a trusted advisor to executive leadership, I translate complex risk and security challenges into pragmatic, business-enabling solutions — across telecom, enterprise, and managed service environments spanning the UK and global markets.

17+
Years of Experience
10+
Certifications Held
5
Global Frameworks
3
Cloud Platforms
Credentials

Certifications & Qualifications

🛡️
CISSP
Certified Information Systems Security Professional · (ISC)²
🔗 Verify Credential
🔐
CISM
Certified Information Security Manager · ISACA
🔗 Verify Credential
⚠️
CRISC
Certified in Risk and Information Systems Control · ISACA
🔗 Verify Credential
☁️
AWS Solutions Architect – Professional
Amazon Web Services
🔗 Verify Credential
🔷
Azure Solutions Architect Expert
Microsoft Certified · Microsoft
🔗 Verify Credential
🏗️
TOGAF 10 Certified
Enterprise Architecture · The Open Group
🔗 Verify Credential
🤖
AAISM
Advanced in AI Security Management · ISACA
🔗 Verify Credential
💡
Microsoft AI Business Professional
Microsoft Certified · Microsoft
🔗 Verify Credential
🚀
Microsoft AI Transformation Leader
Microsoft Certified · Microsoft
🔗 Verify Credential
🔒
CompTIA Security+
CompTIA
🔗 Verify Credential
🌐
CCNA
Cisco Certified Network Associate · Cisco
🔗 Verify Credential
Career

Professional Experience

Security Solutions Architect
EPC Network Solutions – Client: Nokia
Sep 2019 – Present
  • Lead security architecture activities across complex enterprise and telecom transformation programs covering hybrid cloud, on-premise, and multi-cloud environments.
  • Assessed emerging AI and Generative AI security risks, providing guidance on secure adoption, governance, data protection, and risk mitigation strategies.
  • Design and review secure architecture solutions aligned with Zero Trust principles, secure-by-design methodologies, and enterprise security standards.
  • Define cybersecurity strategies, security roadmaps, and governance frameworks aligned to NIST CSF, ISO 27001, CIS Controls, and regulatory requirements.
  • Conduct security architecture assessments, threat modelling, and risk analysis to identify security gaps and reduce organizational attack surface.
  • Deliver cloud security architecture for AWS and Azure environments, including identity security, network segmentation, encryption, logging, and monitoring controls.
  • Collaborate with cross-functional engineering teams to embed security into CI/CD processes and transformation initiatives.
  • Contribute to pre-sales security strategy, solution shaping, and customer workshops for large-scale transformation engagements.
Principal Solutions Architect
BT (British Telecom)
Apr 2018 – Sep 2019
  • Designed and governed enterprise security architectures across cloud, hybrid, and on-premise environments for large-scale transformation programs.
  • Led secure cloud adoption initiatives across AWS and Azure, embedding security controls and compliance requirements into architecture design.
  • Developed security governance standards, architectural principles, and risk management frameworks aligned with enterprise and regulatory requirements.
  • Worked closely with executive stakeholders to align cybersecurity strategy with operational and business objectives.
  • Conducted architecture reviews and security assessments to ensure resilience, scalability, and compliance across complex environments.
  • Supported enterprise architecture planning and transformation roadmaps using TOGAF-aligned methodologies.
Senior Solutions Architect – E2E
Three UK
Apr 2016 – Apr 2018
  • Led projects covering Network and IT while responsible for producing E2E security architecture and overseeing delivery from requirement capture through to operational handover.
  • Managed cross-functional teams on assigned projects as E2E Architect.
  • Led the solution design process including requirements gathering, producing HLD and LLD documentation.

Earlier Roles

Principal Architect
UK Broadband, UK
Jan 2014 – Mar 2016
Network Solutions Consultant
EE, UK
Nov 2011 – Dec 2013
Solution Manager
Telco Arena, UK
Jan 2009 – Oct 2011
Design Engineer
Various Companies, UK
Nov 2006 – Jan 2009
Expertise

Technical Skills & Expertise

🏛️Strategy & Governance
Cyber Security Strategy Security Governance Risk Management Security Roadmaps Executive Engagement
☁️Cloud Security
AWS Security Azure Security GCP Multi-Cloud Architecture Cloud IAM
📋Compliance Frameworks
NIST CSF NIST AI RMF ISO 27001 CIS Controls GDPR PCI-DSS SOC 2
🤖AI Security
AI Governance AI Risk & Compliance Generative AI Risk Data Protection in AI Secure AI Adoption
🔐Identity & Access
Zero Trust IAM Privileged Access Network Segmentation Identity Security
🔍Security Assurance
Threat Modelling Security Reviews OWASP Top 10 Penetration Testing Third-Party Risk RFP / Bid Support
Education

Academic Background

🎓
Bachelor of Science (BSc)
Electronics and Telecommunication Engineering
Foundation for a 17+ year career spanning network engineering, solutions architecture, and cybersecurity leadership across UK's leading telecoms and enterprise organisations.