Cloud Consulting by Robert Habrman

Azure Solutions Architect Expert & DevOps Engineer Expert

Microsoft-certified cloud architect and DevOps engineer delivering enterprise Azure solutions. Specializing in architecture design, DevOps practices, governance, security, and modernization with proven outcomes across global enterprises.

Get in Touch View Certifications

Services

Expert Azure solutions grounded in Microsoft certifications and real-world delivery

Azure Solutions Architecture

Enterprise-grade Azure architecture aligned with the Well-Architected Framework: reliability, security, performance, cost optimization, and operational excellence. Expert-level solution design covering compute, networking, storage, security, and business continuity.

Design identity, governance, and monitoring solutions
Design data storage and business continuity solutions
Design infrastructure strategy and compute solutions
Design secure networking and connectivity solutions
Network and infrastructure patterns (Hub-and-Spoke, Landing Zones)
Azure Well-Architected Framework implementation

Azure Administration & Management

Comprehensive Azure administration across identities, governance, storage, compute and networking. Associate-level administration expertise for implementing, managing, and monitoring Azure environments and core services.

Manage Azure identities and governance (RBAC, Microsoft Entra ID)
Implement and manage Azure storage solutions
Deploy and manage Azure compute resources (VMs, VMSS, App Services, Containers)
Configure and manage virtual networking and connectivity
Monitor and maintain Azure resources and services
Backup and disaster recovery implementation

Cloud Migration & Modernization

Strategy, assessment and execution from on-premises to Azure. Hybrid integration and application modernization with zero/minimal downtime approaches.

Application and infrastructure assessment
Migration strategy and planning
On-premises to Azure migration
Hybrid connectivity patterns
Application modernization
Zero-downtime cutover where feasible

Security & Compliance

Identity, network security and data protection aligned with industry standards and Microsoft best practices.

Microsoft Entra ID deployment and governance
Role-Based Access Control (RBAC)
Network security and segmentation
Microsoft Defender for Cloud configuration
Compliance frameworks implementation
Security monitoring and incident response

Monitoring & Optimization

Azure Monitor, Application Insights and Log Analytics with proactive optimization and cost control.

Azure Monitor implementation
Application Insights integration
Log Analytics workspace design
Performance optimization
Cost analysis and optimization
Automated alerting and remediation

Network Architecture

Scalable, secure network topologies for enterprise Azure: Virtual Networks, hybrid connectivity and network security.

Virtual Network (VNet) design and implementation
Hub-and-Spoke topology
Azure Virtual WAN (vWAN) and SD-WAN integration
VPN and ExpressRoute connectivity
NSG and ASG segmentation
Azure Firewall and DDoS Protection

DevOps Engineering & CI/CD

Expert-level DevOps practices and processes: continuous integration, continuous delivery, infrastructure automation, and application lifecycle management on Azure. End-to-end DevOps transformation aligned with Microsoft best practices.

Design and implement DevOps processes and practices
Implement continuous integration (CI) pipelines
Implement continuous delivery (CD) and deployment automation
Implement dependency management and artifact management
Implement application infrastructure automation (IaC)
Implement continuous feedback and monitoring

Project Portfolio

Enterprise cloud transformation and infrastructure delivery

DevOps & Infrastructure Engineer

Škoda Auto - AEM Platform Team

Czech Republic

14 months

Key member of the AEM Platform team driving Infrastructure as Code, Azure DevOps pipelines and Terraform for reliable multi-environment deployments.

Key Achievements:

Fully automated IaC pipeline with Terraform + Azure DevOps
Standardised release process cutting deployment time by 60%
Organisation-wide IaC best practices and code standards
Mentored 3+ dev teams on cloud adoption

Technologies & Tools:

Azure DevOps Terraform AEM Platform IaC Release Management Azure

Azure Solutions Architect

Pluxee - Greenfield Azure Environment

Czech Republic

40 months

Designed and implemented enterprise Landing Zones per Microsoft CAF with governance, security and networking guardrails from scratch.

Key Achievements:

Built complete Azure environment following CAF
Production-ready Landing Zones with guardrails
Assessed & migrated 15+ on-prem apps
Subscription model, naming and tagging strategy
Hub-and-Spoke topology with secure connectivity
Architecture documentation and runbooks

Technologies & Tools:

Azure Microsoft CAF Landing Zones Move2Cloud Solutions Architecture App Assessment Azure Governance

DevOps & Azure Engineer

Eurowag - Cloud Infrastructure

Czech Republic

7 months

Delivered Terraform-based IaC, Azure DevOps pipelines, and Logic Apps integrations. Implemented GitOps for Kubernetes via Terraform and Helm.

Key Achievements:

Automated provisioning reduced deploy time from hours to minutes
Logic Apps integrations connecting 10+ enterprise systems
Automated Data Refresh pipeline for 500GB+ across environments
GitOps for Kubernetes with Terraform & Helm
85% fewer manual interventions via automation

Technologies & Tools:

Terraform Azure DevOps Logic Apps Kubernetes Helm PowerShell Bash Data Pipeline

DevOps & Infrastructure Architect

Vodafone Czech Republic - Test Automation

Czech Republic

14 months

Architected containerized test automation platform (Docker Swarm + Selenoid) with HA, monitoring and centralized logging.

Key Achievements:

100+ parallel browser sessions
HA Docker Swarm with automatic failover
Monitoring: 50+ dashboards, 200+ alerts
Centralised logging 10GB+/day with retention
99.9% uptime using load balancing and redundancy
70% faster test execution via parallelism

Technologies & Tools:

Docker Swarm Selenoid Jenkins Prometheus Grafana ELK Stack HAPROXY Traefik Portainer

Azure Architect

RWS Moravia IT - Journey to Cloud

Czech Republic

6 months

Led CAF-based transformation; implemented Azure Virtual WAN, Hub-and-Spoke topology and multi-region Landing Zones approved by Microsoft.

Key Achievements:

Strategic cloud transformation per Microsoft CAF
Multi-region architecture across 3 geographies
Azure Virtual WAN with SD-WAN integration
Hub-and-Spoke topology with 50+ spokes
Design of networks, DNS and AD services
Comprehensive network segmentation
Service design and replication strategies
All designs approved by Microsoft

Technologies & Tools:

Microsoft CAF Landing Zones SD-WAN Azure Virtual WAN Hub-and-Spoke Multi-Region Network Segmentation DNS & AD Service Replication

Infrastructure Architect & Team Leader

Notino - Private Cloud & Digital Commerce

Brno, Czech Republic

4 yr 1 mos

Directed private cloud and omnichannel infrastructure evolution. Delivered HA architectures, unified monitoring and SDN-ready networks while leading the infra team.

Key Achievements:

Designed hyper-converged private cloud on Hyper-V & VMware with System Center automation
Delivered HA 3-tier commerce platform with F5 BIG-IP WAF and AlwaysOn SQL clusters
Rolled out SDN-ready network across 10 sites including Palo Alto NGFW
Led migration runbooks preparing workloads for Azure adoption
3-layer network design (core, distribution, access) across 10 locations
VLAN and ACL definition across offices, branches and warehouses
MS RDS and VMware Horizon for user access to applications
Storage management: Dell Compellent, Dell EqualLogic, HITACHI HUS
Palo Alto Next Generation firewall: zones, ACL, firewall rules, VPN tunnels
Infrastructure operation and monitoring across 10 locations
Service deployment and source control management
Infrastructure stabilization and improvement

Technologies & Tools:

Hyper-V & System Center VMware F5 BIG-IP Palo Alto NGFW Azure PowerShell Terraform Dell & Hitachi Storage MS RDS VMware Horizon HP Switches Dell Compellent / EqualLogic HITACHI HUS

DevOps & Infrastructure Architect

Phonexia - Voice Biometrics Platform

Czech Republic

2 yr 7 mos

Architected Docker-based infrastructure for voice biometrics; multi-tier stacks from monoliths to scalable microservices with extensive monitoring.

Key Achievements:

Infrastructure serving millions of authentications
Auto-scaling Docker stacks
HA database clusters with 99.99% SLA
100+ custom dashboards
Multi-tier Docker stacks: monolithic to scalable microservices
HA with HAPROXY load balancers and Traefik reverse proxy
Portainer for container management and orchestration
GitLab CI orchestration with Packer, Vault, Nexus, Terraform
Multi-cloud: AWS, Azure, Cloudstack, vmWare, Virtual Box
Customer deployment and integration support

Technologies & Tools:

Docker Voice Processing Prometheus Grafana PostgreSQL / MySQL / Redis GitLab CI HAPROXY Traefik Portainer Packer Vault Nexus Cloudstack / vmWare

DevOps Strategy Architect

Garrett Advancing Motion - DevOps Transformation

Czech Republic

3 months

Defined end-to-end DevOps strategy, toolchain and CI/CD architecture. Implemented AWS-native CI/CD pipeline and IaC with CloudFormation.

Key Achievements:

Organisation-wide DevOps strategy adopted
Fully automated AWS-native CI/CD pipeline
Quality gates reduced defects by 60%
Infrastructure as Code with CloudFormation
AWS Lambda integration for Bitbucket source code pull
CI/CD pipeline with testing points (without gate check)
Deploy time reduced from hours to minutes

Technologies & Tools:

AWS CodePipeline AWS CodeDeploy TeamCity CloudFormation AWS Lambda Bitbucket DevOps Toolchain

Cloud Infrastructure Architect & Team Lead

Oriflame Software - Azure Transformation

Czech Republic

3 yr 2 mos

Led team of 8 engineers; implemented RBAC governance, standardised ARM/Bicep templates, introduced Terraform IaC and global WAF footprint.

Key Achievements:

Led 8-member infra team through Azure transformation
Migrated 200+ resources ASM→ARM with zero downtime
Deployed F5 BIG-IP WAF in HA across 4 Azure regions
Terraform IaC reduced provisioning time by 75%
ASM to ARM transformation - all resources without service disturbance
F5 BIG-IP WAF HA pairs in 4 Azure regions + regional datacenters (RU, HKG, CZ, DE)
Configuration Management: in-house solution to Terraform and Azure DSC
Identity management: AD transformation to role-based system
Auto-scaling system based on monitoring
CI/CD pipeline improvements: XebiaLabs orchestration, SonarQube, Selenium, Jmeter
SiteCore CMS management across 3 Azure locations (SCUS, WE, EA)

Technologies & Tools:

ARM Templates / Bicep RBAC F5 BIG-IP Terraform Docker Azure DSC XebiaLabs SiteCore CMS SonarQube Selenium / Jmeter Team Lead

Server Administrator & Network Engineer

NetDirect - Infrastructure Foundation

Czech Republic

5 yr 5 mos

Provided end-to-end infrastructure services: design, deployment and monitoring of physical/virtual servers, networks and databases with automation.

Key Achievements:

Managed 100+ servers in production
Network designs supporting business growth
Design, installation, deployment and monitoring of physical and virtual servers
Network design, switch installation and configuration, network flow monitoring
Database administration and deployment
PowerShell scripting and .NET programming

Technologies & Tools:

Windows Server Virtualization Network Infrastructure PowerShell

Technical Expertise

Microsoft-certified expert: Azure Solutions Architect Expert, DevOps Engineer Expert, and Azure Administrator Associate with comprehensive cloud, infrastructure, and DevOps skills

Azure Solutions Architecture

Design identity, governance, and monitoring solutions
Design data storage and business continuity solutions
Design infrastructure strategy and compute solutions
Design secure networking and connectivity solutions
Infrastructure patterns and Landing Zones
Well-Architected Framework principles
Cost optimization and operations design

Azure Administration

Manage Azure identities and governance (RBAC, Microsoft Entra ID)
Implement and manage Azure storage solutions
Deploy and manage Azure compute resources
Configure and manage virtual networking
Monitor and maintain Azure resources
Backup and disaster recovery implementation
Azure Policy + Template Specs & Deployment Stacks

Cloud Platforms & Services

Microsoft Azure (Expert)
Azure VMs and Scale Sets
Azure App Service and Functions
Azure Storage (Blob, File, Queue, Table)
Azure VNets and VPN
AWS (CodePipeline, Lambda, CloudFormation)

Security & Identity

Microsoft Entra ID (formerly Azure AD)
Role-Based Access Control (RBAC)
Microsoft Defender for Cloud
Network Security Groups (NSG)
Azure Firewall and DDoS Protection
Identity and access management

Monitoring & Management

Azure Monitor and Log Analytics
Application Insights
Azure Automation and Runbooks
Azure Backup and Site Recovery
Cost management and optimization
Resource tagging and organisation

Networking

Virtual Networks (VNet) and subnets
Hub-and-Spoke topology
Azure Virtual WAN and SD-WAN
VPN Gateway and ExpressRoute
Load Balancer and Application Gateway
Peering and routing

DevOps & Automation

Design and implement DevOps processes and practices
Implement continuous integration (CI) pipelines
Implement continuous delivery (CD) and deployment automation
Implement dependency management and artifact management
Implement application infrastructure automation (IaC)
Implement continuous feedback and monitoring
Azure DevOps Pipelines and GitHub Actions
Infrastructure as Code: ARM/Bicep, Terraform, Template Specs
PowerShell, Azure CLI, and automation scripting

Migration & Modernization

Azure Migrate assessment
Cloud Adoption Framework (CAF)
Landing zone design
Application modernization
Hybrid cloud architecture
Migration strategy planning

Data & Storage

Azure SQL Database
Cosmos DB
Storage accounts and management
Data redundancy and replication
Backup and recovery strategies
Data lifecycle management

Architecture Frameworks

Microsoft Cloud Adoption Framework
Azure Well-Architected Framework
Azure Landing Zones
Enterprise-scale architecture
Governance and compliance
Best practices implementation

Certifications

Validated expertise in Azure architecture, DevOps engineering, and administration

Microsoft Certified: Azure Solutions Architect Expert

Microsoft

Expert Level

Expert-level certification validating advanced skills in designing and implementing solutions on Microsoft Azure across compute, networking, storage and security.

📋 Key Competencies:

Design identity, governance and monitoring
Design data storage and business continuity
Design infrastructure and compute
Secure networking and connectivity
Well-Architected principles
Cost optimization and operations

Microsoft Certified: DevOps Engineer Expert

Microsoft

Expert Level

Expert-level certification validating advanced skills in designing and implementing DevOps practices and processes on Microsoft Azure. Covers continuous integration, continuous delivery, infrastructure automation, and application lifecycle management.

📋 Key Competencies:

Design and implement DevOps processes and practices
Implement continuous integration (CI) pipelines
Implement continuous delivery (CD) and deployment automation
Implement dependency management and artifact management
Implement application infrastructure automation (IaC)
Implement continuous feedback and monitoring

Microsoft Certified: Azure Administrator Associate

Microsoft

Associate Level

Associate-level certification proving skills in implementing, managing and monitoring Azure environments and core services.

📋 Key Competencies:

Manage identities and governance (Microsoft Entra ID, RBAC)
Implement and manage storage
Deploy and manage compute resources
Configure and manage virtual networking
Monitor and maintain resources
Backup and disaster recovery

Education

Academic foundation in information technology and engineering

VŠB - Technical University of Ostrava

Electrical, Electronics and Communications Engineering

Language Skills

Czech — Native

English — Professional Working

Get in Touch

Let's discuss your Azure cloud transformation needs

Send us a Message

Thank you! Your message has been sent.

Please correct the highlighted fields and try again.

Company (Registered Office)

Cloud Consulting s.r.o.
IČ: 08953147, DIČ: CZ08953147
Bulharská 6154/30
708 00 Ostrava Poruba

Correspondence Address

Cloud Consulting s.r.o.
U Rourovny 671/15
721 00 Ostrava Svinov

Bank Details

Bank: 4644684389/0800
IBAN: CZ76 0800 0000 0046 4468 4389

Email

info@cloud-consulting.cz

Phone

+420 593 033 322

+420 702 807 830

Privacy Notice

Transparent handling of your personal information under GDPR

Cloud Consulting s.r.o. processes personal data strictly for the purpose of responding to your enquiry or preparing a business offer. We do not use tracking cookies, analytics pixels, or marketing automation tools.

Your submitted information is stored in protected Microsoft 365 services hosted in the European Union. Access is restricted to Robert Habrman and authorised personnel contractually bound by confidentiality.

You can request access, rectification, portability, or erasure of your personal data at any time by emailing privacy@cloud-consulting.cz. We respond to requests within 30 days.

Data retention is limited to the duration of our communication plus a maximum of 24 months for audit and legal defence. After this period, data are securely deleted.

Supervisory authority: Úřad pro ochranu osobních údajů (ÚOOÚ). If you believe your data protection rights have been infringed, you may lodge a complaint with the ÚOOÚ or your local supervisory authority.