Verified Expert in Engineering
Sam has more than 15 years of cloud computing experience across a wide range of verticals, from high-growth startups to established enterprises. He excels at building a cloud infrastructure that empowers developers and increases their efficiency while ensuring secure environments. Automation is at the core of everything Sam does, as he always tries to build reliable, repeatable solutions that enhance organizational productivity and minimize or eliminate drudgery.
Amazon Web Services (AWS), Google Cloud
The most amazing...
...thing I've built was a development lifecycle platform for a major international airline with radical improvements in developer productivity.
- Collaborated on a three-month engagement to build automation for Akamai.
- Migrated Akamai environment from 'clickops' web UI management to full infrastructure-as-code.
- Utilized Terraform CDKTF built using TypeScript, and the deployments were managed via GitHub Actions.
- Built a complete cloud-native development lifecycle platform that allowed developers to leverage the power of AWS while ensuring security.
- Designed and led the implementation of a petabyte-scale data lake solution.
- Re-engineered AWS networking from a virtual private cloud (VPC) peering connection to utilize AWS Transit Gateway, removing hard limits on AWS growth and simplifying connectivity.
- Built a consultancy firm from zero employees to over one hundred. It initially started as a company focused on open-source software, but I pivoted it to focus on cloud computing from 2010 onwards.
- Provided consultancy and managed support for cloud computing environments across AWS and Google Cloud.
- Led the company to a successful exit via acquisition by Claranet Group, an internationally-managed service provider.
- Designed and built the common platform, a method for ITV to utilize AWS in a standardized way across the enterprise.
- Built infrastructure for the first common platform customer, ITV Hub, a TV streaming platform with millions of users in the UK.
- Developed infrastructure for partner media sharing using serverless technologies, introducing significant cost savings and reducing onboarding time for partners from months to minutes.
Akamai Automation with CDK for Terraform
This involved writing CDKTF constructs to make managing Akamai via Terraform simpler and a full CI/CD pipeline for automated testing and deployment of changes through relevant environments (dev, test, production).
The CI/CD pipeline was built using GitHub actions.
In addition, I wrote code that utilized the Akamai API to convert existing 'clickops' created properties to the newly built infrastructure-as-code platform.
AWS IDS Implementation for an International Airline
They considered extremely expensive IDS 'devices' for capturing all VPC traffic.
I wrote reports and presented them to senior stakeholders to help them understand their requirements could be met and even exceeded by using AWS GuardDuty, a solution available at a fraction of the cost of the IDS solution they were considering.
I oversaw implementing GuardDuty across the estate of several hundred AWS accounts, creating automation to ensure that newly created accounts were automatically enrolled in GuardDuty. The automation I created also ensured that SoC and those in charge of the infrastructure findings were related to were altered.
Automation was performed via a combination of AWS CloudFormation StackSets and AWS Lambda, with functions written in Go.
Qantas AWS Network Refactoring
I designed and implemented a move to AWS Transit Gateway. This removed bottlenecks, relieving the immediate pain point. The implementation provided automation for newly created accounts, utilizing AWS Lambda and AWS CloudFormation to connect new accounts appropriately without requiring any human interaction.
Transit Gateway additionally provided a path for multi-cloud adoption, with Google Cloud and Azure peering providing significant extra flexibility for the organization.
AWS Cost Optimization for International Airline
Working with another team member in charge of shutting down unused and right-sizing AWS instances, I focused on less obvious methods for finding cost savings.
I was able to find several million dollars annually in additional savings, over and above those from more traditional cost optimization techniques.
I did this by utilizing Python and Boto3 to interrogate several hundred AWS accounts and devising innovative strategies to save costs.
• Finding and removing unused RDS and RDS Aurora instances.
• Aligning AWS RDS and RDS Aurora instance type used across accounts and teams, enabling significantly higher reserved instance coverage.
• Finding and removing unused EBS volumes.
• Converting provisioned IOPS EBS volumes to gp3 volumes, which provided the same performance at a much lower cost.
• Converting gp2 volumes to gp3 volumes
• Finding and removing unused ELBs.
All of these strategies were implemented in a fully automated manner, with no more than 60 seconds of downtime for any individual change.
LUSH Google Cloud Migrationhttps://cloud.google.com/customers/lush
We were given an insanely short timescale of 30 days, so I led a team of ten who managed to refactor and migrate the environment in just 22 days. The efforts were worthwhile as LUSH had their largest ever daily sale just one month later, with the new infrastructure providing 100% uptime throughout this period.
Migration to Kuberneteshttps://www.claranet.co.uk/case-studies/oddschecker-makes-safe-bet-future-growth-claranet-cloud-migration
As well as doing design and hands-on work, I also provided training to upskill the in-house team to support the environment.
Conference Talk: Infrastructure as Code Using Terraformhttps://www.slideshare.net/SamBashton/infrastructure-as-code-with-terraform
The talk introduced infrastructure as code more generally and talked about the specifics of managing AWS via Terraform.
Fintech AWS Migrationhttps://aws.amazon.com/solutions/case-studies/currencycloud/
I refactored their environment into highly available autoscaling infrastructure and migrated from an active and passive MySQL configuration to Amazon Aurora.
The customer enjoyed significantly better uptime and 30% lower costs. Please see the AWS case study in the project URL for full details.
AWS CloudFormation, Puppet, Terraform, AWS IAM, Jenkins, Amazon CloudWatch, Vagrant, GitLab CI/CD, Amazon EKS, Amazon Virtual Private Cloud (VPC), Git, Boto 3, AWS ELB, Amazon EBS, GitLab, Google Kubernetes Engine (GKE), AWS Simple Notification Service (SNS), Amazon Simple Queue Service (SQS), Amazon Elastic Container Service (Amazon ECS), AWS Fargate, GitHub, AWS Key Management Service (KMS), HashiCorp, OpenVPN, Ansible, Kibana, VPN, Helm, Jira, Zabbix, CircleCI
DevOps, Automation, DevSecOps, Automated Testing, Management, Serverless Architecture, Deep Packet Inspection (DPI), Continuous Integration (CI), ETL
Amazon Web Services (AWS), Docker, Kubernetes, Amazon EC2, AWS Lambda, Google Cloud Platform (GCP), Linux, AWS IoT, Apache Kafka, Azure
Google Cloud, Data Lake Design, Amazon DynamoDB, Amazon Aurora, Google Cloud SQL, Amazon S3 (AWS S3), AWS Snowball, MongoDB, MySQL, Redshift, PostgreSQL
Networking, Cloud, AWS DevOps, AWS Cloud Development, CDKTF, CI/CD Pipelines, Serverless, AWS Lake Formation, AWS Transit Gateway, High Availability Disaster Recovery (HADR), SDKs, APIs, IT Support, Load Balancers, Site Reliability Engineering (SRE), Architecture, Cloud Computing, Linux Administration, Infrastructure as Code (IaC), High-availability Systems, AWS CodePipeline, Security, Cloud Migration, Identity & Access Management (IAM), GitHub Actions, Containerization, Scripting, Amazon RDS, Containers, Container Orchestration, Team Leadership, Training, Consul, Autoscaling, Amazon GuardDuty, AWS Certified Solution Architect, Mentorship, Technical Writing, Consulting, Amazon API Gateway, Cloud Security, Amazon Route 53, Web Application Firewall (WAF), TCP/IP, Linux Network Stack, Transport Layer Security (TLS), Agile DevOps, AWS Certified DevOps Engineer, AWS Certified Developer, Cost Reduction & Optimization, Cluster Management, Development, Akamai, Point-to-Point Tunneling Protocol (PPTP)
AWS Certified Security — Specialty
Amazon Web Services
AWS Certified DevOps Engineer Professional
AWS Certified Developer Associate
AWS Certified SysOps Administrator Associate
AWS Certified Advanced Networking – Specialty
Amazon Web Services
AWS Solutions Architect Professional
Amazon Web Services
AWS Solutions Architect Associate
Amazon Web Services
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.Start hiring