RIVM DATA PLATFORM

Pioneered a multidisciplinary requirements discovery phase — engaging epidemiologists, public health advisors, data stewards, lab scientists, and policy makers across RIVM departments to translate complex domain-specific needs into platform requirements, shaping the self-service model, security classifications, and GDPR compliance approach

Owned complete solution design and development — from architecture and security reviews to production deployment, with no inherited codebase or external dependencies

Architected end-to-end Azure data infrastructure using Terraform and Bicep with multi-environment strategy (dev, test, production) including proper isolation, security boundaries, VNet integration, and private endpoints for all Azure services

Deployed and configured Databricks Unity Catalog for centralised data governance, fine-grained access control, and data lineage tracking

Built comprehensive Azure DevOps CI/CD pipelines with GitOps workflows, automated validation, infrastructure drift detection, and deployment gate approvals requiring data owner sign-off before provisioning

Designed and built a self-service web application enabling business users to visually configure data ingestion pipelines with live database/fileshare/HTTP source introspection, AI-powered column documentation (Azure OpenAI), strict schema validation, and YAML export

Implemented automated end-to-end deployment: UI triggers Azure DevOps pipeline → data owner approval gates → Terraform provisions Unity Catalog schemas and permissions → Databricks Asset Bundles deploy ingestion workflow jobs with schedules and configuration

Enabled scalable ETL/ELT workflows using Databricks Asset Bundles & Workflows with PySpark, Delta Lake, and medallion architecture patterns

Ensured security by design throughout — Azure VNet integration, private endpoints for all Azure services, network-integrated fileshare access, government-standard data sensitivity classification, PII flagging, GDPR compliance fields, and AD group-based access control

Containerised the platform with Docker (multi-stage build) deployed via Azure DevOps to Azure Container Registry and Azure App Service with managed identity, with Databricks Apps as an alternative deployment target

Developed LLM operations frameworks, AI-powered solutions, and multi-agent AI systems as proof of concept using LangChain, PydanticAI, Azure AI Foundry, and MLflow

Established centralised data platform — single source of truth for organisational data with proper governance

Reduced data source onboarding time from days to hours through the self-service configuration platform — business users onboard independently without data engineer involvement

Automated the full provisioning chain: configuration → approval → Terraform (schemas, permissions, storage) → DAB deployment (ingestion jobs, schedules) — zero manual steps after data owner approval

Reduced infrastructure provisioning time from weeks to hours through Terraform and Bicep automation

Achieved 99.9% platform uptime with automated monitoring and remediation, plus 30% cost reduction through auto-scaling and resource tagging

Achieved compliance with national security standards and audit requirements through security by design — VNet integration, private endpoints, Key Vault, managed identity, data sensitivity classification, and PII controls