Cloud & Cyber Security Architect · UK
Saleem Yousaf · saleemyousaf.co.uk

Secure by design.
Resilient by architecture.

I'm Saleem Yousaf, a Cloud and Cyber Security Architect securing UK government, Critical National Infrastructure, and global enterprise across AWS, Azure, and Zero Trust environments. Founder of BreachForge. Director at Cyber Spartans.

// snapshot
UK
Government, CNI & global enterprise experience
2
Active properties: BreachForge & Cyber Spartans
19+
Published technical articles
Also building

Two properties, one operator.

Alongside the consulting, I build and run two things of my own.

Core expertise

Architecture that holds under pressure.

Security-by-design across cloud, identity, OT, and AI, built for complex enterprise and regulated environments.

Secure AWS & Azure Architecture
Designing secure, scalable cloud architectures including landing zones, enterprise platforms, hybrid connectivity, and cloud-native security controls.
Zero Trust & Identity Security
Applying Zero Trust principles through identity-driven access control, API security, and layered security architecture across enterprise environments.
Threat Modelling & BAS
STRIDE-based threat modelling, Breach Attack Simulation in CI/CD pipelines, and continuous validation mapped to MITRE ATT&CK. The thinking behind BreachForge.
AI Security & Governance
Helping organisations adopt AI securely through governance frameworks, LLM security architecture, RAG pipeline security, prompt injection risk, and data protection.
OT Security & Segmentation
Designing secure OT and industrial network architectures using IDMZ patterns, segmentation, and controlled access models for Critical National Infrastructure.
Cloud Migration & Assurance
Supporting secure cloud migrations from on-premise to AWS and Azure, covering governance, compliance assurance, resilience, and reduced operational risk at scale.
Enterprise experience

Sectors & organisations.

Delivering secure architecture across government, CNI, manufacturing, and enterprise, where the stakes and governance requirements are highest.

01
Government · AWS
.gov
Security architecture across APIs and middleware within a fully AWS-based enterprise platform. Strengthened API security and implemented structured STRIDE threat modelling.
02
Government · Cloud Security
.gov
Lead Cloud Security Architect across government digital services. Secure-by-design, cloud assurance, threat modelling, Breach Attack Simulation, API security.
03
Critical National Infrastructure
UK Smart Energy Network
Enterprise security architecture across CNI systems. AWS-based PKI cloud architecture, threat detection, security governance.
04
Manufacturing · Enterprise
Global Luxury Car Manufacturer
Enterprise architecture and governance across manufacturing environments. Third-party access controls, Shadow IT reduction, and security posture improvements across a complex global production estate.
05
Sport & Distribution
Global Sport Brand
Security architecture and OT security across enterprise distribution and logistics environments. Network segmentation, infrastructure security design, and secure operational architecture across a global sporting goods business with significant OT and logistics exposure.
06
Aviation · Multi-Cloud
European Airlines
Multi-cloud security architecture across Azure and GCP. CSPM-driven remediation, SteerCo-level security leadership, lift and shift migration security from design to delivery. Traffic filtering and segmentation strategy (east/west, hub and spoke), NIST 800, CIS and MITRE ATT&CK control alignment.
Working on a complex security architecture challenge?
Reach out to discuss cloud security, enterprise architecture, AI governance, or Zero Trust strategy.