About Strengths Impact Approach Expertise Contact
| |
Matteo Solari
Matteo
Solari
Zurich, Switzerland
17.12.1983
Happy husband | Proud father | Resilient engineer

Building resilient infrastructure where reliability, security, and automation play a critical role.

Designing resilient infrastructure for regulated financial environments. I operate and secure mission-critical hybrid platforms across on-premises and cloud, ensuring stability, compliance, and long-term performance. Experience includes FINMA-regulated environments, aligned with FINMA Circular 2023/1.

Contact me
15+ years experience Regulated financial environments Hybrid infrastructure
Matteo Solari
About

Senior engineer,
trusted operator.

With over 15 years in IT infrastructure, I have built a career around operating complex, business-critical environments with calm and precision. My work spans on-premises, hybrid, and cloud-integrated platforms — always with a focus on what actually matters: systems that stay up, stay secure, and stay compliant.

The last seven years have been spent in financial services, where regulatory demands and service reliability are not optional. I have led audits, driven security hardening programs, managed disaster recovery, and owned infrastructure transitions that could not afford to fail. That context has shaped how I think about infrastructure: carefully, with full ownership, and always with the long term in mind.

I am pragmatic rather than theoretical. I care about documentation, about maintainability, about handovers that actually work. I build things so that the next person — or future me — is not left guessing.

15+ years
as ICT System Engineer
7+ years
in Finance Sector
6+ years
in Hybrid Azure Environments
Core Strengths

Where I
add value.

My strengths are shaped by real-world challenges in complex environments. They reflect a pragmatic mindset, consistent delivery, and full ownership.
01
Reliability
I have a disciplined approach to uptime. Critical financial services run on the systems I manage, which means reliability is non-negotiable. I prioritise preventive operations, structured change management, and robust documentation to keep environments stable and predictable.
02
Security
Security is embedded into how I operate, not added later. I design and enforce identity and access controls, including Conditional Access and SSO. I work within ISO 27001-aligned environments, coordinating vulnerability remediation and enforcing firewall governance.
03
Automation
Automation is a core part of how I operate. It reduces manual effort, increases reliability, and ensures repeatable processes. I build PowerShell solutions for AD management, security reporting, and audit preparation that others can understand, use, and maintain.
04
Hybrid Infrastructure
I am equally comfortable on-premises and in the cloud. I have administered Windows Server, VMware, Active Directory, Azure, and Microsoft 365 as interconnected systems — designing and maintaining environments that span both worlds effectively.
05
Operational Ownership
I treat infrastructure as mine to own, not just maintain. From audits to data center relocations, I take responsibility for outcomes. That includes proactive monitoring, honest incident reporting, and always knowing the state of what I manage.
06
Problem Solving
Infrastructure problems often arrive without a clear manual. I work methodically, stay calm under pressure, and know when to escalate. My escalation track record includes direct collaboration with Microsoft engineers on complex Exchange migrations.
Professional Impact

What I have delivered.

A selection of work delivered across regulated financial environments and complex international deployments, focused on real outcomes.

Hybrid Infrastructure Ownership
End-to-end administration and continuous optimization of hybrid ecosystems combining Windows Server, VMware, Azure, and Microsoft 365 — ensuring 99.9% availability for financial services.
Cross-Forest & Platform Migrations
Orchestrated multi-forest domain migrations and Exchange Online transitions for 1,000+ users following corporate acquisitions — maintaining business continuity throughout.
Security Hardening & Compliance
Led vulnerability remediation programs following penetration tests, PKI deployments, network segmentation aligned with ISO 27001, and firewall governance under international financial regulations.
Disaster Recovery Governance
Designed and maintained enterprise backup architectures using Veeam, with regular failover testing and strict RPO/RTO targets — ensuring recovery readiness at all times.
Audit Support & Documentation
Served as technical lead for external ISO 27001 and GDPR audits — building the documentation frameworks, incident records, and infrastructure transparency that auditors require.
Data Center & Infrastructure Transitions
Coordinated full data center relocations covering VMware environments, physical servers, storage, and networking — managing complex transitions with minimal disruption to operations.
How I Work

My working
approach.

"Good infrastructure is invisible in operation, and continuously improved by design."

— A principle I work by
01
Full Ownership, No Hand-Waving
I take responsibility for the systems I manage. That means staying informed about their state, being accountable for outcomes, and not delegating problems upward unnecessarily. If I own it, I know it.
02
Calm Under Pressure
Incidents in financial environments have real consequences. I approach them methodically — isolating the problem, communicating clearly, and focusing on resolution rather than noise. I do not panic; I diagnose.
03
Collaborative by Default
I have worked alongside developers, finance teams, auditors, and external providers. I adapt my communication to the audience, support knowledge transfer genuinely, and treat team success as the actual goal.
04
Structured & Documentable
I believe infrastructure that is not documented is infrastructure that is fragile. I invest in clear documentation not as a formality, but because it directly impacts reliability, onboarding, and audit outcomes.
05
Continuously Learning
Technology moves fast. I stay current — through certifications, self-study, and genuine curiosity. My current focus is deepening Azure expertise. I do not wait for training budgets; I invest in myself.
Technical Expertise

Architecture & Platform Expertise.

Infrastructure & Platforms
Hybrid Infrastructure Design Windows Server (2008–2022) VMware vSphere / ESXi Microsoft Hyper-V NetApp SAN / NAS Storage Veeam Backup & Replication
Cloud & Modern Workplace
Microsoft Azure (IaaS / PaaS) Azure AD & Conditional Access Microsoft 365 (Exchange Online, Intune, Teams) Entra ID & Hybrid Identity Cross-Forest Migrations Identity Lifecycle Management
Security & Compliance
Security Governance (ISO 27001, GDPR, ITIL) PKI & Certificate Lifecycle Vulnerability Management Firewall & Perimeter (Checkpoint, Fortinet) MFA / Smartcard / Zero Trust Audit & Compliance Support
Identity & Access Management
Active Directory & Identity Services SSO & Federation Citrix XenApp / VDI & NetScaler MDM & Endpoint Management Privileged Access Controls
Resilience & Operations
Disaster Recovery Strategy (RPO / RTO) Business Continuity Planning Infrastructure Monitoring (PRTG) SCCM / Endpoint Deployment Incident & Change Management
Automation & Networking
PowerShell Scripting & Automation Network Segmentation & VLANs VPN & Remote Access Cisco Networking Infrastructure-as-Code (Terraform basics) Deployment & Provisioning
Contact
Let's have a
real conversation.

I value meaningful conversations about infrastructure, security, and how things actually work in practice. If you'd like to exchange ideas, feel free to reach out.

Detailed CV available upon request.

Email
msolarich83@gmail.com
in
LinkedIn
linkedin.com/in/matteo-solari
Request CV
Send a CV request by email