Bolingbrook, Illinois · USA

Aju Abraham Mathew.

Lead Platform Architect AWS & DevSecOps Secure-by-Design CI/CD GenAI Agents

I design platforms that make secure software delivery the default, not the exception. Nearly two decades embedding security, automation, and governance directly into how enterprises ship software on AWS.

Let's work together View experience
Certified AWS DevOps – Professional AWS Security – Specialty AWS AI Practitioner
Aju Abraham Mathew, Lead Platform Architect
EST. 2006 Lead Platform Architect
Scroll
0+
Years in IT
0×
Cloud Certifications
0+
Yrs Regulated Enterprise
Global
Virtual Team Delivery
Certified & Verified

7 active credentials across AWS, HashiCorp & the Linux Foundation.

AWS Certified DevOps Engineer – Professional
Professional

AWS DevOps Engineer

Amazon Web Services
AWS Certified Security – Specialty
Specialty

AWS Security

Amazon Web Services
AWS Certified AI Practitioner
Foundational

AWS AI Practitioner

Amazon Web Services
FinOps Certified Engineer
FinOps

FinOps Certified Engineer

The Linux Foundation
AWS Certified Solutions Architect – Associate
Associate

AWS Solutions Architect

Amazon Web Services
AWS Certified SysOps Administrator – Associate
Associate

AWS SysOps Administrator

Amazon Web Services
HashiCorp Certified Terraform Associate
Associate

HashiCorp Terraform

HashiCorp
01 · Who I am

An architect of secure, scalable platforms.

Over the years I've worked at the intersection of cloud architecture, DevSecOps, and developer experience, building systems that transform how engineering teams deliver software.

As Lead Platform Architect at Blue Cross Blue Shield Association, I lead the architecture and implementation of Secure-by-Design CI/CD pipelines that standardize software delivery, enforce security guardrails, and enable consistent, compliant deployments across large-scale AWS environments.

Instead of treating security, compliance, and operations as afterthoughts, I embed them directly into the platform, so every pipeline, every deployment, and every release follows a secure path automatically. I also drive developer-experience transformation through self-service tooling and AI-powered assistants that let engineers onboard and ship in minutes instead of days.

01

Security as a built-in feature

CI/CD platforms where security is enforced by default, integrated scanning, policy guardrails, and automated controls that stop risks before they reach production.

02

Developer experience as a priority

Self-service platforms and AI-powered assistants that eliminate the need to "figure things out," enabling teams to onboard, build, and deploy with confidence.

03

Standardization at scale

Reusable frameworks and patterns that bring consistency across teams, reducing complexity while improving reliability and compliance.

02 · What I do

Expertise across the secure delivery lifecycle.

From cloud foundations to the pipelines, guardrails, and tooling that keep enterprise software shipping safely.

Cloud Platform & Infrastructure

Secure, highly available AWS infrastructure designed for scale, resilience, and least-privilege access.

EC2VPCIAM Identity CenterRoute 53CloudFrontS3 · KMSImage Builder

DevSecOps & Cloud Security

Shift-left security with scanning, guardrails, and continuous compliance against industry standards.

Prisma CloudSonarQubeSecurity HubGuardDutyCIS · NIST · PCI DSSRBAC/ABAC

CI/CD & Infrastructure as Code

Reusable, secure-by-design pipeline frameworks that standardize delivery across the enterprise.

CodePipelineAWS CDKCloudFormationTerraformPowerShell

Observability & FinOps

Monitoring, log analysis, and proactive cost optimization with clear reporting to stakeholders.

DatadogDynatraceSplunkCloudWatchCloudHealth

GenAI, Agents & Conversational AI

Multi-agent assistants that classify intent, route to specialized domain agents, and ground answers in enterprise knowledge, plus conversational platforms that surface information without generic AI guesswork.

Copilot StudioMulti-Agent RoutingRAG / GroundingMCPAmazon LexLambda

Architecture & Delivery Leadership

Leading global teams and cross-functional initiatives, scope, risk, estimation, and on-time delivery of complex programs.

Solution ArchitectureProgram DeliveryJira · ConfluenceMentoringLucidchart
03 · Career

Nearly two decades of building & leading.

From software engineering to architecting secure platforms for some of the world's largest enterprises.

Lead Platform Architect Now May 2023 - Present
Blue Cross Blue Shield Association

Leading the architecture of Secure-by-Design CI/CD platforms and developer-enablement solutions, embedding security, automation, and governance across large-scale AWS environments while driving enterprise-wide adoption of modern engineering practices.

Cloud Service Delivery Manager / Architect Feb 2022 - Mar 2023
AllCloud

Owned AWS application delivery, health monitoring, security management, and infrastructure for multiple API platforms, building and maintaining secure, resilient cloud environments and managing client stakeholder relationships.

Technical Project Manager / Lead Sep 2015 - Dec 2021
Cognizant Technology Solutions, US

Led complex Regulatory, Quality & Safety programs for AbbVie, one of the largest biopharmaceutical companies, delivering cloud infrastructure, conversational AI, and mission-critical applications with global onshore/offshore teams.

United States
Senior Associate Oct 2011 - Aug 2015
Cognizant Technology Solutions

Delivered enterprise software solutions and led technical workstreams across the product registration and safety domains.

Kochi, India
Senior Software Engineer Jul 2006 - Oct 2011
CGI Inc.

Built and maintained enterprise software systems, the engineering foundation behind a career spent shipping reliable, secure software.

Bangalore, India
04 · Selected work

Platforms & solutions delivered.

A selection of enterprise programs spanning secure cloud infrastructure, conversational AI, and regulated systems.

Blue Cross Blue Shield Assoc. GenAI · Multi-Agent

AI-Powered Developer Assistant

A multi-agent enterprise assistant that lets developers self-serve answers across Secure-by-Design CI/CD, cloud access, and engineering processes, right inside Microsoft Teams. Built on Microsoft Copilot Studio: a central routing agent classifies user intent and dispatches each query to specialized domain agents (CI, CD, Roles & Access), all grounded in authoritative sources (Confluence, GitHub, and AWS documentation via MCP) for accurate, compliant, enterprise-aligned responses. The result: onboarding accelerated from weeks to days, with far less dependence on manual SME support.

Microsoft Copilot StudioMulti-Agent ArchitectureIntent RoutingRAG / GroundingMCPMicrosoft TeamsDeveloper Enablement
Blue Cross Blue Shield Assoc. Lead Platform Architect

Secure-by-Design CI/CD Platform

An enterprise platform that makes secure delivery the default. Security tools such as Prisma Cloud and SonarQube are integrated into CI pipelines to identify and block vulnerabilities early; deployment frameworks built on AWS CodePipeline and CDK enforce access control, separation of duties, and secure deployment practices, paired with AI-powered self-service tooling that lets engineers onboard and operate pipelines without manual support.

AWS CodePipelineAWS CDKPrisma CloudSonarQubeIaC GuardrailsDeveloper Enablement
Pilot Freight · via AllCloud CSDM / Architect

API Platform Infrastructure on AWS

End-to-end AWS infrastructure for a host of Windows/IIS API servers, VPCs, ALBs, CloudFront with WAF, EC2 Image Builder AMIs, IAM Identity Center, SSM automation, and AWS Backup, all delivered through CloudFormation with FinOps reporting via CloudHealth.

CloudFormationCloudFront · WAFImage BuilderSSMCloudHealth
HubSync · via AllCloud CSDM / Architect

Managed AWS Infrastructure & Support

Built and ran the full AWS infrastructure for HubSync, end-to-end maintenance, IAM Identity Center with external identity providers, continuous CIS & AWS security-best-practice remediation, and cost-saving recommendations through CloudHealth.

IAM Identity CenterExternal IdPSecurity HubDatadog
AbbVie · via Cognizant Technical Manager / Lead

Cosmos: Regulatory Information Management

Built the highly available, fault-tolerant AWS cloud infrastructure hosting AbbVie's Cosmos regulatory platform across multiple availability zones, least-privilege IAM, encryption at rest and in transit, plus an AWS Lex + Kendra search bot for instant document discovery.

Multi-AZ HAAWS Lex · KendraKMSDynatrace · Splunk
AbbVie · via Cognizant Technical Manager / Lead

ACT: Safety Issue Management Chatbot

A conversational NLP chatbot for AbbVie's Medical Safety Assessment workflow, built with Amazon Lex and Lambda and integrated into an iOS app, with custom intents and slots, PingFederate OAuth authentication, and Apigee integration to on-prem services.

Amazon LexLambdaPingFederate · OAuthApigee
AbbVie · via Cognizant Technical Manager / Lead

PV Dashboard Bot

A pharmacovigilance metrics chatbot giving the PV team natural-language access to key insights through existing web services, replacing tedious multi-step searches with conversational queries powered by AWS Lex and Lambda.

AWS LexLambdaCustom IntentsApigee
05 · Education

Where the foundation was laid.

Bachelor of Technology, Electrical & Electronics Engineering

Cochin University of Science and Technology, India

06 · Let's connect

Building something that needs to be
secure, scalable & built to last?

Whether it's architecting a cloud platform, hardening your delivery pipeline, or leading a complex program, I'd be glad to talk.

Send an email Connect on LinkedIn
contactme@ajumathew.com Bolingbrook, IL · USA