Andrew Hughes-Onslow

Technical Lead, Infrastructure and Software Engineer

e: [email protected]

w: http://hughes-onslow.com

GitHub: https://github.com/kalpaitch

LinkedIn: http://uk.linkedin.com/in/hughesonslow/

Security-cleared platform and software engineer with over 15 years leading and empowering technical teams across public and private sector projects. Skilled in designing scalable, secure, and automated platforms on AWS and Azure using Docker and Infrastructure as Code (Terraform, CloudFormation). Strong background in CI/CD pipeline automation, microservice and event-driven architecture, and developer enablement. Expertise across PHP/Drupal, Python, and Node.js.

Focus: Building secure & resilient platforms, fostering engineering excellence, and empowering teams through automation.

Key Skills

Leadership & Delivery: Technical leadership, mentoring, agile delivery, roadmap ownership, stakeholder communication

Cloud & Infrastructure: AWS, Azure, Terraform, CloudFormation, Docker, Kubernetes, Kafka

Software Engineering: PHP/Drupal, Python, JavaScript/Node/React, Bash

Automation: Pipeline automation and release management with CircleCI, GitHub Actions, Travis CI, Jenkins

Observability & Security: Dynatrace, Splunk, Sentry, SonarQube, Trivy, Checkov

Data & Storage: MySQL, PostgreSQL, DynamoDB, Redis, Elasticsearch, Typesense

Employment

Lead Technical Consultant > April 2025 to present

CACI > Government Department > [undisclosed]

• Owned and managed Kubernetes clusters and helm configuration for scalable, resilient microservices.
• Administered Kafka to support high-throughput event-driven architectures and reliable messaging between services.
• Managed highly-available Postgres RDS databases and ensured infrastructure resilience with Terraform.
• Oversaw certificate management for secure zero trust TLS/mTLS communication between microservices.
• Designed microservice release and deployment processes via GitOps (ArgoCD) with automated artifact versioning.

Platform Lead > August 2024 to March 2025

CACI > Digital Experience > Internal team

• Led a team of 5 platform engineers across multiple projects, driving delivery, mentoring, and platform best practices.
• Introduced robust release management and automated rollback procedures for safe, reliable deployments.
• Enhanced VPC security designs and implemented security standards across the team and platform.
• Modularised IaC components to enhance consistency, and alignment with the AWS Well-Architected Framework.
• Monitored cloud cost efficiency, ensuring optimal resource use and value across projects.

Devops Engineer > December 2023 to August 2024

CACI > Government Digital Service > One Login programme

• Ensured security and stability for the self-administration component of the identity and verification service.
• Maintained the containerised and serverless infrastructure using CloudFormation, Docker, and ECS.
• Managed continuous deployment with and test implementation to ensure fast, reliable, and repeatable delivery.
• Monitored service performance and reliability using CloudWatch, Splunk, and Dynatrace.
• Engaged central security teams to implement rigorous profiling, testing, and enforce the highest security standards.

Technical Architect / Lead Engineer > June 2017 to Nov 2023

Department BEIS > Office for Product Safety & Standards > Primary Authority Register

• Spearheaded the development of a new database and front-end for product safety standards, improving usability.
• Strategised and executed migration from the decommissioned GovUK PaaS to a new containerised AWS solution.
• Led the development of a performance-focused Drupal / Postgres application backed by Redis and OpenSearch.
• Coordinated with SOC, accessibility, content, and other teams to ensure GovUK Service Standard compliance.
• Conducted roadmapping, requirement gathering, and stakeholder engagement with non-technical teams.
• Implemented CI pipelines with blue/green deployments and automated rollback, improving release reliability.

Lead Engineer > July 2020 to January 2022 [part-time]

[Undisclosed] > Multi-vendor wholesaler & ad-tech platform

• Planned and architected a cloud-native highly scalable ad-tech platform to push organic growth for 100k products
• Deployed event-driven serverless ETL pipelines to process sales data exceeding $1M/day in revenue.
• Developed Python applications using Chalice and the Serverless framework for scalable, maintainable workflows.
• Designed service diagrams to communicate pipeline functions, results, and architecture to technical stakeholders.
• Built an observability platform using CloudWatch and Grafana, enabling proactive performance management.

Senior Engineer > Dec 2016 to June 2017

Dennis Publishing > Magazine publisher, owner of The Week

• Creating a new Drupal 8 platform for subscriptions services and magazine publishing

Senior Developer > May 2015 to November 2016

Eurostar > Trains from London to Paris

• Creation of a new Drupal 8 component-based content site for Eurostar to drive
• Contributor to the Drupal component initiative, and approach for headless content rendering
• API development and integration with RESTful microservices

Senior Developer > June 2016 to March 2017 [part-time]

Trustroots > A free open source hospitality exchange network built on trust.

Senior Developer > July 2015 to July 2016

Warmshowers.org > A free worldwide hospitality exchange for touring cyclists

Senior Developer > August 2013 to January 2014

New Digital Partnership > A digital agency specialising in drupal projects

Technical Developer > October 2012 to July 2013

Reading Room > A global digital agency

Developer > July 2010 to September 2012

Firecracker > A small, fast-paced digital agency

Education

BA (architecture) > Oxford Brookes University > 2004 - 2008
3 A levels (history of art, design and technology, geography) > Eton College