Skip to content
Continue

Tap the centre to continue

IT Architecture & Operations

  • Infrastructureconnected
  • Identitysecured
  • PAMsecured
  • Securitymonitored
  • Devicesmanaged
  • Monitoringmonitored
  • Automationautomated
  • Platformsconnected
  • AIgoverned
  • Governancedocumented

Senior IT Consulting · Architecture · Automation · AI

Complex IT, connected and under control.

I help companies design, connect and improve their complete IT environment — infrastructure, identity, security, monitoring, internal platforms, automation and AI-enabled workflows.

Explore selected projectsDiscuss a project

Based in Prague. Working across the Czech Republic, Europe and the United States.

0

Selected case studies

PAM360 to AI-enabled ops

0

Connected expertise areas

One operating environment

0

Project cities

Prague · Pardubice · Liberec · Berlin · New York

0

Step delivery model

Requirement to handover

Sound familiar?

Companies usually call me when they're opening a new office or production site.

If any of these match where you are right now, that's exactly the kind of problem I help untangle — from architecture and security to automation and AI.

Talk through your situation

//The core idea

One connected IT operating environment.

I don't approach IT as a collection of separate products. Architecture, infrastructure, identity, security, applications, data, automation, AI and people are parts of one operating environment — and my work is to connect them.

I understand every layer, including the physical foundation — but my identity is at the architecture, integration and leadership layer, not physical installation.

  • Strategy & Governance

    Architecture, technical leadership and delivery

    • Architecture
    • Technical leadership
    • Vendor management
    • Project delivery
    • Documentation
    • Compliance

  • Applications & AI

    Internal platforms and AI-enabled workflows

    • Internal platforms
    • AI integrations
    • Reporting
    • Business workflows
    • Knowledge systems

  • Automation & Operations

    Orchestration, monitoring and lifecycle automation

    • APIs
    • Orchestration
    • Monitoring
    • Alerts
    • Onboarding
    • Offboarding

  • Identity & Security

    Access, privilege and auditability

    • IAM
    • PAM
    • SSO
    • Device trust
    • Privileged access
    • Auditability

  • Infrastructure

    Cloud, servers, networks and endpoints

    • Cloud
    • Servers
    • Networks
    • Virtualization
    • Storage
    • Endpoints

  • Physical Foundation

    The base layer — understood, designed, but not the identity

    • Offices
    • Production halls
    • Racks
    • Connectivity
    • Structured cabling
    • UPS

//Expertise

Specialist depth, connected as one system.

Each area below is shown as part of one environment rather than an isolated service. The value is in how they connect.

//Selected projects

Delivery you can point to.

A selection of work across public-procurement delivery, identity, infrastructure, monitoring, security and AI integration. Client names and selected details are anonymized where required.
View all projects

PAM360 · Public-sector delivery

Delivered

Privileged Access Management Implementation for Liberecká IS, a.s.

Coordinated the complete technical delivery of a ManageEngine PAM360 privileged-access solution under public-procurement requirements — from vendor communication to deployment, documentation and handover.

Liberecká IS, a.s.Liberec, Czech Republic
  1. Privileged accountsScattered, high-risk
  2. PAM360ManageEngine platform
  3. Controlled accessGoverned paths
  4. Audit trailWho did what, when
  5. OperationsOperated & reviewed
ManageEngine PAM360Privileged access managementIdentity & access controlsServer & account integrations
View case study

Identity · Automation

Delivered

Global Identity & Employee Lifecycle

Designed and implemented a centralized employee-lifecycle model connecting identity, devices and applications — replacing manual operations with automated, auditable flows.

International company (anonymized)Czech Republic, Europe & United States
  1. RequestJoiner / mover / leaver
  2. ApprovalRight approvals
  3. IdentityOkta
  4. AccountsProvisioned
  5. DeviceJamf-enrolled
  6. ApplicationsBy role
  7. AuditConsistent record
OktaGoogle WorkspaceJamfSupabase
View case study

Internal platform · Data

Ongoing

Internal Operations Platform

Architected a central internal platform with a single data model and role-based workflows to replace forms, spreadsheets and manual approvals — prepared for automation and AI.

Internal IT (anonymized)Czech Republic & remote

Fragmented

  • Fragmented processes with no single owner or data model.
  • Manual approvals and duplicated tools.
  • No reliable foundation for automation or AI.

Connected

  • A central data model in PostgreSQL/Supabase as the single source of truth.
  • Role-based access controlling who can see and do what.
  • Workflows and approvals modelled as first-class, auditable objects.
  • Integration points and an API-driven design ready for automation and AI.
Modern frontendSupabasePostgreSQLREST APIs
View case study

//Leadership

Technical leadership beyond implementation.

Senior IT work is not only about knowing how a technology works. It is about understanding how technologies, vendors, budgets, people and operational risks fit together.

My role is often to connect specialists, vendors and internal stakeholders so that the final solution works as one environment rather than a collection of separate deliveries.

— How I see the role

  • 01

    Scope from ambiguity

    Turning unclear requests into a defined project scope.

  • 02

    Requirements to architecture

    Translating business requirements into technical architecture.

  • 03

    Vendor & team coordination

    Coordinating vendors and implementation teams as one delivery.

  • 04

    Proposal evaluation

    Evaluating technical proposals against real operational needs.

  • 05

    Hidden dependencies

    Identifying dependencies and risks others miss early enough to matter.

  • 06

    Unblocking delivery

    Resolving implementation blockers without derailing the plan.

  • 07

    Protecting maintainability

    Keeping the result operable and maintainable long after go-live.

  • 08

    Documentation quality

    Controlling documentation quality so the environment is understandable.

  • 09

    Operational handover

    Preparing acceptance, knowledge transfer and a working support model.

  • 10

    Communicating risk

    Communicating technical risks to management in language they can act on.

//How I work

From requirement to a maintainable operating model.

I look at architecture, infrastructure, identities, security, applications, data, automation, AI and people as parts of one operating environment — and move through six steps to deliver it.
  • 01

    Understand

    Establish what the environment really needs to do and what constrains it.

    • Business requirements
    • Technical requirements
    • Users & systems
    • Risks & constraints
    • Current architecture
  • 02

    Map

    Make the environment visible — dependencies, ownership and boundaries.

    • Dependencies
    • Data flows
    • Ownership
    • Integrations & vendors
    • Security boundaries
    • Operational responsibilities
  • 03

    Design

    Turn the picture into an architecture and a workable plan.

    • Architecture
    • Technology choices
    • Implementation model
    • Project plan
    • Integration model
    • Documentation structure
  • 04

    Coordinate

    Align clients, vendors and delivery teams around the same decisions.

    • Client communication
    • Vendor communication
    • Delivery teams
    • Implementation responsibilities
    • Change management
    • Technical decisions
  • 05

    Deliver

    Implement, integrate and validate — with security and monitoring built in.

    • Implementation
    • Integration
    • Validation
    • Issue resolution
    • Security controls
    • Monitoring & automation
  • 06

    Document & Handover

    Leave behind an environment that can be operated, understood and improved.

    • Operational documentation
    • Project documentation
    • Acceptance support
    • Knowledge transfer
    • Support model
    • Improvement roadmap

I don't approach IT as a collection of separate products. Architecture, infrastructure, identities, security, applications, data, automation, AI and people are parts of one operating environment.

//Technology landscape

The tools, mapped by layer.

Not a wall of logos — a map of where each technology fits. Hover or focus a technology to see its area, use case and related project.

Architecture & Operations

Identity & Security

Infrastructure

Monitoring

Automation & Data

Internal Platforms & AI

//Ways to work together

Engage me where the decision is hardest.

From a single architecture decision to ongoing fractional IT leadership. No public price list — scope is shaped around the environment and the outcome.

  • IT Architecture & Advisory

    Architecture, technical decision-making and senior guidance for complex or changing IT environments.

  • Technical Project Leadership

    End-to-end coordination of technical projects — requirements, vendor communication, implementation oversight, documentation and handover.

  • Infrastructure & Security Projects

    Design and delivery of infrastructure, identity, privileged-access, monitoring and security solutions.

  • Automation & AI Integration

    Connecting systems, automating workflows and integrating AI into internal tools and operational processes.

  • IT Environment Review

    Structured review of systems, risks, ownership, costs, integrations and improvement opportunities.

  • Fractional IT Lead

    Ongoing senior IT leadership for companies that do not need — or do not yet have — a full-time internal IT leader.

Let's discuss the environment, project or decision you are currently facing.

Discuss a project

//About

Senior IT consultant, working at the architecture and leadership layer.

I understand the infrastructure layer, but I work primarily at the architecture, integration and leadership layer.

From networks and privileged access to automated workflows and AI-enabled internal systems.

I am a senior IT consultant based in Prague, working across architecture, infrastructure, identity, security, automation, internal platforms and AI integration.

My experience ranges from designing IT environments for international offices and large production facilities to coordinating security-platform deployments and public-procurement IT projects.

I understand the technical detail, but my role is increasingly focused on the bigger picture: translating requirements into architecture, coordinating vendors, connecting systems and making sure projects are properly deployed, documented and handed over.

I have worked with teams and environments across the Czech Republic, Germany and the United States, including projects in Prague, Pardubice, Liberec, Berlin and New York.

I am comfortable moving between management discussions, vendor negotiations, architecture decisions and hands-on technical validation.

My goal is not to introduce more technology. It is to create an environment that is easier to operate, secure, understand and improve.

Matěj Václavík — senior IT consultant
Based in
Prague, Czech Republic
Working across
Czech Republic, Europe & the United States
Project locations
Prague · Pardubice · Liberec · Berlin · New York
Focus
Architecture · Leadership · Integration · Security · Automation · AI

Sound familiar?

Companies usually call me when they're opening a new office or production site.

//Contact

Discuss a project.

Tell me about the environment, project or decision you are currently facing. I read every message personally.
Matej Vaclavik

Matej Vaclavik

Senior IT Consultant, Architect & Technology Lead