Available · 1 slot open

Turn your cloud into a real platform.

I’m Tomislav, a platform engineer and cloud architect based in Belgrade. I formalize AWS environments into proper platforms with DevOps automation, and help teams adopt LLMs and AI tooling as a company-wide standard.

Send an inquiry →See services

Known for

AWS platform engineering

AWS and Hetzner

Terraform

Kubernetes

CI/CD automation

ELK observability

Kafka and RabbitMQ

LLM enablement

Company-wide AI adoption

MCP servers

01 / about

A platform engineer for the AWS work you haven't formalized yet.

Teams bring me in when their AWS has grown organically, when a migration or upgrade is overdue, or when leadership wants a real plan for how the company actually uses AI.

I work Infrastructure-as-Code, end to end. Every environment I touch leaves in Terraform or Pulumi with a CI pipeline and a handoff doc. Nothing clicked in a console, nothing secret to my head.

My standard engagement is formalizing an AWS environment into a real platform: networking, accounts, IaC, CI/CD, observability, so your team stops firefighting and starts shipping. From there it extends into cloud migrations, AI adoption, or platform upgrades, depending on where you are.

I spent eight years inside platform teams before going independent. That’s the lens I bring: infra that the people around it can actually read, own, and extend.

8yr

in production infra

click-ops environments

02 / services

What I do, and what I lead with.

AWS platform engineering is the core. Migrations, automation, and AI enablement build on top of it.

01 / primary

■ aws platform engineering

Formalize your AWS into a real platform: networking, accounts, IaC, CI/CD.

The work most teams hire me for. I take an AWS environment that grew organically and turn it into a versioned, reviewable platform: account structure, VPC and networking, Terraform or Pulumi modules, pipelines, and observability sized for your team.

Multi-account AWS architecture, landing zones
Terraform, modular and reviewable
CI pipelines: GitHub Actions, Jenkins, CircleCI, Bitbucket
Observability: Prometheus, Grafana, ELK stack
Secrets and access: SSM / Vault, IAM baselines

// Core stack

What I actually use day-to-day.

Short list on purpose. I go deep on these, not wide on every logo.

CloudAWS · Hetzner

IaCTerraform · Ansible

OrchestrationKubernetes · Helm

ObservabilityPrometheus · Grafana · ELK

MessagingKafka · RabbitMQ

AIClaude · OpenAI · Whisper · ChromaDB · MCP

■ automation & devops

CI/CD and IaC that your team can read, review, and own.

Pipelines, release flows, deployment strategies, and IaC modules designed to be reviewable, not a black box only I can touch.

GitHub Actions · Jenkins · CircleCI · Bitbucket
Terraform modules, reusable across teams
Ansible for configuration and golden images

■ cloud migration

Move to AWS without rewriting your company mid-flight.

Phased migrations off legacy providers or on-prem, with a paved path: accounts, networking, data, CI, in a sequence that keeps you shipping.

Discovery & sequencing plan
Data migration · Postgres · MySQL
Messaging & streaming (Kafka · RabbitMQ)

■ ai enablement

Secure LLM enablement and company-wide AI adoption standards.

I’m not an ML engineer. I set up the models, tooling, and processes the right way: securely, with guardrails, and with standards your whole company can actually follow. I track the AI space closely and usually sit 6 to 8 months ahead of what lands in the mainstream, so what you adopt today still holds up next quarter.

I also run my own custom agentic framework (a paradigm beyond LangChain / LangGraph) when a project needs deeper control than off-the-shelf tooling gives. That includes MCP servers, both existing and custom-built, to wire models into your real systems.

Models: Claude, OpenAI, Whisper
Vector and retrieval: ChromaDB, Ory / Lumen stack
LangChain, LangGraph, or custom agent framework
MCP servers, existing or custom
Company-wide usage standards and guardrails
Secure integration into engineering workflow

03 / process

How an engagement actually goes.

No surprises, no scope creep. Fixed-scope audit first, then implementation in clear two-week chunks.

step / 01 · week 0

Intro call

30 minutes. You describe the stack and the pain. I tell you honestly whether I’m the right person, and who is, if not.

step / 02 · week 1–2

Audit

Fixed price. I read your infra, your repos, your AWS bill. You get a written report: risks, wins, a prioritised plan.

step / 03 · week 3–12

Implementation

Two-week iterations. Weekly demo, daily async updates, PRs reviewable by your team. Everything in code, nothing in my head.

step / 04 · ongoing

Handoff

Docs and handoff: architecture overview, IaC walkthrough, a half-day session with your team. I stay on retainer for 30 days, after that you own it, cleanly.