Amit Malhotra — Principal GCP Architect & DevSecOps Expert
I’m Amit Malhotra, a Principal GCP Architect and founder of Buoyant Cloud, based in Toronto. With 20+ years in IT — including 6+ years hands-on with Google Cloud and DevSecOps — I work directly with engineering teams across Canada and the USA to design, modernize, and operate secure, scalable GCP platforms.
Over my career I’ve designed and delivered cloud platforms across some of North America’s most complex and regulated environments — including RBC, Tangerine Bank, Telus Health, Loblaws, and Ford. That depth of experience shapes how I approach every engagement: security-first, operationally grounded, and built for long-term scale.
I founded Buoyant Cloud because I kept seeing the same pattern: teams paying for senior expertise and getting junior delivery. Frameworks that looked good in a presentation but fell apart in implementation. I wanted to build a practice where clients work directly with me — from the first architecture conversation through to production — and where the work is grounded in real engineering, not consulting theatre.
How I Got Here
I started my career as an application developer — writing code, shipping features, and learning how software actually behaves in production. That early experience gave me something a lot of architects lack: a genuine understanding of what it’s like to be on an engineering team, not just advising one.
Over time I moved into DevOps, then DevSecOps — building CI/CD pipelines, hardening infrastructure, and learning that most security problems aren’t technical failures, they’re design failures. Security gets bolted on because nobody thought about it early enough. I decided that wasn’t how I wanted to build things.
That eventually led me into cloud architecture and platform engineering — designing the foundations that entire engineering organisations run on. I worked across some of Canada’s most complex regulated environments: banking systems at RBC and Tangerine Bank, healthcare platforms at Telus Health, enterprise infrastructure at Loblaws and Ford. Each engagement taught me something about what production-grade really means when the stakes are high.
I founded Buoyant Cloud to do this work differently — without the agency overhead, without junior handoffs, and without generic frameworks that don’t survive contact with a real production environment. You work directly with me, from architecture through delivery. That’s the whole point.
What I'm Here to Do
Every engagement I take on is guided by the same set of principles — regardless of the client’s size, industry, or stage.
My mission is to help engineering teams build simple, secure, and scalable cloud platforms they can confidently understand and operate. I focus on reducing unnecessary complexity, improving reliability, and embedding security and automation into how systems are designed and delivered.
I believe effective cloud architecture should increase team capability — not create long-term dependence on consultants.
Delivering Architectural Leadership
Make the right architectural decisions early — so teams don't spend years paying for the wrong ones. I focus on system design and trade-offs before tools, platforms, or services are ever chosen.
Engineering Security by Default
Security isn't a compliance checkbox — it's an architectural principle. I design Zero-Trust, least-privilege environments where security is structural, not layered on top after the fact.
Accelerating Modernization
Move from manual, fragile infrastructure to Terraform-driven, cloud-native platforms — without disrupting production or burning your engineering team on a multi-year migration that never ships.
Maximizing ROI
Your cloud bill should reflect what you actually need — not accumulated debt from over-provisioned VMs and forgotten services. I design platforms that scale efficiently and help teams understand where their infrastructure spend is going.
These aren’t values I put on a slide — they’re how I actually work, and what I hold myself to on every engagement.
Transparency
I believe in honest, open communication and clear expectations. I prefer direct conversations over polished presentations, especially when discussing technical trade-offs or risks.
Accountability
I take full ownership of the work I commit to, from architectural decisions to implementation outcomes. If something isn’t working, I take responsibility for fixing it.
Passion & Innovation
I enjoy working with modern cloud technologies, but I focus on practical innovation — choosing tools and patterns that solve real problems, not just what’s trending.
Collaboration
I work closely with engineering teams, treating them as partners rather than clients. The best systems are built collaboratively, with shared context and ownership.
Security & Scalability by Design
I design systems with security and scalability as foundational principles, not add-ons. Every platform I build is intended to handle real production workloads and operate safely from day one.
How I Work
Every engagement follows the same four-phase approach — not because it’s a rigid framework, but because I’ve found this sequence consistently leads to better outcomes. We start by understanding the real problem, not just the stated one
I’ve worked with teams at startups, scale-ups, and large regulated enterprises. The context changes, but the way I work doesn’t.
Architect-Led, Not Sales-Driven
Not a project manager. Not a junior engineer. Me — in your architecture reviews, your Terraform modules, your CI/CD pipeline design. I don’t hand off once the contract is signed. That’s the whole point of working with Buoyant Cloud rather than an agency.
North American Alignment
Not a project manager. Not a junior engineer. Me — in your architecture reviews, your Terraform modules, your CI/CD pipeline design. I don’t hand off once the contract is signed. That’s the whole point of working with Buoyant Cloud rather than an agency.
Infrastructure as Code (IaC)
I think in systems, not services. Before I recommend a GCP service, I understand how your platform is structured, how your team deploys, and where the real bottlenecks are. Terraform and IaC come second. Architecture comes first — and that’s how I’ve helped clients avoid costly redesigns from tool-first thinking.
Security-First DNA
I’ve designed security-compliant platforms under real regulatory constraints — at RBC, Tangerine Bank, and Telus Health. SOC 2, PCI, and HIPAA aren’t abstractions. That experience means I can build compliance-ready platforms without turning your roadmap into a compliance project
Specialized MLOps & AI
I help teams bridge the gap between experimentation and production by designing secure, scalable infrastructure for deploying and operating ML and GenAI workloads.
Cost-Optimized Growth
I build platforms your team can understand, operate, and evolve without me. That’s what good architecture looks like — and it’s the opposite of how most consultants work. I design for your long-term independence, not my next invoice.
A structured, architecture-first approach to designing and evolving secure, scalable cloud platforms.
Speak Directly With Amit Malhotra
Operating From
Based in Toronto (EST), working with engineering teams across Canada & USA
Tell me about your current platform and where you're trying to get to. I'll respond with thoughts, not a proposal.
Speak directly with me — a Principal Cloud Architect — about your GCP architecture, security, platform engineering, or MLOps goals. I typically respond within one business day.
Get In Touch
Trusted Technical Advisor
Amit works as a true architecture partner, not just a consultant. He focuses on making the right decisions early and designing systems that remain maintainable as they scale. His guidance helped us avoid costly redesigns and establish a solid cloud foundation from the start.
- Kanishk P,
- Binoloop Inc
Architecture leadership
Amit helped us redesign our Google Cloud architecture to support rapid growth without increasing operational complexity. His ability to simplify difficult architectural decisions and design scalable platform foundations had an immediate impact on our engineering velocity and system reliability.
- Rohit Kulkarni,
- Cascade Cloud Inc.
Platform engineering & DevSecOps
We engaged Amit to build a secure and scalable platform on Google Cloud with Terraform, Cloud Run, Kong API gateway and automated CI/CD. He brought deep hands-on expertise and designed everything with long-term operability in mind. Our deployment process is now significantly more reliable and secure.
- Hema Kumar,
- Pemvish.com