First Person Platform E04 - Ian Evans on security as an enabler for financial institutions

Welcome back to First Person Platform, a new podcast for platform engineers. We kick off with a brief series of episodes featuring engineers and security practitioners who have either spearheaded or led teams in building tools for secure workload and service access. Each episode takes a deep dive into the motivation behind building the system, its origin story, lessons learned throughout the process, and provides an opportunity to get to know the brilliant minds working behind the scenes!


In this episode, I sit down with Ian Evans. Ian is a security architect and private contractor who provides a leading role in security architecture, implementation and optimisation projects with over 20 years industry experience.

He is a positive individual that believes there is a justifiable balance to be found in aligning security and technology decisions with business goals. He enjoys novel challenges and has found a passion in the intersections of AppSec, Platform Engineering and Cloud Security as it relates to the enterprise.

We talk about the real-life challenges of security engineering in Kubernetes and cloud-native environments, especially in industries where reliability and compliance are critical.

Ian shares how he got into cybersecurity, what it’s like managing security in agile environments, and how to balance speed with the need for strong security practices. We also dive into the importance of visibility and observability in building systems that are both secure and easy to manage.

Throughout the conversation, we explore how security can become a natural part of the process—supporting teams and keeping things running smoothly, even in fast-moving, complex environments.

In particular, we dig into a declarative approach for specifying access controls, similar to Otterize's Intent-Based Access Control.

Listen or watch below:

You can get in touch with Ian on LinkedIn.