THOMAS SALNOT
IT, Cloud & Security Leader
I work at the intersection of IT leadership, cloud, and cybersecurity. I design and lead secure, modern IT foundations that support growth, with a focus on architecture, automation, and practical security governance.
About
I'm an IT, cloud, and security leader with experience spanning hands-on engineering to CIO-level responsibility.
Over the past decade, I've helped organisations modernise their infrastructure, build governance foundations, and transition to cloud-first, identity-centric architectures. I've led teams of up to 18 people and managed budgets covering cloud services, ITAM/ITSM, security governance, SecOps, Salesforce, DevOps tooling, and data management. I also established a strategic partnership between Olea Medical and AWS, supporting the company's shift toward a modern cloud ecosystem.
My background includes ISO 27001, HDS, GDPR, HIPAA, ISO 13485, NIST CSF, and OWASP, with extensive experience in regulated medical and hospital environments and participation in more than 20 audits. I believe IT should be a strategic business partner, prioritising simplicity, strong identity, and user experience as core drivers of both security and operational effectiveness.
What I Do
IT Leadership & Governance
Structuring IT foundations, processes, and roadmaps. This includes identity and endpoint strategy, tool selection, governance frameworks, team leadership, and collaboration with engineering, product, and operations.
Cloud & Architecture
Designing secure, scalable, cloud-native environments: AWS landing zones, SaaS architectures, and patterns that balance speed, security, and maintainability.
Cybersecurity & Compliance
Security governance, risk management, and audit readiness across ISO 27001, HDS, GDPR, HIPAA, and quality-driven environments (ISO 13485).
Modern GRC & Automation
Using automation and AI to simplify governance. Integrating platforms, supporting analysis with AI, and designing processes that scale.
Selected Work
Olea Medical
Cloud, Security & Compliance Transformation
I helped drive Olea Medical's transition toward cloud-first architecture by supporting SaaS initiatives, security governance, and data management programs. I contributed to the company's ISO 27001 + HDS journey and led the development of a strategic partnership with AWS to support long-term modernisation.
ANA Healthcare
Building Modern IT & Security Foundations
At ANA Healthcare, I currently lead IT and cybersecurity end to end. This includes identity and access strategy, endpoint management across macOS/Windows/Linux, cloud and tools selection, and security governance. I focus on building a lean, modern stack that supports growth while meeting security and regulatory expectations.
AI-Powered Newsletter Automation SaaS
summry.io is a SaaS I designed and built to explore lightweight, AI-enabled architectures. It generates, schedules, and sends AI-curated newsletters using Next.js on Vercel, Supabase for backend and auth, Perplexity for research, and Resend for email delivery. It's a practical example of modern, cloud-native product design and automation.
How I Think
I believe modern IT should be simple, secure, and as automated as possible. Strong identity, clear architecture, and good defaults remove friction instead of adding it.
I see GRC and security not as blockers, but as part of how an organisation earns and maintains trust. Automation and AI are useful when they reduce manual work, improve visibility, or make decisions more transparent. Not when they add complexity for its own sake.
The best outcomes come from close collaboration with engineering, product, and operations teams. Working together rather than in silos.
My mindset is pragmatic and business-oriented: IT, security, and architecture exist to enable the organisation, not slow it down. I favour quick feedback loops and continuous improvement over heavy processes.
Experience Snapshot
Platforms & Cloud
AWS (primary cloud), GCP (high-level), Microsoft Entra, Defender, Intune, Purview, Tailscale, Twingate, Terraform for infrastructure as code.
Endpoints & Tooling
macOS, Windows, Linux endpoint management. NinjaOne, Notion, Confluence, Linear, GitHub/GitLab, Keeper, Salesforce.
Approach
I approach these technologies as an architect and leader, focusing on clarity, security, and long-term simplicity. I use AI tools extensively in my daily work.
Availability & Contact
I'm based in France (CET timezone) and currently lead IT & cybersecurity at ANA Healthcare. I'm also open to selected consulting engagements or discussing strategic opportunities where I can bring value in IT leadership, cloud architecture, and security governance. Remote worldwide, hybrid negotiable.
Feel free to reach out if you'd like to discuss a project or need support on IT, security, or compliance topics.