About Nikola Novoselec

Technical Director, Zero Trust Program at one of Switzerland's critical infrastructure providers. Architecting Zero Trust and Agentic AI governance at enterprise scale across identity, connectivity, data, and workloads - spanning IT, OT, and IoT in highly distributed hybrid multicloud environments.

Image
Image
Image
Image
Image
Image
Image
Image
Image
Image
Image

Integration at Enterprise Scale

Learn More About MeDetails

00 + years

Turning disconnected requirements, products, and services into integrated architecture that works at enterprise scale. Working systems deployed across hybrid multicloud, legacy IT, and OT environments where failure isn't an option. The same integration expertise that built Zero Trust for critical infrastructure, brought to organisations ready for architecture that delivers quantifiable business outcomes. Production systems, not shelf documentation.

000 ° view

Complete understanding of your environment from edge to inference. Complexity that seems infinite often becomes manageable when someone maps the connections. My focus is how everything connects, where the handoffs fail, and where policy enforcement breaks down. That's the difference between theoretical frameworks and production architecture. When you understand end-to-end, problems that looked impossible become engineering challenges.

0  Fabric

One integrated architecture, one policy fabric. Regardless of your starting point, security maturity level, technology stack, or organisational complexity - the target is always convergence. Security, connectivity, and AI working together instead of breaking apart at component boundaries. One coherent framework where the entire layer enforces decisions together. The same policy decision, enforced everywhere, simultaneously.

Trusted by

Trusted by

I founded Gray Matter in 2016. It took a decade to find its purpose. After 14 years as an architect at one of Switzerland’s largest critical infrastructure providers - directing the Zero Trust transformation since 2022 - the purpose became clear: Zero Trust and governed Agentic AI are inseparable, and both need architecture that works in practice, not just in frameworks. The hardest problems sit in the gaps between policy and implementation, governance and delivery, architecture and operations.

What I Advise On

Zero Trust Architecture Building security architectures that work across fragmented enterprise estates, governance models, and legacy constraints. Horizontal policy woven into connectivity - so controls do not fail at the seams. Security that adapts to the user, not the other way around.

Governed Agentic AI Designing autonomy that is bounded by policy, identity, observability, and operational controls. The same conditions that make Zero Trust difficult at scale - fragmented identity, inconsistent policy, legacy complexity - also make Agentic AI risky to deploy. I help organisations adopt AI safely through Graduated Autonomy: enabling useful automation while preserving control, traceability, and accountability.

This is not theoretical. I build and operate autonomous AI systems in practice - from governed security operations to spec-driven engineering workflows. When I advise on AI governance and agentic coding adoption, it comes from operating these workflows, not from treating them as a trend.

Enterprise Scale Context

Zero Trust and AI governance are rarely limited by tooling alone. In large organisations, the harder problems are fragmented ownership, uneven governance, legacy integration constraints, and the challenge of applying consistent policy across users, systems, and regions.

My experience comes from leading one of Switzerland’s most significant transformations across this complexity:

  • Multi-region, multi-entity environments - 100+ subsidiaries, 3,500+ locations, 5M+ users across employees, customers, partners, and suppliers under one policy fabric
  • Legacy integration and technical debt - decades of legacy IT, IoT/OT, and industrial control systems integrated without breaking critical services
  • Governance and stakeholder alignment - approved across IT leadership, executive management, and the board, then funded and executed as a multi-year programme covering all seven Zero Trust pillars

Why Direct Engagement Works

Continuity The person who designed the architecture is the same person who guides implementation. No handovers, no re-education, no context lost between phases.

Aligned Incentives My success is measured by your outcomes, not billable hours. The engagement is focused on delivering results with direct access to the person doing the work.

Current Practitioner Experience My guidance comes from recent, hands-on experience building the systems I advise on. I still architect and build - which means recommendations reflect current operational reality, not yesterday’s best practices.

This model is not right for every engagement. If you need a team of 50 consultants or a global programme management office, a larger firm is the appropriate choice. I design at scale, then guide your teams through execution.

How I Work

Survivability Over Theory If a policy cannot survive peak operational loads or a legacy SAP instance, it is a liability, not a security measure. I prioritise resilient, pragmatic architecture over theoretical models. Architecture that cannot survive contact with your budget, organisational culture, and legacy systems is not architecture - it is theory.

Technology-First Advisory I help you decide what technology you need - and what you don’t. Whether selecting Zero Trust platforms, AI frameworks, or agentic coding toolchains, I guide your team through evaluation, RFI/RFP processes, and PoC design. When I recommend a product, it is because I believe it serves your interests.

Resilience Over Perfection I design for failure - not to prevent it, but to survive it. The architecture that wins accepts concentrated dependencies deliberately and designs for graceful degradation. I do not design for a world where technology never fails - I design for a business that survives when it does.

Founder

The Architect

I architected Zero Trust in one of Switzerland's most complex enterprise environments and build autonomous AI systems daily. One policy fabric across hybrid multicloud, legacy systems, IoT/OT, and Agentic AI.

Three convictions:

  • Complexity kills security before attackers do
  • Integration is the architecture - Zero Trust fails between components, not within them
  • AI autonomy without hard boundaries and control is just risk at machine speed
Nikola Novoselec

Nikola Novoselec

Founder & CTO

Get Started

Ready to Transform Your Architecture?

Every engagement starts with your specific situation - the architecture you have, the outcomes you need, and what's blocking progress. Whether security, velocity, or complexity. Whether you need a Zero Trust assessment, an AI governance architecture, guidance on agentic coding adoption, or help selecting the right technology - let's talk directly about your challenges. All discussions are handled confidentially, with the discretion expected in Swiss B2B relationships.

Schedule a Conversation
0 M+

Users

Customers, Partners, Employees

00000 +

Endpoints

Secured across hybrid multicloud infrastructure

0000 +

Public Domains

Secured across the enterprise footprint