01 The Challenge
FM Global engineers risk for commercial property worldwide, and its
risk decisions run on location intelligence: geocoded sites, parcel data, natural-hazard
analytics, and GIS workflows. The flagship property risk analytics application had grown
into a hard-to-evolve 1.x system — a React front end over .NET orchestration, a Hasura
GraphQL layer, PostgreSQL, and deep Esri ArcGIS integration — and the program needed a
Solutions Architect to define where it went next.
The environment was as much a part of the challenge as the code: two scrum teams, an
offshore development vendor, the Esri platform group, enterprise architects, a data-curation
organization, and an infrastructure/platform team — all of whom had to buy into a single
target architecture.
02 The Approach
The first months were spent reverse-engineering the legacy system into pictures the
whole program could reason about — C4 component diagrams and sequence diagrams of
the full analytics flow, built as architecture-as-code in PlantUML and driven through
team diagramming sessions so developers owned the model too. From that base, Leopard Data
designed the 2.x/3.x target architecture and drove it through design reviews with
principal and enterprise architects.
Architecture decisions were made hands-on, not on slides. We built a working
KEDA + Kafka autoscaling proof of concept — C# producers and consumers,
Dockerfiles, Kubernetes manifests — and demoed it four times to teams and architects.
We ran a multi-week, build-something-real evaluation of Azure Data Factory vs.
Databricks vs. Synapse for the data preprocessing tier, then led the team’s ADF
adoption: event-driven blob triggers, dedup and conditional branching, CSV-to-Parquet
pipelines, and ADF CI/CD. And we designed the geospatial data architecture itself —
a multi-provider geocoding flow (five geocoders evaluated), Parquet and GeoJSON storage
schemas, and ingestion from the enterprise data hub.
As the program’s security owner, Leopard Data ran the Veracode SAST program
(OWASP-informed triage and remediation across the .NET, Python, and GraphQL surfaces),
performed a full persona-and-permission security sweep of the Esri Workflow Manager layer
that produced the platform’s authorization matrix, and drove secrets into Azure Key Vault.
03 The Delivery
A Solutions Architect earns their keep by unblocking builders. Leopard Data coached the
team’s Python FastAPI geocoding service through auth, logging, and test design; set the
trunk-based branching strategy; wrote the code-commenting standard the team adopted; and
authored developer-ready design documents — including a scalable real-time download
feature design and disaster-recovery planning input. On the platform side we repeatedly
got the infrastructure provisioned that developers were waiting on: AKS-to-ADF integration,
Azure Functions, Service Bus queues, and Azure AD groups.
At engagement end, the architecture backlog had been rebuilt in Azure DevOps with clear
acceptance criteria, and the work was handed off through structured knowledge-transfer
sessions — leaving the program with an architecture it owned, not one it rented.
04 The Outcome
- Target 2.x/3.x architecture designed, socialized, and adopted across two scrum teams and the architecture guild.
- Azure Data Factory selected on hands-on evidence and adopted for the data preprocessing tier, with CI/CD and parallel-development workflow.
- KEDA + Kafka event-driven autoscaling pattern validated with a working PoC and demoed to enterprise architects.
- Veracode SAST program and Esri authorization matrix delivered — security posture measurably tightened and documented.
- C4/PlantUML architecture-as-code practice established, with diagrams attached to the delivery backlog.
- Clean, structured handoff of the architecture backlog at contract end.
05 Tech Stack
Microsoft Azure
Azure Data Factory
Databricks
AKS / Kubernetes
KEDA
Kafka
Azure Service Bus
C# / .NET
Python / FastAPI
PostgreSQL
Hasura GraphQL
Esri ArcGIS
arcpy
Parquet / GeoJSON
Veracode
C4 / PlantUML