Case Study · Insurance · Solutions Architecture

FM Global — Property Risk Analytics Re-Architecture

A year as Solutions Architect for one of the world’s largest commercial property insurers — reverse-engineering a legacy geospatial analytics platform, designing its cloud-native successor, and owning application security across a ~50-person, multi-vendor program.

Role: Solutions Architect Program: ~50 people across two scrum teams + vendors Duration: 12 months (initial term + extension)

01 The Challenge

FM Global engineers risk for commercial property worldwide, and its risk decisions run on location intelligence: geocoded sites, parcel data, natural-hazard analytics, and GIS workflows. The flagship property risk analytics application had grown into a hard-to-evolve 1.x system — a React front end over .NET orchestration, a Hasura GraphQL layer, PostgreSQL, and deep Esri ArcGIS integration — and the program needed a Solutions Architect to define where it went next.

The environment was as much a part of the challenge as the code: two scrum teams, an offshore development vendor, the Esri platform group, enterprise architects, a data-curation organization, and an infrastructure/platform team — all of whom had to buy into a single target architecture.

02 The Approach

The first months were spent reverse-engineering the legacy system into pictures the whole program could reason about — C4 component diagrams and sequence diagrams of the full analytics flow, built as architecture-as-code in PlantUML and driven through team diagramming sessions so developers owned the model too. From that base, Leopard Data designed the 2.x/3.x target architecture and drove it through design reviews with principal and enterprise architects.

Architecture decisions were made hands-on, not on slides. We built a working KEDA + Kafka autoscaling proof of concept — C# producers and consumers, Dockerfiles, Kubernetes manifests — and demoed it four times to teams and architects. We ran a multi-week, build-something-real evaluation of Azure Data Factory vs. Databricks vs. Synapse for the data preprocessing tier, then led the team’s ADF adoption: event-driven blob triggers, dedup and conditional branching, CSV-to-Parquet pipelines, and ADF CI/CD. And we designed the geospatial data architecture itself — a multi-provider geocoding flow (five geocoders evaluated), Parquet and GeoJSON storage schemas, and ingestion from the enterprise data hub.

As the program’s security owner, Leopard Data ran the Veracode SAST program (OWASP-informed triage and remediation across the .NET, Python, and GraphQL surfaces), performed a full persona-and-permission security sweep of the Esri Workflow Manager layer that produced the platform’s authorization matrix, and drove secrets into Azure Key Vault.

03 The Delivery

A Solutions Architect earns their keep by unblocking builders. Leopard Data coached the team’s Python FastAPI geocoding service through auth, logging, and test design; set the trunk-based branching strategy; wrote the code-commenting standard the team adopted; and authored developer-ready design documents — including a scalable real-time download feature design and disaster-recovery planning input. On the platform side we repeatedly got the infrastructure provisioned that developers were waiting on: AKS-to-ADF integration, Azure Functions, Service Bus queues, and Azure AD groups.

At engagement end, the architecture backlog had been rebuilt in Azure DevOps with clear acceptance criteria, and the work was handed off through structured knowledge-transfer sessions — leaving the program with an architecture it owned, not one it rented.

04 The Outcome

  • Target 2.x/3.x architecture designed, socialized, and adopted across two scrum teams and the architecture guild.
  • Azure Data Factory selected on hands-on evidence and adopted for the data preprocessing tier, with CI/CD and parallel-development workflow.
  • KEDA + Kafka event-driven autoscaling pattern validated with a working PoC and demoed to enterprise architects.
  • Veracode SAST program and Esri authorization matrix delivered — security posture measurably tightened and documented.
  • C4/PlantUML architecture-as-code practice established, with diagrams attached to the delivery backlog.
  • Clean, structured handoff of the architecture backlog at contract end.

05 Tech Stack

Microsoft Azure Azure Data Factory Databricks AKS / Kubernetes KEDA Kafka Azure Service Bus C# / .NET Python / FastAPI PostgreSQL Hasura GraphQL Esri ArcGIS arcpy Parquet / GeoJSON Veracode C4 / PlantUML

Need an architect your whole program will follow?

Working proofs of concept, architecture-as-code, and security ownership — not slide decks. Let’s talk.