About Thomas Joos
Strategic IT consultant, enterprise architect & technical author
Profile and career
More than three decades of consulting practice for enterprise clients, KRITIS operators, OT operators and authorities at leadership level shape my understanding of IT. My focus is on the design of future-proof digital architectures, their migration into hybrid cloud environments and consistent hardening against current threat scenarios. Technical depth meets strategic positioning in my client work. I work vendor-independent and always along relevant regulatory frameworks, including NIS2, DORA, CRA and the EU AI Act. My technical books sit on the shelves of many clients' IT departments, while I also write whitepapers for several hyperscalers without depending on any of them.

What I am writing and consulting on right now
Recent in-depth articles in leading trade publications such as ComputerWeekly, Heise iX and BigData-Insider centre on these areas:
A full overview of recent articles is available on the Publications page.
Consulting and publication side by side
Two activities, one standard: staying at the leading edge of current technologies – in my own lab, with my own tests, with my own architecture experience. Mandate contents remain strictly confidential. Research, tests and articles run entirely independent of them.
Anyone writing regularly on MCP, dMSA, Sovereign Cloud or agentic AI must also master these technologies in practice. For me, research means setting up, testing, deciding on architecture and comparing options – not paraphrasing whitepapers.
Consulting clients benefit twice. They receive vendor-independent advice, because I am not bound to any manufacturer’s sales side. And they receive consulting on current ground, because the next technology topic is usually already running in my lab before it hits the wider market.
Consulting practice
In my consulting practice, I combine strategic planning, technical implementation and the protection of demanding IT infrastructures. In the cloud area, the focus is on Microsoft Azure and AWS. In IT security, I focus on the consistent implementation of zero-trust architectures and identity access management.
In artificial intelligence, my goal is reliable integration into existing business processes. In the security sector, this includes consulting on acute cyber and ransomware incidents, the build-up of resilient IT structures and strategic support for cyber defence, exactly the topics that decide on recovery and business continuity when things get serious.

That was a great help! Thank you.
Certifications and qualifications
The technical foundation from many years of practice, complemented by vendor certifications.
- Specialist book author for MCSE and MCITP training
- Microsoft Certified Professional (MCP)
- Microsoft Certified Systems Engineer (MCSE)
- Microsoft Certified Systems Administrator (MCSA)
- Citrix Certified Administrator (CCA)
- Citrix Certified Sales Professional (CCSP)

Technical author & ghostwriter
Alongside my consulting work, I write as an author and ghostwriter. This includes regular contributions to the trade press, book publications and a permanent trainer role at LinkedIn Learning. I also take on commissioned work for communications and publishing agencies. As a ghostwriter, I write technically substantial articles for executives and industry figures, who publish them under their own name.
Companies & authorities
My client portfolio ranges from mid-sized companies to international corporations and hyperscalers. In the private sector and industry, this includes Microsoft, MHP, MediaMarktSaturn, MANN+HUMMEL, Mercedes-Benz, Commerzbank, DATEV, O2 Munich, Bechtle, HPE, AWS, Google, Dell, Forescout, OKTA, Firstware, Rosenberger Fiber Optic and Dürr AG. In healthcare and social services, Katharinenhospital Stuttgart and Vinzenz von Paul gGmbH rely on my consulting. International clients include Enovos Luxembourg and a major energy company in the Middle East. Many projects are subject to non-disclosure agreements. On request, I am happy to provide a detailed CV with the full project history.
„Thank you again for the very informative conversation, which we all enjoyed very much and which also inspired us."
Client projects & visibility
My authority and public-sector projects include strategic consulting for ministries and state governments at leadership level. As a consultant for KRITIS operators, I ensure the resilience of critical infrastructure in the energy, healthcare, finance and telecommunications sectors. For enterprise corporations, I take over architecture and migration management in the automotive industry, manufacturing, IT economy and various service sectors.
I have published over 100 technical books with leading publishers, including Microsoft Press, Addison-Wesley, O'Reilly, dpunkt, Rheinwerk, Springer Vieweg and Markt und Technik, and written thousands of technical articles for publications including c't, iX, Computerwoche, dpa and PC Welt/World. Alongside this, I deliver specialised C-level formats and workshops for clients, including Bechtle, DIN Media and WEKA. At industry conferences, I speak on cloud strategy, IT security and artificial intelligence.
Detailed CV on request: Many of my projects and client relationships are subject to non-disclosure agreements. I would be happy to provide you with a detailed CV with the complete project history – just contact me.

Switching off and clearing the head
The best solutions rarely emerge at the desk. I regularly run through the fields around Bad Wimpfen. That is where thoughts sort themselves out that get stuck in the office.
Working from anywhere
My work does not depend on a fixed place. Research, tests and writing happen wherever I am, with the same focus as in my own lab.


