REMOTE ROLES // CLOUD SECURITY & COMPLIANCE

Platform Security Architect

I design secure AWS platforms that enable organizations to scale with confidence. My work combines cloud security, governance, observability, and automation to build resilient infrastructure that satisfies operational, regulatory, and business requirements.

01 / About

Modern cloud security extends beyond firewalls and vulnerability management. I design secure platforms where identity, governance, monitoring, automation, and compliance are integrated into the architecture rather than added afterwards. Over the past two decades I have worked across enterprise infrastructure, DevSecOps, cloud transformation, and incident response, helping organizations improve resilience while reducing operational risk.

02 / Selected Works

Production Incident Response

Contained multiple crypto-mining infections across production servers on on-premise, and AWS Cloud, without service interruptions. Isolated dormant scripts and the cron jobs reactivating them, built cleanup automation, and restored affected systems under live traffic. Applied OWASP and CIS hardening, added firewall controls, and blocked recurring IP ranges.

Result: Approximately ₹50L+ in potential downtime losses avoided, with post-incident audits confirming continued stability.

Infrastructure Modernization

Standardized production, staging, and test environments to eliminate inconsistent deployments. Implemented role-based access control, patch management, and a clear separation of duties. Integrated ELK observability for early defect detection.

Result: Regression frequency dropped 50 - 70% within a quarter, and new-feature development velocity increased.

Security Operations Leadership

Implemented and Aligned environment with CIS controls through incremental transitions. Tightened controls, enhanced estate visibility with ELK monitoring implementation. Implemented Principle-of-least-privilege methodology across the estate.

Result: Sustained audit readiness, zero critical outages, consistent compliance across last five years in the current account.

Application Performance and User Behavior Analytics

Implemented custom analytics for tagging in python using scikit-learn and neuralprophet. Implemented statistical models that ranked system instability using a weighted Error Density Index, clustered user behaviour to distinguish normal usage from anomalous activity, and correlated crashes and latency spikes with preceding request patterns.

Result: Sustained application performance visiblity. Better clarity on user pain, and malfunctioning endpoints. Zero critical outages. Behaviour analytics with capability to distinguish between user abuse, and system instability.

Platform Engineering

Broad cross-platform infrastructure experience - Linux, Windows, AWS. Designed secure network subnets, CI/CD pipelines, and compliance-ready estates integrating CIS, OWASP, and ISO frameworks. Comfortable in Golang, Python, Bash, and PowerShell for automation and diagnostics. Current focus: combining security, infrastructure, and ML to enable resilient cloud operations.

03 / Current Work

AI-SecOps Lite - vendor-neutral SOC prototype

Building an automated detection -> decision -> adaptation pipeline using Suricata, Wazuh, DuckDB, MLflow, and n8n, with explainable models (IsolationForest, Prophet, SHAP) feeding SOAR feedback loops. Built with model lineage, pseudonymization, and human-in-the-loop controls in mind. Designed to extend later to reinforcement-learning playbooks and multi-tenant DuckDB setups.

04 / Professional Development

Blending SecOps with compliance - from AWS hardening to governance frameworks - into one CloudSec capability for MSSPs and regulated industries.

05 / Contact

Currently open to Platform Security Architect, Cloud Security Architecture, and DevSecOps leadership opportunities. Available for remote roles globally and consulting engagements involving cloud security, governance, and platform modernization.