Platform Security Architect
01 / About
Modern cloud security extends beyond firewalls and vulnerability management. I design secure platforms where identity, governance, monitoring, automation, and compliance are integrated into the architecture rather than added afterwards. Over the past two decades I have worked across enterprise infrastructure, DevSecOps, cloud transformation, and incident response, helping organizations improve resilience while reducing operational risk.
02 / Selected Works
Production Incident Response
Contained multiple crypto-mining infections across production servers on on-premise, and AWS Cloud, without service interruptions. Isolated dormant scripts and the cron jobs reactivating them, built cleanup automation, and restored affected systems under live traffic. Applied OWASP and CIS hardening, added firewall controls, and blocked recurring IP ranges.
Result: Approximately ₹50L+ in potential downtime losses avoided, with post-incident audits confirming continued stability.
Infrastructure Modernization
Standardized production, staging, and test environments to eliminate inconsistent deployments. Implemented role-based access control, patch management, and a clear separation of duties. Integrated ELK observability for early defect detection.
Result: Regression frequency dropped 50 - 70% within a quarter, and new-feature development velocity increased.
Security Operations Leadership
Implemented and Aligned environment with CIS controls through incremental transitions. Tightened controls, enhanced estate visibility with ELK monitoring implementation. Implemented Principle-of-least-privilege methodology across the estate.
Result: Sustained audit readiness, zero critical outages, consistent compliance across last five years in the current account.
Application Performance and User Behavior Analytics
Implemented custom analytics for tagging in python using scikit-learn and neuralprophet. Implemented statistical models that ranked system instability using a weighted Error Density Index, clustered user behaviour to distinguish normal usage from anomalous activity, and correlated crashes and latency spikes with preceding request patterns.
Result: Sustained application performance visiblity. Better clarity on user pain, and malfunctioning endpoints. Zero critical outages. Behaviour analytics with capability to distinguish between user abuse, and system instability.
Platform Engineering
Broad cross-platform infrastructure experience - Linux, Windows, AWS. Designed secure network subnets, CI/CD pipelines, and compliance-ready estates integrating CIS, OWASP, and ISO frameworks. Comfortable in Golang, Python, Bash, and PowerShell for automation and diagnostics. Current focus: combining security, infrastructure, and ML to enable resilient cloud operations.
03 / Current Work
AI-SecOps Lite - vendor-neutral SOC prototype
Building an automated detection -> decision -> adaptation pipeline using Suricata, Wazuh, DuckDB, MLflow, and n8n, with explainable models (IsolationForest, Prophet, SHAP) feeding SOAR feedback loops. Built with model lineage, pseudonymization, and human-in-the-loop controls in mind. Designed to extend later to reinforcement-learning playbooks and multi-tenant DuckDB setups.
04 / Professional Development
Blending SecOps with compliance - from AWS hardening to governance frameworks - into one CloudSec capability for MSSPs and regulated industries.
- NIST Cybersecurity & Risk Management (CSF + RMF) - Coursera/Packt. Turns technical hardening into a governance program, linking incidents and risk treatment directly to cloud controls.
- CCSP Specialization - Coursera/Pearson. Structured coverage of cloud security domains beyond the AWS ecosystem.
- Data Security & Information Privacy - Coursera/Macquarie. Conceptual base for NIST and GDPR work - privacy, anonymization, and data handling.
- AI for Cybersecurity - Coursera. Applied AI patterns for threat defense - anomaly detection, adversarial modeling.
05 / Contact
Currently open to Platform Security Architect, Cloud Security Architecture, and DevSecOps leadership opportunities. Available for remote roles globally and consulting engagements involving cloud security, governance, and platform modernization.