Ghouse Amrullah S
Cybersecurity Architect
Bengaluru
Summary
- Dynamic professional with 24 years of experience in operations, consulting, architecture, and technology sales.
- Proven track record at Microsoft Corporation (India) in cloud security and leadership.
- Expertise in cloud security best practices, Zero Trust architecture, and security compliance with industry standards like NIST and ISO 27001.
- Leadership in migrating EDR, significantly enhancing security architectures.
- Extensive experience in Extended Detection and Response, SIEM/SOAR solutions, secure multi-cloud management, and security operations. In-depth knowledge of Microsoft security and identity technologies
- Strong operational and process management expertise, familiar with ITIL and other IT operations frameworks.
- Demonstrated strong analytical and technical skills, with a proven ability to develop innovative solutions to technical challenges.
- Developed and deployed a Security Information and Event Management (SIEM) solution, reducing MTTD security incidents by 70%.
- Implemented automated security testing and continuous monitoring, increasing code security by 45% and reducing vulnerability remediation time.
- Collaborated with cross-functional teams to create a secure DevOps pipeline, accelerating release cycles by 30%.
- Spearheaded the implementation of a Zero Trust Architecture, reducing security incidents by 78% and improving overall system performance.
- Led the development of an AI-driven threat detection system, neutralizing 99.9% of potential breaches.
- Fortified enterprise cloud environments for Fortune 500 companies, achieving a 40% improvement in compliance metrics and reducing incident response times by 30%.
- Recognized for driving cost savings, enhancing security culture, and maintaining 100% compliance with international standards.
Overview
25
25
years of professional experience
6
6
years of post-secondary education
10
10
Certifications
5
5
Languages
Work History
Cybersecurity Architect & Specialist
MICROSOFT CORPORATION (INDIA) PVT LTD
Bangalore
03.2016 - Current
- In-depth knowledge of Microsoft security and identity technologies, including Active Directory, Microsoft Entra ID, Microsoft Purview, Microsoft Defender XDR, Defender for Cloud, and Microsoft Sentinel.
- Proficient in designing and implementing advanced threat protection tools (XDR & ITDR) in the enterprise environments to effectively detect, investigate, and respond to threats.
- Experienced in Migrating AV & Endpoint detection and response solution (EDR) on endpoints and servers.
- Designed and implemented comprehensive security architectures for enterprise systems, enhancing overall security posture.
- Experienced in applying secure by design approach to identify and mitigate potential security risks early in the development lifecycle.
- Experienced in implementing secure by default strategies to ensure that the systems are configured with highest security settings from the outset, reducing the likely hood of security breaches.
- Conducted risk assessments and vulnerability analyses to identify and mitigate potential security threats.
- Actively participated in developing the organization's cloud security strategy, collaborating with senior leadership and stakeholders to define security objectives, establish governance frameworks, and set strategic priorities.
- Experienced in identifying, analyzing and mitigating security risks through comprehensive threat modelling and vulnerability assessments.
- Skilled in assessing and enhancing the security posture of cloud environments, continuous monitoring and ensuring improved security across resources in multi-cloud environment, implemented best practices, addressed security gaps/misconfigurations.
- Designed, implemented, and optimized SIEM/SOAR solutions for comprehensive visibility into potential threats, streamlining threat detection and response processes. Also resulting in reduced/improved mean time to detect (MTTD), mean time to respond (MTTR) of security incidents.
- Proficient in developing security policies, and procedures to safeguard data confidentiality, integrity, and availability. Implemented data classification, labeling, and data loss prevention policies to ensure the proper handling and protection of sensitive information, maintaining compliance and data privacy.
- Spearheaded the implementation of a Zero Trust Architecture across a multi-cloud environment. Enforced JIT and JEA strategies/approaches to implementing the principle of least privilege and reducing the attack surface in cloud environments.
- Proficient in identity solutions and security concepts such as Security Operations, Zero Trust, Privileged Access Management, Just-in-Time Administration, and Privileged Access Workstations.
- Configured and managed Entra AD for secure authentication and authorization, setting up MFA, conditional access policies, and identity governance to minimize the risk of credential theft.
- Secured cloud applications by detecting and mitigating shadow IT, protecting sensitive data, and enhancing overall security through app discovery, threat detection, and data protection measures.
- Managed and secured enterprise devices, enforcing compliance policies, managing mobile devices and applications, and implementing MAM and MDM policies for a secure mobile workforce.
- Conducted regular compliance assessments, managed data retention policies, and performed eDiscovery searches to maintain high compliance levels and reduce legal risks.
- Fostered a security-conscious culture by developing and implementing comprehensive security awareness and training programs, conduct regular training sessions, and simulating phishing attacks.
- Experienced in incident response and recovery strategies, establishing, and managing incident response plans, conducting tabletop exercises, and post-incident reviews to enhance organizational resilience.
- Experience in threat hunting and analyzing security incidents to determine root causes and impacts.
- Experienced in transforming security with the power of AI for enhance threat detection, Improved incident and response time, adapt to new threats, automate and optimize security workflows, reduce alert fatigue, and enhance threat intelligence capabilities. Integration of AI and ML intelligence for identification and mitigation of potential security threat and breaches, leveraging behavioral analytics and real-time threat intelligence to safeguard critical assets.
- Possess in-depth knowledge of cloud computing platforms proficient in cloud security concepts including encryption, network security, and secure DevOps practices.
- Deep understanding of network security principles, including VPNs, intrusion detection/prevention systems, and secure network design. Skilled in configuring security tools, managing encryption protocols, and setting up network security components to prevent unauthorized access and cyber-attacks.
- Skilled in assessing and establishing security baselines tailored to organizational needs. Well-versed in cybersecurity principles, including Advanced Persistent Threats (APTs) and credential theft mitigation best practices.
- Implemented automated security testing and continuous monitoring processes, increasing code security and reducing vulnerability remediation time from weeks to hours. Worked closely with DevOps, IT, and application development teams to integrate security into the CI/CD pipeline and ensure secure code practices.
- Helped improve security risk posture in compliance with Zero Trust, Least Privilege, Defense in Depth, Layered Security Principles from perimeter to end point / cloud edge network security.
- Experienced in Designing and implementing Enhanced Security Administrative Environment (ESAE) by creating a highly secure, isolated environment for Active Directory administration enforcing the Separation of Duties, Tiered administrative model and enhanced security measures such as Just-Enough-Administration (JEA), Just-In-Time (JIT) Administration, Privileged Access Workstations (PAWs)
- Hands-on experience with cloud security tools and technologies, such as Extended security posture management (XSPM) and cloud workload protection platforms (CWPP)
- Developed and implemented comprehensive IT/OT/IoT security strategies that align with industry best practices and regulatory requirements. Experience in conducting risk assessments, and maturity assessment for OT/IoT systems and products to identify and prioritize security threats and weaknesses. Experience with handling well-known OT technologies Microsoft Defender for IoT (CyberX)
Senior Enterprise Architect - IT Infra & Security
Cognizant Technology Solutions India Ltd
Bangalore
07.2010 - 03.2016
- Conducted thorough risk assessments related to connected product deployments, identifying potential vulnerabilities and implementing proactive measures to mitigate risks.
- Experienced in designing, implementing, managing, migrating, and securing/hardening large-scale Active Directory deployments.
- Planned, implemented, and managed Active Directory tiered administrative models to reduce the risk of security breaches and ensure efficient management of IT resources.
- Implemented automated security controls and monitoring solutions to detect and respond to security threats in real-time.
- Designed and enforced IAM policies and roles, ensuring least-privilege access across all resources.
- Experienced in designing, implementing, and managing a large-scale PKI (Public Key Infrastructure) architecture and design.
- Practical knowledge and skill in managing and configuring a Distributed File System (DFS) on a network.
- Designed, configured, and managed Active Directory Federation Services (ADFS) to enable Federated Identity and Access Management by securely sharing digital identity and entitlements rights across security and enterprise boundaries.
- Experienced in designing, implementing, and managing large-scale Exchange on-premises and Lync server deployments, implementing redundancy features like DAG (Database Availability Group) for Exchange and resiliency strategies for Lync to maintain service continuity in case of failures.
- Ensured compliance with data privacy and security regulations by implementing appropriate encryption, retention policies, and access controls.
- Designed, planned, and executed Exchange migrations to Office 365, and experienced in implementing and managing Exchange hybrid deployment with O365.
- Established and led incident response plans, ensuring rapid and effective responses to security incidents affecting product deployments and conducted post-incident analysis to identify areas for improvement and implement corrective actions.
- Planned and executed failover tests and disaster recovery for key infrastructure components such as Active Directory, PKI, ADFS, DFS, Lync, and Exchange setups.
- Designed, implemented, and managed email security, antivirus/ antispam, email archival, journaling, and BYOD solutions.
- Ensured identity security including periodic review of access logs, anomaly access and account review, excessive and outlier permissions, and inactive accounts with high privileges.
- Assisted in the review and update of security policies, architectures, and standards, and responded to audits, penetration tests, and vulnerability assessments.
- Developed security strategies in collaboration with executive leadership to align with organizational goals.
- Risk assessed, drove architecture, design, and implementation of security platforms and solutions with architectural excellence, thought leadership, and authority.
- Conducted regular risk assessments to ensure compliance with relevant laws, regulations, and industry standards.
- Developed and executed security policies and procedures to align with organizational goals and compliance requirements.
- Deep understanding of network security principles, including VPNs, intrusion detection/prevention systems, and secure network design.
- Ensured the systems are patched up to date with the most recent security patches available from software vendors, effectively mitigating known vulnerabilities
- Managed L3/L4 operation escalated support issues. Being an Active member of Microsoft community within the organization, my technical insight and guidance has helped to sail smoothly out of many critical situations with end customers
Associate Consultant, Systems
HCL Technologies
Chennai
07.2008 - 07.2010
Senior Systems Engineer
GAVS Information Services Pvt. Ltd
Chennai
12.2006 - 07.2008
MIS Manager
Shore to Shore MIS Pvt. Ltd
Chennai
12.2002 - 12.2006
Systems Engineer
Kuber Info Solutions
Chennai
07.2000 - 12.2002
Education
BBA - Computer Applications
Annamalai University
Chidambaram, India 05.2003 - 05.2006
Diploma in - Electrical, Electronics Engineering
Muthiah Polytechnic
Chidambaram, India 05.1997 - 05.2000
Skills
Cloud Security Best Practices
Multi-Cloud Security Management - CNAPP, CSPM, CWP
Security Compliance (NIST, CIS, ISO 27001, PCI DSS, HIPAA)
Cloud Security Governance
Application security
Threat Detection and Response
Zero Trust Security Model
Security Automation
DevSecOps and CI/CD Security Integration
Identity and Access Management (IAM)
Cloud infrastructure Entitlement Manage
Security Monitoring and Analytics
Incident Response Planning and Execution
Cloud Security Architecture Design
Security Awareness Training Program Development
Data Protection and Privacy
Security Risk Assessment and Mitigation
Security Policy Development and Enforcement
Cloud Workload Migration Security
Technical Leadership and Team Management
Vendor and Stakeholder Management
Continuous Security Improvement
Certification
Certified Information Systems Security Professional (CISSP)–(ISC)2
Timeline
Certified Information Systems Security Professional (CISSP)–(ISC)2
10-2024
Cybersecurity Architect & Specialist
MICROSOFT CORPORATION (INDIA) PVT LTD
03.2016 - Current
Senior Enterprise Architect - IT Infra & Security
Cognizant Technology Solutions India Ltd
07.2010 - 03.2016
Associate Consultant, Systems
HCL Technologies
07.2008 - 07.2010
Senior Systems Engineer
GAVS Information Services Pvt. Ltd
12.2006 - 07.2008
BBA - Computer Applications
Annamalai University
05.2003 - 05.2006
MIS Manager
Shore to Shore MIS Pvt. Ltd
12.2002 - 12.2006
Systems Engineer
Kuber Info Solutions
07.2000 - 12.2002
Diploma in - Electrical, Electronics Engineering
Muthiah Polytechnic
05.1997 - 05.2000