Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Ashokan Sathish

Summary

A Senior Cloud Security Solution Architect, that thrives in complex problem-solving situations with an analytical and driven mindset to deliver solution at all cost. Outstanding experience in information security, risk management, architectural diagram with special set of skills in managing server infrastructures and data centre operations. Ability to implement upgradable, scalable, Hyper-Converged infrastructure to help achieve business agility, scalability, high availability and flexibility with a strong AWS & Azure ecosystem of high efficiency.

Overview

13
13
years of professional experience
1
1
Certification

Work History

Consultant; Senior Cloud Security Architect

Bank Of America
07.2023 - Current
  • Responsible for cloud security architecture, reviewed internal and external IT projects and applications for risk and adherence to security policies, standards, and industry best practices.
  • Participated on multiple internal security projects, evaluated and deployed cloud security technologies.
  • Helped defined, designed and secured infrastructure application architectures within primary tenants of Availability, Integrity and Confidentiality.
  • Participated in system specification review process to ensure system requirements can be translated into valid software architecture.
  • Delivered Cloud Security Architecture on assigned projects using AWS & Azure. Built cloud architecture with Azure, using Azure Resource Manager, Azure IaaS, PaaS offerings and services in Azure Commercial offerings and the AWS equivalent products and services.
  • Delivered AWS Cloud Security projects and managed delivery teams within scope of capabilities defined for Practices and Statement of Works (SOW).
  • Provided technical expertise and guidance on AWS security tools for Information Security teams. This include decisions about how cybersecurity and vulnerability monitoring will be performed, using/integrating both cloud-native and third-party security tools and controls.
  • Managed security tools and procedures, demonstrated and taught operational teams to utilize controls. Assisted and supported leJessicarship for organizations cloud strategy decisions.
  • Supported with designing, testing, and implementation of complex security solutions to meet security and regulatory requirements for cloud environments. Contributed and acted as author, for cloud security documentation including standards, specifications, and Security Reference Architectures.
  • Performed technology evaluations, supported business case development, test case definition, and vendor selection based on industry standard criteria.
  • Developed and maintained relationships with variety of stakeholders, including business owners, project managers, engineers, and customers.
  • Well-rounded background in host, network, database and application security.
  • Experience with Cloud/SaaS security, infrastructure security, key management, web application security, cyber security attack scenarios/kill chain, threat actors and controls, threat modelling, vulnerability assessments, information security governance.
  • Proven experience in designing, implementing and operating large-scale security architecture solutions within large and complex multi-supplier/multi-platform environment
  • Managed multiple security initiatives across multiple platforms, networks and applied security technologies. Experienced using an enterprise architecture methodology (STRIDE Framework & TOGAF)
  • Proven ability in security process and organizational design.
  • Proven understanding of operational integration of security functions.
  • Designed, installed and configured email encryption gateways with data loss prevention.
  • Developed security metrics and technical analysis to give insight into performance and trends.
  • Worked with business partners to balance requirements, security and risk reduction.

Consultant; Infrastructure & Security Engineer.

OCBC Bank
05.2022 - 05.2023
  • Worked closely with enterprise architects to identify and mitigate risks, perform security review, designed top tier security practices and architecture. Delivered strategic, innovative cloud-based security solutions.
  • Collaborated with Operations, Development, Cloud, and Risk Management teams to implement secured Infrastructure design, end-to-end security standards and best practices.
  • Supported projects from ground level up to full project deployment; developed solution at ground level for all project needs and existing environments, evaluated project environment, and developed security requirements and solutions for various levels of projects.
  • Performed deep analysis and develop security metrics that measure current risk & gaps, effectively evaluated and managed threats/risks. Implemented security controls in a self-service environment. Experienced with security domain coverage.
  • Good understanding of designing across public cloud solutions. This includes strategy and choices for individual architectural components as well as implementation design within those components.
  • Involved in public cloud solution design, cloud management, monitory and cloud adoption planning with focus on Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).
  • Supported development of delivery model, operational model, skills, and team structure required to transition projects to Operations aligning with global standards and compliance.
  • Developed and supported security standards for various products and infrastructure projects.
  • Evaluated security postures on projects deployments and provide enhanced security solutions while considering risks and costs.
  • Provided critical security expertise and leJessicarship for security initiatives.
  • Developed and documented secured solutions for various internal and external services, evaluating risks to business while considering costs.
  • Communicated complex security solutions at all levels from technical detailed documents to executive level presentations and environments.
  • Routinely worked on multiple projects from small focused security enhancements to large infrastructural projects.
  • Handling IT enterprise IaaS and PaaS cloud architecture practices and methods.
  • Architecting, configuring, supporting, and auditing cloud concepts related to subscriptions, resources, service groups, networking, authentication, and tenant governance.
  • Analyzed, designed, implemented, and deployed cloud infrastructure & cloud security solutions for scalability within a hybrid IT environment, specifically Azure and AWS.
  • Liaising with development and infrastructure teams on technology solutions including Azure DevOps, Kubernetes, CI/CD and code scanning tools.
  • Provided tier 3 level cloud infrastructure support.
  • Worked with vendors to implement, address and coordinate new releases.
  • Assisted in designing, implementing on-premises migration paths for identified systems.
  • Demonstrated success in dealing with firewalls, IDS/IPS, SEIM, access control and load-balancing.

Information Techology Security

Mindtree
11.2021 - 05.2022
  • Assisted in managing entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation.
  • Contributed to design and implementation of additional security measures to enhance monitoring capabilities.
  • Assisted with third-party security assessments.
  • Participated in risk management process, including documenting, reviewing and updating systems on regular basis; which contributed in preparations of internal risk reports.
  • Responsible for configuring vulnerability assessment tools, as well as performing scans, researching, and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results.
  • Identified and resolved false-positive findings in assessment results.
  • Produced metrics, reporting, and recommendations on state of system security, threats, vulnerabilities, and compliance
  • Supported investigations on risk incidents and produced detailed summaries identifying causes of incident, process failures and proposed risk mitigation and following up actions.
  • Performed, updates and maintains existing reports and processes.
  • Executed risk management processes and procedures to maintain Policies and Standards compliance.
  • Responsible for day-to-day information security analysis; supporting information security manager with events and alerts oversight.
  • Supported the information security manager with various tools, including the Security Incident & Event Management (SIEM) and its various security orchestration, automation, and response capabilities.
  • Helped to evaluate key information security risks, root cause factors for audit testing exceptions and identifying practical solutions.
  • Performed vulnerability scans, assess vulnerabilities risk, and advised on recommended actions.
  • Served as central coordinating and communications component for security efforts coordination, incident and vulnerability management, for teams supporting systems. Also analyzed security issues, determined cause and impact, identified corrective action needed to eliminate and prevent event from happening in future.

Senior Site Reliability Engineer

DHL IT Services
11.2017 - 11.2021
  • Monitored and reported on test results and performance data to identify areas of opportunity for improvement.
  • Demonstrated new product features and functionality to project stakeholders.
  • Collaborated with cross-functional teams for identification and resolution of validation issues.
  • Trained and guided onsite and offshore team members in quality assurance standards, policies and procedures.
  • Produced and maintained technical documentation for project reference.
  • Met tight deadlines to satisfy client demands and project timelines.

Senior Consultant

Capgemini Private Limited
01.2016 - 11.2017
  • Determined areas for improvement and implemented processes to alleviate problems.
  • Performed business research and financial analysis.
  • Prioritized projects and project tasks depending upon key milestones and deadline dates.
  • Monitored technology use and program functionality, updating programs and making changes to enhance output.
  • Created monthly forecast templates and resource management allocations for approved projects.

System Support Specialist

OCBC Bank
01.2012 - 10.2015
  • Maintained documentation and resources regarding problem resolution for reference in future instances.
  • Resolved computer and system networking problems to maintain user productivity.
  • Stayed up to date on software and hardware updates to optimize efficiency and productivity for management of clients.
  • Culled technology knowledge to perform IT troubleshooting, restoration, and maintenance services to maintain organizational performance levels.

Software Engineer

Serus Corporation
01.2011 - 12.2011
  • Coordinated with other engineers to evaluate and improve software and hardware interfaces.
  • Reviewed project specifications and designed technology solutions that met or exceeded performance expectations.
  • Worked with software development and testing team members to design and develop robust solutions to meet client requirements for functionality, scalability, and performance.
  • Provided guidance and mentored less-experienced staff members.

Education

MCA (Masters in Computer Applications) - Computer Applications

Anna University
Coimbatore, India
06.2007

BCOM (CA) - Bachelor of Commerce With Computer Applications

Gobi Arts & Science College
India
04.2007

Skills

  • Conflict resolution/High Achiever Team leJessicarship/Security Awareness Team Motivation/ Self-motivation Information Protection and Analysis
  • Governance, Risk & Compliance (GRC) AWS, Azure, Google Cloud, BCP & DRP, PKI, Cisco Umbrella, Dome9, Device42
  • Database Querying Languages; MySQL, NOSQL/DynamoDB, Windows Shell, Palo Alto Prisma, Cortex
  • AWS Firewall, Control Tower concepts, Security Hub, Security Guardrails
  • Amazon Web Services (EC2, EBS, S3, IAM, AMI, VPC, VPC Peering, NACL, Security Groups, Route53,

  • Auto Scaling Group, ELB, SNS, CloudWatch, Elastic Beanstalk, Cloud Formation) Cloud Passage, F5, Barracuda Security Guardian Jira, Aviatrix, F5 Palo Alto Panorama, Expedition, Guardrails Configuration, IAM, Lambda
  • Security Architecture Technologies & Infrastructure Architecture
  • Cloud Architecture Design & Security Regulations Compliance
  • Implementing Security Measures & System Architecture Design
  • Cloud Security Applications Design
  • Network Security Architecture & Oversight

Certification

  • AWS Solutions Architect Associate (AWS SSA)
  • AWS Certified Cloud Practitioner (AWS CCP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)- In- View
  • Certified SAFe (SAFe)
  • Certified ScrumMaster (CSM)

Timeline

Consultant; Senior Cloud Security Architect

Bank Of America
07.2023 - Current

Consultant; Infrastructure & Security Engineer.

OCBC Bank
05.2022 - 05.2023

Information Techology Security

Mindtree
11.2021 - 05.2022

Senior Site Reliability Engineer

DHL IT Services
11.2017 - 11.2021

Senior Consultant

Capgemini Private Limited
01.2016 - 11.2017

System Support Specialist

OCBC Bank
01.2012 - 10.2015

Software Engineer

Serus Corporation
01.2011 - 12.2011

MCA (Masters in Computer Applications) - Computer Applications

Anna University

BCOM (CA) - Bachelor of Commerce With Computer Applications

Gobi Arts & Science College

Similar Profiles

CREATE PROFILE
Ashokan Sathish