$ deploy-cloud-ai-infrastructure --optimize=true --scale=auto

Purushotham@Cloud:~$ whoami

I architect cloud-native platforms and security systems at enterprise scale โ€” from zero-trust Sentinel deployments and multi-tenant AKS clusters to AI/LLM infrastructure and DevSecOps automation. 15+ years across AWS, Azure, and GCP delivering measurable outcomes: 75% faster deployments ยท 40% cost reduction ยท 95% fewer security incidents.

Explore My Work Get In Touch
Open to senior roles & consulting contracts  —  Currently Available
Platform Modernisation Security Architecture AI Infrastructure DevSecOps Advisory

DevSecOps Engineer & Infra. Platform Architect

I build scalable cloud infrastructure and automate deployment pipelines that power innovation at scale. Ensuring the security and reliability of modern applications is my passion.

15+
Years Experience
30+
Enterprise Engagements
99%
Uptime Achieved
Multi-Cloud Architecture
CI/CD Automation
Security & Compliance
Monitoring & Alerts
Infrastructure as Code
Performance Optimization

Proven Impact

75%
Faster Deployments
40%
Cost Reduction
95%
Fewer Incidents
2x
Team Productivity

$ git log --author="Mpurushotham" --since="1 year ago" --oneline | wc -l

Mpurushotham GitHub contribution graph
Mpurushotham GitHub stats Top programming languages
GitHub streak stats

</> View all repositories on GitHub →

$ grep -R "expertise" /var/log/career.log

./skills --list --verbose


> Comprehensive coverage of modern DevSecOps, SRE, and AI/ML infrastructure tools

Site Reliability Engineering

Building resilient systems with 99.9% uptime, chaos engineering, and automated incident response

Kubernetes & Orchestration

K8s cluster management, service mesh, auto-scaling, and cloud-native application deployment

GitOps & CI/CD

ArgoCD, Flux, Tekton pipelines with automated testing, security scanning, and progressive deployments

Multi-Cloud Architecture

AWS, GCP, Azure expertise with hybrid cloud strategies and cloud-agnostic solutions

Infrastructure as Code

Terraform, Crossplane, Pulumi for immutable infrastructure and automated provisioning

Security & Compliance

Zero-trust architecture, policy-as-code, vulnerability scanning with Falco, Trivy, and OPA

Observability Stack

Prometheus, Grafana, Jaeger, OpenTelemetry for full-stack monitoring and distributed tracing

LLM Infrastructure

Building ChatGPT-scale systems, RAG architectures, vector databases, and prompt engineering

AI Agents & Automation

Autonomous agents, LangChain/LlamaIndex orchestration, and intelligent workflows

> cat /etc/tech-ecosystem.conf


> Enterprise production-ready tools across the SDLC and IaC Lifecycle


INFRASTRUCTURE
Kubernetes Docker Terraform Ansible Helm Istio
CI/CD
ArgoCD GitHub Actions Jenkins Tekton Flux Spinnaker
MONITORING
Prometheus Grafana Jaeger ELK Datadog OpenTelemetry
AI/ML
OpenAI Anthropic HuggingFace LangChain Pinecone Weaviate

> find /industries -type f -name "*.experience" | head -12


Cloud & SaaS FinTech & Banking Healthcare & Biotech E-commerce & Retail AI & Machine Learning Manufacturing & IoT EdTech & Learning Gaming & Entertainment Blockchain & Web3 Government & Public Telecommunications Energy & Utilities

Microsoft Security Ecosystem

Modern, integrated Microsoft security architecture aligned to operations, identity, data, cloud and automation.

Core Security Operations

  • SIEM / SOAR: Microsoft Sentinel โ€” Analytics, Workbooks, Automation Rules, Playbooks
  • XDR: Defender XDR โ€” Endpoint, Identity, Office 365, Cloud Apps, Vulnerability Management
  • Security Copilot: Microsoft Security Copilot โ€” AI-assisted threat hunting, incident summarisation, and guided response
  • Query & Hunting: Kusto Query Language (KQL), Log Analytics, Custom Detection Engineering

Identity & Access Governance

  • Identity Platform: Microsoft Entra ID โ€” Conditional Access, PIM, lifecycle workflows
  • Zero Trust Enforcement: MFA, RBAC, ZTNA and SASE/SSE patterns
  • Privileged Access: Just-In-Time, entitlement management and governance workflows

Data Security & Compliance

  • Information Protection: Microsoft Purview โ€” DLP, Information Protection, Insider Risk
  • Compliance: Compliance Manager, Secure Score optimization, framework mapping (NIST / ISO / CIS / EU GDPR / NIS2 / DORA)
  • Controls: Policy-as-code, continuous evidence and audit-ready reporting

Cloud Security & DevSecOps

  • CSPM / CNAPP: Defender for Cloud โ€” posture management, workload / container protection
  • IaC Security: Terraform & Bicep scanning, secure pipelines (Azure DevOps / GitHub Actions)
  • Platform Controls: Azure Policy, Key Vault, NSG, Azure Firewall, AKS hardening

Automation & Cross-Platform Extensions

  • Orchestration: Logic Apps, Automation Runbooks, PowerShell & Python scripting
  • Extended Architecture: AWS security integrations, API protection, ML-based anomaly detection
  • Integration: Sentinel connectors, Defender integrations, automated playbooks and response

AWS Security Ecosystem

AWS-native security architecture covering threat detection, identity, data protection, cloud posture, and automated response.

Threat Detection & Security Operations

  • Threat Detection: Amazon GuardDuty โ€” ML-powered intelligent threat detection across EC2, IAM, S3, EKS, RDS, and Lambda workloads
  • Findings Hub: AWS Security Hub โ€” Unified aggregation of GuardDuty, Inspector, Macie findings with automated compliance scoring
  • Security Data Lake: Amazon Security Lake (OCSF) โ€” Centralised, normalised security telemetry from AWS and third-party sources
  • Investigation: Amazon Detective โ€” Graphical root-cause analysis and investigation of GuardDuty findings via CloudTrail and VPC flow logs
  • Query & Hunting: Amazon Athena + CloudWatch Logs Insights โ€” Ad-hoc security queries and cross-service event correlation

Identity & Access Governance

  • Identity Platform: AWS IAM โ€” Fine-grained access control with permission boundaries, roles, and least-privilege policies
  • Centralised Access: IAM Identity Center (SSO) โ€” Single sign-on and access management across multiple AWS accounts and applications
  • Zero Trust Enforcement: AWS Verified Access โ€” Identity-aware, VPN-less application access with continuous trust verification
  • Governance & Guardrails: AWS Control Tower, AWS Organizations, Service Control Policies (SCPs) for preventative controls

Data Security & Compliance

  • Data Classification: Amazon Macie โ€” ML-powered sensitive data discovery and classification across S3 buckets
  • Compliance Automation: AWS Audit Manager โ€” Automated evidence collection; AWS Config for continuous resource compliance evaluation
  • Encryption & Secrets: AWS KMS + Secrets Manager โ€” Customer-managed key management, secrets rotation, and encryption at rest and in transit
  • Framework Coverage: NIST CSF, ISO 27001, CIS Benchmarks, GDPR, PCI-DSS via AWS Artifact and Audit Manager frameworks

Cloud Security & DevSecOps

  • Vulnerability Management: Amazon Inspector v2 โ€” Automated vulnerability scanning for EC2 instances, Lambda functions, and container images
  • CSPM: AWS Config + Security Hub โ€” Continuous configuration compliance checks and cloud security posture management
  • IaC Security: CloudFormation Guard, CDK Nag โ€” Policy-as-code validation for CloudFormation templates and CDK stacks; CodePipeline scanning integration
  • Network Controls: Amazon VPC, AWS WAF, AWS Shield Standard/Advanced, AWS Network Firewall โ€” layered perimeter and traffic controls

Automation & Incident Response

  • Event-Driven Response: AWS Lambda + Step Functions + EventBridge โ€” Automated security playbooks triggered by GuardDuty findings and Security Hub events
  • Patch & Fleet Compliance: AWS Systems Manager โ€” Patch Manager, inventory, and automated remediation across EC2 and hybrid fleets
  • Notifications & Alerts: Amazon SNS + CloudWatch Alarms โ€” Real-time alerting on security events, anomalies, and threshold breaches
  • Audit Trail: AWS CloudTrail โ€” Immutable API activity logging across all services for forensics and compliance evidence

What Colleagues & Clients Say

"Purushotham's expertise in Microsoft Sentinel and DevSecOps automation transformed how our team approached threat detection โ€” methodical, fast, and always compliance-aware."
โ€“ Senior Security Architect
Enterprise Technology Sector
"Working with Purushotham on our multi-cloud platform redesign was a standout experience. He brought both the technical depth and the strategic clarity to navigate a genuinely complex migration."
โ€“ Domain Architect
FinTech & Banking
"Purushotham delivered a zero-trust security framework that aligned perfectly with our regulatory requirements โ€” implemented cleanly, documented thoroughly, and handed over with full team enablement."
โ€“ Security Director
Healthcare & Biotech

Read more recommendations on LinkedIn →

Writing & Technical Thinking

View all articles →

Start a Conversation

Whether you have a platform modernisation challenge, a security architecture question, or a speaking invitation โ€” I'd love to hear from you. I respond to all enquiries within 48 hours on business days.

Schedule a Call

Replies within 48 hours on business days  •  Based in Stockholm, CET