Senior Cloud Security Architect · Pre-Sales Leader · AI SecOps

Sai Teja
Girimaji

NTT DATA · Cloud Services Division · Hyderabad, IN

13+ years securing enterprise infrastructure across cloud security architecture, SOC build-and-operate, MXDR delivery, managed security services, network security engineering, DFIR, and detection engineering. Currently leading Network Security capability at NTT DATA with a full pre-sales portfolio across Azure, Palo Alto, Fortinet, Checkpoint, F5, and AI-native security platforms.

13+
Years Experience
47%
MTTD Reduction
8+
Certifications
25k+
Users Protected
View Experience Get In Touch
13+
Years in
Cybersecurity
About

Architect. Deployer.
Pre-Sales Lead.

Hands-on implementation experience across SIEM/XDR deployment, Zero Trust rollout, AI SecOps, and multi-OEM network security — paired with the commercial fluency to close enterprise managed security engagements.

At NTT DATA's Cloud Services Division I own the Network Security capability lead role — driving pre-sales across Palo Alto, Checkpoint, F5, and Fortinet while architecting and deploying MXDR solutions on Microsoft Sentinel, Google Chronicle, and Cortex XSIAM at 1.2 TB/day scale.

I bridge deep technical implementation — Zero Trust rollout, SOAR orchestration, detection engineering, AI agent deployment — with commercial delivery: RFP responses, SOW authoring, effort estimation, and executive security briefings for banking, manufacturing, and government clients.

⚡ AI SecOps Implementation

Built and deployed semi-autonomous tier-0 triage AI agents using Azure OpenAI, LangChain, and Logic Apps — reducing L1 manual effort by 35–40%. Secured LLM/RAG workloads against prompt injection, data exfiltration, and unsafe output risks, achieving 72% reduction in unsafe model outputs.

Core Competency Depth
Pre-Sales · RFP/SOW ArchitectureExpert
Network Security EngineeringExpert
SIEM/XDR/SOAR DeploymentExpert
Cloud Security ArchitectureAdvanced
AI SecOps & LLM SecurityAdvanced
DFIR & Detection EngineeringAdvanced
$ whoami --profile
Name : Sai Teja Girimaji
Role : Capability Lead – Network Security
Org : NTT DATA Cloud Services Division
Base : Hyderabad, IN (BLR-ready)
Open to : IN · SG · AE · CA

$ list --active-domains
✔ Cloud Security Architecture (Azure/AWS/GCP)
✔ MXDR Deployment (Sentinel · Chronicle · XSIAM)
✔ Network Security (NGFW · SD-WAN · ZTNA)
✔ AI SecOps & LLM Security (OpenAI · LangChain)
✔ Detection Engineering (KQL · YARA-L · Sigma)
✔ Pre-Sales & MSS Delivery
✔ DFIR · SOC Build-and-Operate

$ get-metrics --highlights
→ 47% MTTD reduction @ 1.2TB/day MXDR scale
→ ZT rollout: 62% → 88% control coverage
→ 31% cost reduction (INR 86L/yr) log optimisation
→ 35-40% L1 effort reduction via AI triage agents
→ 72% unsafe LLM output reduction
Capabilities

What I Design & Deploy

🤖
AI SecOps Deployment
Architected and deployed semi-autonomous AI triage agents using Azure OpenAI, LangChain, and Logic Apps. LLM guardrails, prompt injection red-teaming, RAG hardening (PII scrub, vector-ACLs), and Agentic AI workflows for SOC automation.
📡
MXDR Implementation
Built and operationalized MXDR across Microsoft Sentinel, Google Chronicle, and Cortex XSIAM with SOAR integration at 1.2 TB/day scale. 47% MTTD reduction, 42% MTTR reduction, 38% high-fidelity alert increase through intelligence-driven tuning.
🔒
Zero Trust Architecture
Designed and deployed Zero Trust security frameworks across Azure/AWS/GCP for 25,000+ users and 300 applications. Improved control coverage from 62% to 88% and reduced lateral movement risk by 41%.
🔥
Network Security Engineering
Multi-OEM NGFW design and deployment: Palo Alto, Fortinet, Cisco ASA/FTD, Checkpoint, F5, Juniper SRX. Firewall migration advisory, SD-WAN, SASE, VPN architecture, policy management across enterprise data centres.
☁️
Cloud Security Architecture
Compliant multi-cloud landing zones (GDPR/HIPAA/SOC 2/PCI-DSS) across Azure, AWS, and GCP. Zscaler ZIA/ZPA, Cloudflare WAF/DDoS, Netskope CASB, Microsoft Defender for Cloud. Closed 24 high-risk gaps within 8 weeks at one engagement with zero major non-conformities.
🛡
Pre-Sales & Managed Security
End-to-end RFP/SOW delivery, solution architecture, effort estimation, RACI frameworks, and commercial proposals for enterprise MSS pursuits across banking, manufacturing, and public sector. OEM partnership management across Palo Alto, Fortinet, Checkpoint, and F5.
Detection Engineering
Detection content development in KQL, YARA-L 2.0, SPL, XQL, and Sigma Rules with MITRE ATT&CK mapping. Threat hunt notebooks, SOC playbooks, SOAR integration, and analyst enablement across Chronicle, Sentinel, and LogScale.
🔍
DFIR & Incident Response
Digital forensics, malware analysis, evidence preservation, and timeline reconstruction. Led IR across multi-cloud environments, containing Sev-1 incidents within 8 hours. CHFI and GCPA certified. Reduced repeat incidents by 28% through structured hunt notebooks.
Technology Stack

Multi-Platform Coverage

Hands-on implementation across all major enterprise security platforms — not just design advisory.

🔴Palo AltoNGFW · Panorama · XSIAM
🟡FortinetFortiGate · FortiManager
🔵CiscoASA · FTD · Firepower
CheckpointNGFW · CloudGuard
🟢F5BIG-IP · WAF · LTM
🔷JuniperSRX · Firewall
🌐ZscalerZIA · ZPA · SASE
☁️CloudflareWAF · DDoS · ZTNA
🔐NetskopeCASB · SWG · SSE
🟦SentinelSIEM · SOAR · KQL
🟧Google SecOpsChronicle · YARA-L 2.0
🦅CrowdStrikeLogScale · Falcon
🟥Cortex XSIAMXDR · XSOAR
🤖Azure OpenAIAI Agents · LangChain
⚙️IaCTerraform · Ansible
🐳ContainersDocker · Kubernetes
Experience

Career Timeline

13+ years across SOC operations, network security engineering, cloud architecture, AI SecOps deployment, and pre-sales managed security.

Jan 2024 – Present
Senior Cloud Security Solution Architect / Capability Lead – Network Security
NTT DATA · Cloud Services Division · Hyderabad
  • Architected Zero Trust frameworks across Azure/AWS/GCP improving control coverage from 62% → 88%, reducing lateral-movement risk by 41% for 25,000+ users and 300 applications.
  • Built and operationalized MXDR on Sentinel/Chronicle/Cortex XSIAM with SOAR integration — achieving 47% MTTD reduction and 42% MTTR reduction at ~1.2 TB/day scale.
  • Optimized log ingestion tiers (Basic/Aux/Analytics via Event Hub/DCR), reducing costs by 31% (INR 86L/year) and extending retention from 30 to 90 days with zero coverage loss.
  • Developed and deployed semi-autonomous AI triage agent workflows using Azure OpenAI, Logic Apps, and LangChain — reducing manual L1 effort by 35–40% and improving MTTR by 20–25%.
  • Secured AI/ML workloads through LLM guardrails, red-teaming (prompt injection, data exfiltration), and RAG hardening (PII scrub, vector-ACLs) — achieving 72% reduction in unsafe outputs over 6 months.
  • Led pre-sales solution architecture for MSS pursuits: RFP responses, SOW development, effort estimation, and commercial proposals for enterprise clients across banking, manufacturing, and government sectors.
  • Designed enterprise-wide DLP strategies across endpoints, email, and cloud platforms aligned to GDPR, HIPAA, and PCI-DSS; led alert triage and policy tuning to reduce false positives.
  • Led 24×7 SOC operations (L1–L3) with 12 FTE, maintaining SLA 98.5%+ across P1–P3 incidents; authored playbooks and served as escalation point for critical events.
AI SecOps MXDR Deployment Zero Trust Pre-Sales MSS Detection Engineering SOAR
Oct 2022 – Dec 2023
Cloud Security Architect
Techolution India Pvt. Ltd. · Hyderabad
  • Designed and deployed compliant multi-cloud landing zones (GDPR/HIPAA/SOC 2), closing 24 high-risk gaps in 8 weeks and passing audits with zero major non-conformities.
  • Tuned Sentinel and Chronicle detections and SOAR playbooks — decreasing false positives by 33% and increasing analyst throughput by 27%.
  • Standardized EDR baselines across CrowdStrike Falcon and Cortex XDR, reducing endpoint dwell time by 35% across ~12,000 endpoints.
Cloud Architecture SIEM Tuning EDR Deployment Compliance
Jul 2020 – Oct 2022
Senior Cyber Security Specialist
3i-Infotech Ltd. · Hyderabad
  • Led incident response across multi-cloud environments — containing Sev-1 incidents within 8 hours, achieving recovery in 20 hours and avoiding ~INR 38L in business impact.
  • Authored incident handling guides and threat hunt notebooks using KQL/XQL, contributing to a 28% reduction in repeat incidents.
  • Built triage pipeline and escalation matrix, decreasing ticket backlog by 41% and ensuring SLA adherence of 98%+.
DFIR Threat Hunting SOC Operations IR Playbooks
Nov 2018 – Jun 2019
Senior Network Security Analyst
Objectwin Technology India Pvt. Ltd. · Bengaluru
  • Migrated ~15,000 Cisco ASA rules to Palo Alto NGFW during data centre move — eliminating 37% shadowed/duplicate rules and reducing change failure rate by 29%.
  • Established SOC environment for a healthcare client, improving detection coverage from 55% → 78% and conducting digital forensics investigations for compliance.
Firewall Migration NGFW Deployment SOC Build
Aug 2016 – Oct 2018
Senior Network Security Engineer
UST Global / Cambridge Technology Enterprises · Pune & Hyderabad
  • Delivered network security engineering and firewall management services across Juniper SRX, Cisco ASA, and Palo Alto platforms for enterprise clients.
  • Executed data centre migration projects with zero unplanned downtime, earning client recognition for technical delivery quality.
Network Security Firewall Management DC Migration
Jun 2012 – Jul 2016
Network Engineer
Quantum Value IT Services · Hyderabad
  • Supported LAN/WAN/Security operations using Wireshark, SolarWinds, and Nagios; improved MTTR by 19% through structured runbook implementation.
LAN/WAN Ops Network Monitoring
Notable Engagements

Selected Delivery Work

Representative engagements across sectors — client names withheld per confidentiality standards.

Banking · DLP · M365 E5
Financial Institution — DLP Rescue Engagement
8-week consulting rescue engagement for a major Asia-Pacific bank. Scoped and architected a full DLP programme covering misdirected email and complex attachment security by activating existing M365 E5/Purview capabilities at zero additional licensing cost.
Banking · APAC · SGD 98K Engagement
Banking · Managed Security · RFP
Tier-1 ASEAN Bank — MSS RFP Response
Competitive RFP response for a full managed security services scope (SecDM/Tower B) for a Tier-1 ASEAN bank. Full solution architecture, effort matrix, and commercial proposal covering 24×7 monitoring, threat detection, and incident response.
Banking · Singapore
Technology · Cloudflare · WAF · Azure
Global Technology Company — WAF/DDoS MSS
Cloudflare WAF/DDoS managed service scope for a major global technology company's Azure-hosted API gateway infrastructure. Full solution architecture, scope definition, and commercial framing for multi-region coverage.
Technology · Global · Azure
Banking · Multi-Vendor Firewall MSS
Global Bank — Multi-Vendor Managed Firewall
12-month managed firewall services engagement covering Huawei, Juniper, Cisco FTD, and Fortinet across three international locations. Full SOW, RACI matrix, effort estimation, and SLA framework design.
Banking · Multi-Region · 12-Month
Manufacturing · Fortinet · SASE
Industrial OEM — Fortinet MSS & SASE RFP
Fortinet device management SOW and Fortinet SASE RFP response against competing Zscaler proposal for a global industrial manufacturing company. Effort estimation, service tier design, and competitive technical positioning.
Manufacturing · EMEA
Public Sector · Fortinet · Managed Firmware
UK Public Sector — Firewall Replacement
Fortinet firewall replacement project for a UK public sector organisation with tiered managed firmware upgrade service design. Public sector procurement alignment, regulatory requirements mapping, and managed service delivery framework.
Public Sector · UK
Healthcare · SOC Build · Detection
Healthcare Client — SOC Establishment
Built SOC environment from the ground up for a healthcare organisation during NGFW migration. Improved detection coverage from 55% to 78%, established digital forensics capability, and aligned to compliance requirements.
Healthcare · SOC Build
AI SecOps · Azure OpenAI · LangChain
Enterprise SOC — AI Triage Agent Deployment
Designed and deployed semi-autonomous AI triage agents using Azure OpenAI, LangChain, and Logic Apps for a large enterprise SOC. Reduced L1 manual effort by 35–40%, improved MTTR by 20–25%, and secured LLM workloads against prompt injection and data exfiltration.
AI SecOps · Enterprise
Certifications & Learning

Credentials

Security Certifications
SC
SC-100
Microsoft Cybersecurity Architect
AZ
AZ-500
Azure Security Engineer Associate
PA
PCNSA
Palo Alto Networks
PA
PCNSE
Palo Alto Networks Security Engineer
GI
GCSE
GIAC Security Essentials (SANS)
GI
GCPA
GIAC Cloud Penetration Tester
EC
CHFI
EC-Council Forensic Investigator
AI & Cloud Learning
AI
AI-900
Microsoft Azure AI Fundamentals
AI
Generative AI for Security
Google Cloud · Coursera
AI
LLM Security Fundamentals
OWASP LLM Top 10 · Applied
AI
AI SecOps with Sentinel
Microsoft · Copilot for Security
Contact

Let's Connect

Open to senior Security Architect, Cloud Security Architect, SOC Manager, Pre-Sales Security Architect, and Network Security Lead roles. Target markets: India (Hyderabad/Bangalore), Singapore, UAE, and Canada.

💼 linkedin.com/in/girimaji-saiteja-569b356a 📧 saiteja7372@gmail.com 📱 +91 797-537-1081 📍 Hyderabad, India · Bangalore-ready 🌏 Open to: IN · SG · AE · CA