Sydney, Australia
Senior Security Architect

Syed Farooq Ahmed

Syed Farooq Ahmed is a seasoned cybersecurity professional with extensive experience in security architecture and cloud security. He has a proven track record in developing security strategies and solutions, having worked on major transformation programs and various domains such as cyber assurance, workplace security, and data protection. Syed is dedicated to leveraging his expertise to drive innovative security solutions and enhance organizational security postures.

Security Architecture
Cloud Security
Application Security
DevSecOps
Vulnerability Management
Governance
Risk Management
Penetration Testing
Endpoint Security
Data Protection

Experience

Security Architect (Contract)

National Australia Bank

Jul 2023 - Current

  • Working on Microsoft Copilot for security use cases.
  • Devised the Findings Management Strategy.
  • Architected and helped deploy the new organization-wide Application Security service (Snyk).
  • Architected the ServiceNow AVR/VR for vulnerability management.
  • Offensive Security Projects – Confidential.
  • Cyber Defense Projects - Confidential.
  • Skills: Security Architecture, Application Security, Vulnerability Management, Offensive Security, Cyber Defense

    Senior Security Architect

    AMP Limited

    Jun 2021 - Jul 2023

  • Devised the Application Security Strategy and roadmap.
  • Architected for the Workplace security (endpoint, email and data protection), Cloud Security, and Application Security (DevSecOps) Programs.
  • Security Advisor and Architect for the AMP’s technology simplification and transformation program.
  • Designed the governance model to enable the use of Microsoft Azure at AMP.
  • Enabled workplace and cloud technologies such as Virtualization (Azure VDI), Automation (Power Platform), and Email (Exchange Online).
  • Skills: Application Security, Endpoint Security, Cloud Security, DevSecOps, Governance, Automation

    Distinguished Engineer

    Annalise.ai

    May 2020 - Jun 2021

  • Managed enterprise risk management program and ISMS for the organization.
  • Drove and maintained compliance with industry-related certifications (such as ISO/IEC 27001:2013) for the organization.
  • Devised a framework for DevOps and MLOps security.
  • Part of pre-sales team; assisted sales team by providing timely security support for different international markets including US, EU, APAC, and MENA.
  • Assisted in compliance with international security & privacy standards and laws such as GDPR, HIPAA, and PDPPL.
  • Devised strategies and implemented unique solutions to protect customer and employee data in multiple AI, ML, and data engineering use cases.
  • Skills: Risk Management, Compliance, DevOps Security, MLOps Security, Data Protection

    Digital Security Architect

    National Australia Bank

    May 2019 - May 2020

  • Responsible for the security of large transformation programs such as business banking, Payments, and Application Modernization.
  • Integral part of Australia’s first large-scale business banking system migration to the public cloud.
  • Wrote reference architectures and patterns related to Kubernetes, application security, AWS services, and other multi-cloud initiatives.
  • Conducted security assessments of multiple cloud services to facilitate public-cloud migration of cards, payments, business banking, and other systems.
  • Skills: Security Architecture, Cloud Security, Application Security, Kubernetes, AWS Services

    Senior Consultant (DevSecOps)

    Westpac

    Jan 2017 - May 2019

  • Subject matter expert for application security technologies such as SAST, SCA, IAST, and WAF.
  • Reviewed and assessed applications and microservices for deployment in AWS.
  • Devised plans and worked with stakeholders and internal teams to fast-track API/Digital security assessments.
  • Designed and developed microservice-based automation solutions for application assessment during CI/CD using Fortify and other software.
  • Managed, monitored, and provided second-line support for Akamai WAF.
  • Used ML to create a POC for automated triage of code review findings.
  • Skills: Application Security, DevSecOps, Automation, Penetration Testing, Machine Learning

    Manager, Security Specialist

    National Australia Bank

    Nov 2010 - Jan 2017

  • Led the Security Code Assessment practice.
  • Aligned and revised source code assessment to facilitate Agile development.
  • Implemented HP Fortify for automated code assessment.
  • Managed the secure code training program for developers.
  • Performed penetration testing of internal systems.
  • Assisted developers in the remediation of pen-testing and code review findings.
  • Skills: Code Assessment, Secure Code Training, Penetration Testing

    Senior Information Security Analyst

    Karachi Stock Exchange

    Mar 2008 - Sep 2010

  • Designed, deployed, and supported RSA SecurID for authentication to the trading system.
  • Architected and maintained RSA Envision (SIEM) for Security Operations Center (SOC).
  • Introduced Secure SDLC along with developer training in the organization.
  • Developed Security Policies and Procedures.
  • Skills: Authentication, SIEM, Secure SDLC, Policy Development

    Multiple Positions

    Infinilogic (Pvt) Limited

    Sep 2002 - Feb 2008

  • Led the team that managed and supported a 24x7 asterisk-based call center for virtual companies.
  • Designed and developed InfiniWalls, a dual-homed internet system, based on iptables.
  • Involved in pre-sales activities of InfiniWalls.
  • Developed custom modules to integrate call center services with other products.
  • Managed Pakistan and UK office network, call center, and security operations.
  • Developed InfiniSource to automate code check-in, testing, and deployment.
  • Skills: Network Security, Call Center Operations, Security Operations

    Education

    Master – Computer Science

    LUMS, Lahore, Pakistan

    BS – Computer Science

    University of Karachi, Pakistan

    Certifications

    AWS Certified Solutions Architect - Professional

    AWS

    AWS Certified DevOps Engineer - Professional

    AWS

    Certified Secure Software Lifecycle Professional (CSSLP)

    ISC2

    Expired: June 2016

    Certified Information Systems Security Professional (CISSP)

    ISC2

    Expired: June 2015

    Ready to get started?

    We are experts in finding you the experts you need. Our professionals are vetted through the most rigorous standards, ensuring you receive expertise that’s not just proven but also ahead of the curve in industry knowledge and practices.