Ali A. Aqel

Orland Park

Summary

Ali is a seasoned Principal Enterprise IT Consultant with over 28 years of global experience in Cybersecurity Architecture, Engineering, Information Security, and Advisory. His expertise spans the full spectrum of enterprise IT platforms, delivering strategic and technical leadership across complex infrastructure, security, operations, and governance.

Overview

years of professional experience

Certification

Work History

Principal Cloud Security Architect

Centene Corporation, Inc.

Clayton

12.2022 - Current

Led Centene’s Global Azure Security and AI Security Programs, architecting the enterprise-wide Azure security framework from the ground up.
Designed security standards, service architectures, and preventative controls (PPC) across all cloud workloads.
Partnered with Security engineering GRC and compliance teams to build custom assessment pipelines and integrate Centene-specific governance protocols.
Co-created ARP (Assessment, Remediation, Prevention)—a real-time cloud compliance and metrics platform delivering threat visibility, control posture, and remediation tracking across subscriptions, VMs, databases, and storage.
Directed global AI security initiatives and cross-functional collaboration with engineering, infrastructure, identity, app security, and risk teams.
Conducted weekly technical risk reviews for production workloads.
Co-authored Centene’s proprietary security frameworks aligned with CIS, NIST, PCI, ISO, HIPAA/HI-TRUST, SOC/SOX, and internal legal standards.
Gathered and developed functional and Security requirements for all Security Platforms Services and tooling, in addition to guiding and advising stakeholders.
Design of Azure Security architectures and operational documentation in conjunction with engineering, application development, compliance, and operational staff.
Copilot M365 and Copilot studio Security Subject Matter Expert.
Developed Security Standards and Requirements for all Azure AI Services.
Developed a comprehensive AI Services Inventory for Security Platform capabilities.
Developed a documented AI Risk assessment associated with AI related Services.
Developed AI Security guidance Principles for Different AI models (ML/LLM/AI Agents).
Implemented CWP (WIZ AI-SPM and Defender for AI) for AI workloads in Azure.
Refined and implemented a tailored process from an AI perspective to evaluate multiple AI security platform vendors for selecting an AI security tool, with a documented Process.
Developed SecOps AI incident response requirements and Workflow for SecOps and SOC.
Developed and created a CSPM+CWP POC & POV for (WIZ, PRISMA, Defender for Cloud).
Designed and developed security controls and policies in the overall Identity ecosystem.
Created Azure MFA design with conditional Access requirements and Standards (Ping, EntraID, Okta) Each for different tenants.
Designed and implemented automated user provisioning and deprovisioning workflows, ensuring secure and efficient identity governance between SailPoint and Entra ID.
Configured role-based access policies and enforced least-privilege principles for SailPoint integration with Entra ID.
Established and optimized compliance reporting mechanisms, ensuring regulatory adherence by synchronizing SailPoint identity data with Entra ID audit logs.
Advise, consult, lead, guide and mentor project teams, engineers, analysts, and support staff in the delivery of solutions.
Developed the EDR/XDR Design for CrowdStrike Falcon for certain isolated workloads.
Participated in all cloud security agile planning processes and delivery methodologies.
Conducted threat modeling and security gap assessment exercises in concert with other teams.
Created reusable patterns for reoccurring cyber challenges.
Co-Contributor to the creation of policy, standards, Minimum Security Baselines (MSBs), procedures and guidelines.
Development and implementation of WIZ CSPM +CWP (Onboarding, Integration, Service Now, IAM and Workloads and services, policy engine customization).
Conducted quarterly Security Posture Assessment based on Security Risk and Score (Cloud Platforms).
Visibility to and escalated security risks, as well as, technical, execution, deployment, or other risks as applicable.
Lead Proof of Concept/Value Architect providing Read outs by communicating results and recommendations to stakeholders.
Conducted post-mortem reviews of projects/products to measure design versus implementation differentials.
Contributed to the Client Cyber Architecture Practice by supporting Cyber Enterprise Architecture objectives.
Created a process for security baseline checks for cloud-based applications and services.
Heavily Experienced and versed (Subject Matter Expert) in entire MSFT cloud Security tools Stack (Cloud and On-premise).
Managing and developing Security for one of the most complex security environments on the globe, while extending MSFT security capabilities in the cloud.
Azure Conditional Access Policies Design and implementation (Audit & Enforcement).
Extensive Architectural design, engineering and Endpoint Security using the Microsoft Defender XDR Stack.
Developed and setup Microsoft Purview (Compliance Manager) for continuous Security control and Posture assessments.
Designed and setup Microsoft Purview with Data classification DLP Polices, GRC assessments, Audit and reporting, integration, Audit, eDiscovery, Data Mapping, Risk management, information Protection and compliance control for content.
Designed Microsoft Purview for AI (AI Hub, DSPM for AI, Compliance controls, Sensitive Data Labels for AI content and Automated compliance reporting).
Developed Baseline and Custom AI Security standards and requirements & security Controls & policies.
POC and Pilot of Defender for AI.
Microsoft Sentinel configuration and tuning Plus Policy and Azure Security Stack Integration.
Microsoft Intune Assessments, remediation, and Prevention Policies.
Part of key Security Committee for collaboration with cross-functional teams, including IT, DevOps, and development teams, to design and enforce security policies, frameworks, and solutions.
Design and implementation of secure cloud architectures for Microsoft Azure environments.
Defined security standards, best practices, and policies to ensure cloud systems meet compliance and regulatory requirements (e.g., GDPR, HIPAA).
Developed and maintained Azure security policies, governance frameworks, and technical security controls.
Performed security assessments, identified Threats & Vulnerabilities, and led remediation efforts to address risks and threats within the Azure environment.
Architected and implement identity and access management (IAM), encryption, and security monitoring solutions.
Collaborate with DevOps and development teams to integrate security policies for Azure Policy, into the CI/CD pipeline.
Conduct risk assessments, threat modeling, and security reviews for cloud-based solutions.
Conducted Lunch and learns for other teams on Azure security technologies and industry best practices and recommend improvements or new tools, as necessary.
Designed and architected security of Azure-based services such as Azure AD, Azure Key Vault, Azure Security Center, and Azure Sentinel, etc.
Assisted in incident response activities and security investigations.
Developed policy Lifecycle management process for EntraID/AD, Microsoft two factor, FMA, Defender, Purview and Azure Security overall.

Principal IT Security Architect (Contract)

Clario, Inc.

Philadelphia

06.2022 - 12.2022

As a Principal IT Security Architect, I was responsible for designing and architecting Clario’s workload migration from on-premise to Azure Cloud.
I designed and implemented the Azure Security Stack (M365 Defender, Sentinel, MDC + CWP+ DSPM + CIEM + CNAPP+CSPM) for on-premise and cloud security across IaaS, SaaS, and PaaS workloads.
I also architected and managed the Clario Defender EDR + XDR platform for both corporate and manufacturing environments.
In my role as the designated Info-Sec Architecture and Engineering lead, I created security controls, policies, requirements, and standards for Clario’s cloud platforms (Azure and AWS).
I served as the technical leader for the Zero Trust, EDR, and XDR initiatives, overseeing security for all devices and IoT endpoint platforms.
I designed initiatives for Zero Trust pillars and built proof-of-concept (POC) and pilot environments based on Clario’s approved service designs for cloud workloads.
The scope of my work encompassed all Azure and AWS platforms and the workloads hosted within.
I performed comprehensive security posture assessments, validating the security controls and policies for all workloads and services.
Additionally, I led the design and architecture of Data Loss Prevention (DLP) workflows for policy audit and enforcement, as well as platform-hardened configuration and policy structure.
Built and led Proof of Concept (PoC) and Pilots for Production deployments using these Azure XDR Defender M365, Defender for Cloud and Azure Sentinel technologies.
Assisting clients with transitions to the M365 cloud services such as tenant setup and service configuration with a focus on cloud cyber risk mitigation.
Built and Designed a POC environment for the Azure AI services Platform.
Created AI Based Security Requirements and Standards for AI Services Structure.
Created an AI Service Exploratory team of Security Architects.
Created a Generative AI and CHATGPT Risk Review.
Development, design, and implementation of PingFederate, Ping Access, Ping One, Ping ID, and LDAP directories.
Experience in working on Ping federate 8.x, 9.x, SAML 2.0, Oauth 2.0, OpenID/Connect (OIDC).
Demonstrated POCs for API security like integration with Open AM, Site Minder, OAuth 2.0, JWT token and certificate authentication.
Integrated the Federation service between Site Minder federated web services to Ping federate for classic migration of applications that are SAML and WS applications.
Experienced with multiple Ping Federate adapter’s HTML form, x509, Kerberos, open token, referenceID, ping ID and composite adapters.
Built Polices and Hardened configurations for the Azure XDR platform tools.
Designed and Deployed AAD P2 Features, with Conditional Access, Intune, Azure Defender for Cloud, and Azure Sentinel.
Performing technical Security health checks for these Cloud platforms/environments prior to broader deployments.
Functioned as technical point of contact for product development teams as they related to cyber security and privacy.
Conducted Identity & Access (AD platform) Performance Benchmarking with Defender for Identity to detect Identity traffic Performance thresholds and increases.
Identity & Access Platform Design for On-premise to Cloud Migration.
Created all Identity and Access Standards for the Clario Enterprise and Manufacturing Platforms.
Architected Legacy Endpoint Strategy for all Servers and Clients.
Performed Intune (MEM) & MDM Assessments for Endpoint Security.
Conducted complete lifecycle security architecture framework and technical assessments for Legacy Endpoints (Client/Server Endpoints + IOT).
Conducted complete lifecycle security architecture framework and technical assessments as required.
Conducted GRC and Security based Assessment threats, risks, and vulnerabilities from emerging security issues to advise pertinent stakeholders on Application Security Threats & Vulnerabilities and Security Posture of the Centene Endpoint Platform.
Recommended constant changes to engineering standards based on new regulations and business requirements to conform to new security measures.
Led the enterprise wide 'Release and Review' quarterly waves in full.
I conducted and assessed technical risk reviews for all production workloads.

Education

Business Technical Management -

DEVRY UNIVERSITY

Chicago, Illinois

Skills

Azure
AWS
GCP
On-Premise
Hybrid
Network architecture
Systems architecture
Virtualization
Hybrid cloud
Service endpoints
On-premise security
CSPM
CWP
CNAPP
DSPM
SSPM
CIEM
AI Security Platform tools
AI-driven threat modeling
Defender XDR
Defender for Cloud
Attack Path tools
Threat Insider
MDM/MAM
Intune
Device Security
IoT
OT
Threat prevention
Threat defense
GRC frameworks
Policy development
Audit readiness
Regulatory alignment
Security assessments
Posture evaluations
Remediation strategy
Control design
Incident prevention
Incident response
IAM
PKI
HSM
SSO
MFA
Entra ID
Active Directory
Identity security controls
Fraud detection
Secure authentication protocols
Advanced IAM toolsets
XDR
EDR
NDR
SIEM
IDS
IPS
DLP
AI defense systems
Attack path analysis
Security metrics platforms
WAF
Firewalls
Load balancers

NAC
SDN
Proxy
Secure DevOps
Secure software development lifecycle
Cybersecurity transformation
Planning
Deployment
Implementation
Troubleshooting
Executive reporting
Advanced security metrics dashboards
Cloud
Datacenters
Azure Security
AI Security
ML/LLM Security SME
Windows Server OS
Centos
Red Hat
Clustering
Identity
Azure AD
Ping
OKTA
Advanced Threat Protection
ADFS
MDR
Application Security
SAML
OAuth
SecurID
Microsoft Exchange
ISA/TMG/UAG
Windows
Linux
Unix
Network LAN
Network WAN
Private Endpoint
Public Endpoint
Service Endpoint
Express Route
Access controls
SSL
VPN
Micro-Segmentation
Zero Trust
TCP/IP
DNS
SMTP
SNMP
Snort
Nmap
Wireshark
Bash
McAfee
Splunk
Azure Sentinel
MCAS
CrowdStrike Falcon
Carbon Black
SQL
SharePoint