Sandeep Pathi
Harrisburg
Summary
Strategic and results-driven Enterprise Architect with 21+ years of global experience designing, securing, and modernizing complex IT infrastructures. Expert in Active Directory, LDAP, DNS, AD Connect, IAM, MFA, Conditional Access Policies, Zero Trust, cybersecurity architecture, Azure Cloud, Azure Sentinel, Encryption, Key Management, PKI, virtualization, containerization, DevOps engineering, and Ubuntu/Linux systems, with strong LAN/WAN and enterprise network expertise. Highly skilled in Windows Server environments (2019, 2022, 2025) and building end-to-end secure, high-availability enterprise ecosystems. Led enterprise-wide AD, LDAP, DNS, AD Connect, and PKI strategy, including hybrid identity architecture, multi-forest consolidations, directory migrations, authentication/authorization frameworks, and encryption/key management solutions. Ensured alignment with organizational security standards, regulatory requirements, and compliance policies. Successfully executed multiple application integrations, creating scalable, resilient, and compliant environments that enable seamless business operations. Architected secure, cloud-enabled payment platforms and mission-critical systems, leveraging modern technologies such as Snowflake, Azure Data Factory, Kubernetes, Docker, CI/CD pipelines, and advanced monitoring/security solutions including Prometheus, Grafana, SCCM, Azure Monitor, WhatsUp Gold, and Azure Sentinel. Designed and implemented MFA, Conditional Access, and enterprise encryption strategies to protect critical assets across integrated applications. Played a pivotal role in cyber incident response, directing rapid recovery, threat containment, and infrastructure hardening to enhance organizational resilience. Recognized for technical leadership and mentorship, fostering innovation, driving operational excellence, and optimizing infrastructure, identity, security, and encryption domains. Trusted advisor to senior leadership, influencing enterprise-wide strategies across applications, networks, cloud, data, identity, and cybersecurity, and solving complex, cross-functional challenges requiring strategic vision, advanced analytics, and architectural insight. Certified in Machine Learning, Deep Learning, Neural Networks, and Generative AI (RAG, Agentic AI), leveraging Python-driven automation, anomaly detection, and intelligent infrastructure design to improve operational efficiency and predictive security.
Overview
22
22
years of professional experience
1
1
Certification
Work History
Lead Infrastructure Architect
Tempur-Pedic North America, LLC
Trinity
03.2014 - Current
- I am currently serving as an Lead Architect at Tempur-Pedic North America, LLC, where responsibilities include the design and implementation of scalable infrastructure solutions to meet organizational needs.
- This role emphasizes strategic planning, ensuring that the infrastructure supports business objectives and enhances operational efficiency.
- Led the architectural design of cloud and on-premises infrastructure, significantly improving system performance and reliability.
- Lead the strategic planning, design, and development of the Active Directory environment, including migration, consolidation, and optimization initiatives to ensure scalable, secure, and high-performance enterprise identity infrastructure.
- Implemented innovative solutions that reduced operational costs while enhancing service delivery capabilities.
- Collaborated with cross-functional teams to assess infrastructure requirements and establish best practices for system utilization.
- Strengthen authentication and authorization controls and lead the systematic decommissioning of outdated systems to prevent security risks and maintain a robust infrastructure.
- Conducted regular infrastructure audits to ensure compliance with industry standards and organizational policies.
- Developed and maintained documentation for infrastructure architecture, ensuring clear communication across teams.
- Architected and executed application integrations with SSO, enabling unified authentication, enhanced identity governance, and reduced credential-related risk.
- Designed and deployed Azure Privileged Identity Management (PIM) and Privileged Access Management (PAM) solutions, enforcing just-in-time access, approval workflows, and enhanced auditing for high-privilege accounts.
- Ensure adherence to industry-leading security policies and controls, as well as compliance with applicable government regulations.
- Evaluated new technologies and conducted feasibility studies to assess their potential impact on organizational operations, efficiency, and profitability.
- Implemented robust security measures, including privileged access management, password policies, and group policies, enhancing data security.
- Successfully led the resolution of highly complex challenges by conducting thorough evaluations encompassing multiple enterprise domains, identifying underlying causes and interdependencies.
- Evaluate Security best practice across the platform.
- Design and architect enterprise-grade credit-card payment systems with embedded scalability, security, and PCI-DSS compliance, implementing modern architecture patterns to guarantee consistent reliability and fraud-resistant transaction processing.
- Worked on Various application, performance tuning.
- Provide a solution for new project requirements while adhering to best security practices.
- Worked on multiple automation platforms (Ansible, System center orchestration, Puppet, PowerShell, Batch Patch, Tanium, Terraform).
- Continuously staying updated with emerging trends and best practices in CI/CD and DevOps methodologies. (Azure Devops).
- Worked on ML Models using Python libraries (NumPy, Pandas, Matplotlib, TensorFlow, Fine tuning).
- Skilled in assessing risks, developing mitigation strategies, and ensuring compliance with security regulations and standards.
- Revamped High Availability (HA) and Disaster Recovery (DR) strategy for critical systems, ensuring uninterrupted operations during unexpected events and minimizing downtime.
- Continuously monitor technology trends and best practices, providing strategic recommendations to drive operational improvements and maintain competitive advantage.
Technical Manager
Cognizant Technologies
10.2009 - 05.2014
- As a Technical Manager at Cognizant Technologies, the focus was on managing technical teams and overseeing project execution.
- This role required a blend of technical knowledge and leadership skills to ensure projects were delivered on time and met client expectations.
- Successfully led multiple projects from initiation to completion, ensuring adherence to timelines and budget constraints.
- Designed and implemented VMware farms, and migrated legacy virtualization environments to modern, scalable platforms.
- Upgraded and modernized legacy Active Directory forests, implementing advanced security controls and hardening measures to significantly improve enterprise identity security.
- Designed and implemented a tiered Active Directory (Tier 0/1/2) architecture to strengthen identity security, enforce access boundaries, and improve overall enterprise hardening.
- Enhanced team performance through mentorship and skill development initiatives.
- Worked closely with clients to define project scope and deliverables, fostering strong client relationships.
- Acted as a trusted advisor to executive leadership, shaping technology strategy across applications, networks, cybersecurity, databases, operating systems, and web platforms while serving as the primary technical escalation point for complex business and engineering challenges.
- Mentor and guide engineers through technical leadership, fostering strong design practices, innovation, and continuous improvement.
- Implemented process improvements that increased operational efficiency and reduced project delivery times.
- Understanding of Active Directory Federation Services (AD FS) for enabling single sign-on (SSO) and federated identity management.
- Migrated physical servers, applications, and data to virtualized environments, minimizing downtime and disruptions to business operations.
- Worked on Various application migration and integration.
- Leveraged a diverse set of web technologies and frameworks to architect, integrate, and optimize enterprise web applications.
- Designed and implemented AD Migration, Citrix solutions globally, including XenApp, XenDesktop, and Citrix Virtual Apps and Desktops, to provide centralized application delivery and desktop virtualization.
- Bridge strategic business objectives with advanced technological capabilities by translating organizational needs, enterprise architecture, and emerging opportunities into innovative engineering solutions.
- Projects Worked: UBS Bank, Eisai Pharma, Ports of America, Microsoft corporation
Principle Engineer
Dell EMC
10.2007 - 10.2009
- In the role of Principle Engineer at Dell EMC, responsibilities included leading engineering projects and driving technical innovation.
- This position required deep technical expertise and the ability to work collaboratively with various stakeholders.
- Designed and implemented engineering solutions that significantly improved product performance and customer satisfaction.
- Conducted thorough testing and validation of engineering designs to ensure quality and reliability.
- Collaborated with cross-functional teams to align engineering projects with business goals and customer needs.
System Engineer
Wipro Technologies
10.2003 - 10.2005
- Assisted in designing and implementing a new data center, including network architecture, server deployment, and storage provisioning.
- Managed VMware vSphere environments, ensuring high availability, scalability, and optimal performance.
- Led the migration of on-premises virtualization infrastructure to Hyper-V, improving performance, scalability, and reducing operational costs.
- Administered and upgraded Active Directory environments, including multi-forest implementations, DNS, and DHCP services, ensuring operational continuity, security, and compliance.
- Conducted regular infrastructure audits, identified vulnerabilities, and implemented effective remediation measures.
- Provided technical guidance in designing and deploying infrastructure solutions tailored to application-specific requirements.
Education
MBA -
Madurai Kamaraj University
04.2009
MBA -
Madurai Kamaraj University
03.2005
Bachelor of Computer Science -
Madurai Kamaraj University
03.2002
Electronics and communication Engineering -
Dayananda Sagar of College
Skills
- Active Directory design
- Infrastructure planning
- Windows server management
- Linux server administration
- Cloud solutions
- Virtualization technologies
- Technical leadership
- Operational efficiency
- Team collaboration
- Container solutions
- Monitoring tools
- Machine learning techniques
- Identity and access management
- Multi-factor authentication
- Federated services
- Encryption and key management
- Incident and change management
- Continuous integration and delivery
- Scripting languages
- Backup and recovery strategies
- Network knowledge
- Agile methodologies
- Service management platforms
- Security policies and procedures
- Configuration management tools
- Key vault solutions
- Firewall configuration
- Generative AI applications
Certification
- Certified Machine Learning, Caltech, 10/01/24, 09/01/25
- Gen AI, Purdue, 09/01/25, Present
- VMware, MCSE, Citrix
Timeline
Lead Infrastructure Architect
Tempur-Pedic North America, LLC
03.2014 - Current
Technical Manager
Cognizant Technologies
10.2009 - 05.2014
Principle Engineer
Dell EMC
10.2007 - 10.2009
System Engineer
Wipro Technologies
10.2003 - 10.2005
MBA -
Madurai Kamaraj University
MBA -
Madurai Kamaraj University
Bachelor of Computer Science -
Madurai Kamaraj University
Electronics and communication Engineering -
Dayananda Sagar of College