Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Publications & Thought Leadership
Websites
Generic

Yashajeet Chowdhury

Redmond,WA

Summary

Innovative Cloud Solution Architect recognized for high productivity and efficiency in task completion. Skilled in designing scalable cloud infrastructures, implementing robust security measures, and orchestrating deployment strategies to optimize performance. Excel in problem-solving, collaboration, and strategic planning, ensuring seamless integration of cloud solutions into business processes.

Overview

22
22
years of professional experience
10
10
Certification

Work History

Sr. Cloud Solution Architect

Microsoft Corp.
Redmond, USA
12.2013 - Current
  • Infrastructure Security at Scale - Designed and implemented security controls across IAM, Linux workloads, CI/CD, networking, and container environments (AKS), embedding secure-by-design principles using IaC, automation, OWASP practices, and proactive monitoring.
  • Designed cloud architecture solutions for enterprise clients using Azure services.
  • Detection and Response - Automated enforcement with Sentinel, Defender XDR, and Azure Monitor to deliver real-time detection, response, and threat hunting, cutting risk exposure and mean time to containment.
  • Documented architectural designs and processes for future reference and training.
  • Zero Trust & Guardrails - Architected secure Azure solutions with Zero Trust, policy-driven guardrails, WAF/WARA assessments, and governance reviews, ensuring resilience, compliance, and security parity across environments.
  • Advanced Cloud Networking Security - Hands-on expertise in designing and securing ExpressRoute, Virtual WAN, VNet Peering, Private Endpoints, NSGs, and Firewalls to enforce network segmentation and hardening. Delivered network security baselines in Azure, with transferable knowledge across AWS and GCP, to achieve a consistent cross-cloud security posture.
  • Incident Response & Resilience - Led the deployment of incident detection pipelines, containment playbooks, and BCDR strategies, strengthening recovery and minimizing downtime for enterprise workloads.
  • Migration & Modernization - Delivered enterprise-scale cloud security and modernization programs (>$100M), including data center exits, infrastructure upgrades, and hybrid-to-cloud migrations, accelerating adoption while ensuring compliance and operational efficiency.
  • Collaborated with cross-functional teams to ensure project alignment and integration.
  • Monitored resource utilization on a regular basis to ensure optimal usage of resources in the cloud environment.
  • Configured network access control lists for secure communication between services running in different clouds.
  • Developed and implemented cloud migration strategies for diverse applications.
  • Provided technical guidance and support to clients during cloud adoption processes.
  • Conducted workshops to educate teams on cloud best practices and tools.
  • Evaluated new technologies to enhance cloud service offerings and capabilities.
  • Provided technical leadership in designing and developing enterprise level applications on the cloud platform.
  • Worked closely with development teams during software releases ensuring smooth transition from development to production environments.
  • Resolved complex system issues related to multi-cloud deployments in production environments.

Senior Principle Infrastructure Engineer (Architect)

Mphasis(HP company)
Chennai, India
03.2010 - 11.2013

Technical Solution Architect

IBM Ltd.
Bengaluru, India
12.2008 - 03.2010

Education

Graduate -

National Institute of Information Technology
Delhi
01.2002

Diploma in Electronics and Telecommunication Engineering -

Institute of Electronics and Telecommunication Engineering
Delhi, India
01.2002

Skills

  • Infrastructure and cloud security
  • Microsoft Cloud Security Benchmark
  • Azure Policy (policy as code)
  • Security Posture management (CSPM)
  • Zero trust architecture
  • Cloud network security (hybrid networking, network segmentation, vWAN, ex-route, route server, DDoS protection, Azure DNS, private DNS, UDR, NSG, ASG, NVAs, Azure Firewall, WAF, Azure Front Door, traffic manager, CDN)
  • Kubernetes and containerization (AKS, Kubernetes, Azure CNI, Pod Security Admission)
  • Identity and access management (hybrid identity and cloud)
  • Conditional access (Entra ID)
  • Cloud IAM (PIM, JIT, RBAC, access reviews, managed identities, SSO, OAuth 20, SAML)
  • Azure VMware Solution
  • IaC (Bicep, Terraform, CI/CD security controls, SAST, DAST, secret scanning, automated policy enforcement, SSDLC)
  • Cross-cloud security
  • Threat modeling techniques
  • Data and API protection strategies
  • Cloud modernization and migration (Azure Migrate, application modernization, cloud-native transformation, containerization strategies)
  • Business continuity and disaster recovery
  • Landing zone implementation
  • Entra ID management
  • Sentinel monitoring solutions
  • Defender XDR deployment
  • System monitoring practices
  • Key vault management
  • Kubernetes orchestration
  • Azure core services expertise
  • Solution architecture design
  • Enterprise architecture principles
  • Technical governance frameworks (CAF, WAF, WARA)
  • Infrastructure as code practices
  • CI/CD security measures
  • Automation pipeline development
  • OWASP compliance standards
  • Azure proficiency (hands-on)
  • AWS and GCP knowledge transferability
  • Infrastructure and database migration strategies
  • AI fundamentals understanding
  • Effective communication skills
  • Cross-team collaboration
  • Cloud architecture
  • Security controls
  • Cloud networking
  • IaC automation
  • Cloud migration
  • Governance & Compliance frameworks
  • Customer engagement
  • Problem solving
  • Technical documentation
  • Container orchestration
  • Scalability planning
  • Infrastructure migration
  • Application modernization
  • Hybrid cloud management
  • Disaster recovery planning
  • Monitoring and logging
  • Performance optimization
  • Artificial intelligence implementation

Certification

  • Azure AI Fundamentals (AI-900)
  • Certified Cloud Security Professional (CCSP) - in progress (Training Completed)
  • MITRE ATT&CK Fundamentals
  • Certified Ethical Hacker (CEH)
  • Microsoft Cybersecurity Architect
  • Azure Security Engineer (AZ-500)
  • Azure Solutions Architect (AZ-305)
  • Azure Administrator (AZ-104)
  • ITIL v3 Foundation
  • Certified Technical Solution Architect - IBM

Accomplishments

  • Spark Award Winner 2021 - Client Service & Delivery Excellence
  • Architect of Excellence (ACE) - 2x award for CPE and business impact
  • Multiple Spot Awards for technical consulting and partner enablement
  • Publication: Introducing Disaster Recovery with Microsoft Azure (Apress, 2020)
  • Hackathon Trainer - Conducted large-scale workshops on Kubernetes, security, migration for 180+ engineers

Publications & Thought Leadership

  • Authored Introducing Disaster Recovery with Microsoft Azure (Apress/Springer, 2020), a hands-on guide covering DR strategy, Azure Site Recovery patterns, multi-region resiliency design, monitoring/automation, and real-world implementation scenarios.
  • Built an ALZ deployment accelerator using IaC + Azure Blueprints to deliver repeatable, policy-driven landing zones aligned to CAF/Well-Architected standards across customer subscriptions and environments.
  • Designed a modular blueprint architecture (core + optional extensions) to support customer-specific variations (networking, identity, security, connectivity, region strategy) without forking the platform and operationalized “governance-by-default” by embedding Azure Policy/initiative assignments, RBAC, tagging, logging, and security baselines directly into the deployment pipeline—turning controls into code, not documentation.
  • Standardized environment rollout (dev/test/prod) with parameterized artifacts and versioned releases, enabling consistent deployments at scale while preserving local requirements.
  • Led end-to-end platform delivery: requirements → reference architecture → IaC implementation → CI/CD integration → validation → customer handoff/runbooks—driving adoption with real operational readiness.
  • Established a policy-as-code lifecycle with change control, drift management, and guardrail testing—treating governance like a product with releases, not a one-time setup.
  • Advanced security posture through secure-by-design landing zones: identity hardening, least privilege RBAC patterns, logging/monitoring foundations, and security baselines integrated into the “day-0” build.
  • Created a reusable blueprint catalog for common enterprise patterns (hub-spoke, shared services, workloads, management groups) to reduce solution time and improve consistency across multiple customers.
  • Drove stakeholder alignment between security, infra, and app teams by translating policy/controls into deployment artifacts and measurable outcomes (compliance coverage, guardrail adoption, rollout velocity).
  • Enabled scale and sustainability by producing documented standards (naming/tagging, subscription vending, management group design, network archetypes) and operational runbook that teams could run without heroics.

Websites

Similar Profiles

CREATE PROFILE
Yashajeet Chowdhury