RamMohanReddy A

OT/ICS & AI Security Architect | Securing Critical Infrastructure & Autonomous AI Systems | Microsoft D4IOT, Dragos, Claroty, Nozomi | IEC 62443 & NIST CSF | Physical AI Security

Malaysia

About

I am a Cybersecurity Architect with over 7 years of experience protecting critical infrastructure and operational technology (OT). Having spent my career securing complex industrial environments globally, I now focus on the next frontier of enterprise risk: AI Security Architecture. I specialize in building governance-aligned security frameworks that protect both physical ICS networks and emerging autonomous AI deployments. My foundation is built on large-scale enterprise execution and technical consulting. At Saint-Gobain, I led the deployment of over 80 OT sensors across production sites worldwide, executing network segmentation and threat modeling at scale. I then transitioned into senior consulting and pre-sales engineering across APAC with PwC and MicroSec. In these roles, I drove end-to-end security architectures, deployed Microsoft D4IOT, Dragos, and Claroty, and integrated OT telemetry into central SOCs to reduce incident response times without disrupting operational continuity. Today, as organizations rapidly adopt large language models (LLMs) and automated agents, I focus on the intersection of AI and enterprise security. Through dedicated research and applied practice, I design secure AI reference architectures that enforce strict data governance, mitigate prompt injection, and ensure cryptographically auditable AI behaviors aligned with frameworks like the NIST Risk Management Framework (RMF). 🛠️ Core Technical Focus: • AI Security Architecture: Secure AI agent design, prompt injection mitigation, and safe LLM deployment pipelines. • OT/ICS Security: Threat modeling for industrial protocols (Modbus, OPC UA, DNP3, etc.), network segmentation, and IEC 62443 risk assessments. • Security Observability: Building auditability, identity & access governance, and automated SOC playbooks. • Industrial Tool Stack: Extensive hands-on and pre-sales experience with Microsoft D4IOT (CyberX), Dragos, Claroty, Nozomi, and Armis. • Enterprise Consulting: Architecting tailored PoCs, drafting technical RFPs/SoWs, and translating complex security risks for executive stakeholders. Whether securing legacy SCADA systems or designing zero-trust parameters for AI agents, my goal is always to deliver scalable, resilient, and business-aligned security architectures. Currently open to global opportunities in AI Security Engineering, OT/ICS Architecture, and Security Governance.

Experience

  • AI Security Architecture & Platform Engineering at Independent / AI Security Lab
    Mar 2026 - Present · 5 mos

    Designed and implemented production-grade AI security architectures simulating enterprise-scale AI systems, focusing on secure LLM deployment, agent safety, and governance alignment. Key Contributions: • Architected secure AI agent runtimes using zero-trust principles with containerized sandboxing (Docker), enforcing strict isolation of execution environments • Built advanced prompt injection detection systems with 30+ adversarial rules aligned with OWASP LLM Top 10 • Engineered multi-layer PII protection pipelines combining regex, NLP (Presidio), and contextual validation • Implemented RBAC-based access control, OAuth2, JWT authentication, and secure API mechanisms (HMAC signing, token rotation) • Designed tamper-evident audit logging using SHA-256 hash chains and HMAC-signed records for forensic traceability • Applied STRIDE-based threat modeling across AI systems to mitigate spoofing, privilege escalation, and data exfiltration risks • Integrated observability stacks (Prometheus, Grafana) for real-time monitoring and anomaly detection in AI workflows • Aligned architectures with NIST AI Risk Management Framework and EU AI Act principles Technologies: LLMs (Claude, Gemini, Ollama), Node.js, FastAPI, Docker, PostgreSQL, Redis, OAuth2, Prometheus, Grafana

  • Cyber Security Consultant - Startup at MicroSec startup
    Feb 2025 - Feb 2026 · 1 yr 1 mo

  • Career Break & Career Development at Freelance
    Mar 2024 - Feb 2025 · 1 yr

  • Security Consultant - Associate 2 at PwC
    Jul 2022 - Mar 2024 · 1 yr 9 mos

  • Security Engineer at Saint-Gobain Group in India
    Feb 2019 - Jun 2022 · 3 yrs 5 mos