Fabien Soulis

- Architected security for 100+ enterprise applications across multi-cloud and hybrid environments serving 150K+ employees and millions of customers in 70 countries, securing new complex information systems including new SAP and Dynamics 365 deployments and microservices architectures (order management, inventory, product catalog, payment processing, authentication, etc.). Zero major security incidents.

- Architected security (Including Security Governance) for global IT core services including data factory (APIM, ETL, Data Lake, Data Warehouse, BI), Cloud factory (Cloud Design Pattern with IAC, DevSecOps, CSPM, Container Security (Kubernetes, Docker), etc), M365 (Intune, SharePoint, Exchange Online, MS Copilot, etc.), identity Infrastructure (AD DS, Microsoft Entra ID, CIAM, CyberArk, etc.), email infrastructure (Proofpoint, Postfix, IronPort, DMARC etc.). Zero major security incidents.

- Developed web solutions/tools with Python and AI/LLM that increased security review speed by 50% and quality by 25% across a team of 20 global architects

- Conducted security due diligence for mergers and acquisitions, assessing target IT environments and developing post-merger integration security roadmaps

- Defined security requirements for RFPs and negotiated security clauses in vendor contracts to ensure proper controls and limit breach liability (Third-Party Risk Management)

- Conducted incident response for advanced malware and intrusion attempts and conducted digital forensic investigations for IP theft and data breach incidents, delivering court-admissible evidence and executive reports that supported legal proceedings and insurance claims. Developed threat detection scenarios for SOC teams.

I developed and taught a comprehensive course on secure web application development, specifically designed to build a security-first mindset in large enterprise settings.

The course uses a case study methodology where student teams tackle complex, realistic security scenarios that mirror actual enterprise challenges.

The curriculum covers three main areas : implementing Security by Design principles at organizational scale, comprehensive web application security including OWASP Top 10 vulnerabilities and penetration testing techniques, and practical hardening strategies covering DevSecOps integration, web application firewalls, and system-level security for Docker and Linux environments. I also recently taught my students to leverage AI to speed up and increase the quality of security reviews.

Students consistently rate this as one of the most valuable and engaging courses in their program, particularly appreciating the collaborative team approach and real-world problem-solving focus.

I also supervise master's thesis research in secure software development and cybersecurity, working with graduate students on emerging topics in the field.

- Email authentication with DMARC, SPF, DKIM on behalf of several large and medium-sized enterprises wishing to combat malicious impersonation of their email addresses.

- Design of a secure, multi-tenant SaaS security solution capable of analyzing millions of IPs/domains per day. This solution efficiently blocks malicious phishing attacks before they reach the recipients

- Oversight and leadership of a team composed of developers and AI specialists

- Expertise in fine-tuning and troubleshooting a range of technologies, including Kubernetes, Elasticsearch, PostgreSQL, Azure SQL, Azure App Service, Linux VMs, Azure DevOps, Redis Cache, Azure Service Bus, Azure Logic Apps, Azure Front Door, as well as proficiency in React, Python, and PowerShell, among others.

(Founded, scaled, transitioned to advisory role)