Performing time-to-time cloud security risk assessment for cloud services & applications already in azure.• Proposed new frameworks for Azure cloud security for implementation.• Identified risks and vulnerabilities reported in Defender for Cloud and remediated them.• Responded to security incidents, perform analysis, and take appropriate corrective action.• Integrated security tools like SonarCloud in Azure pipeline.• Design, implement and managing virtual networks with… Show more Performing time-to-time cloud security risk assessment for cloud services & applications already in azure.• Proposed new frameworks for Azure cloud security for implementation.• Identified risks and vulnerabilities reported in Defender for Cloud and remediated them.• Responded to security incidents, perform analysis, and take appropriate corrective action.• Integrated security tools like SonarCloud in Azure pipeline.• Design, implement and managing virtual networks with NSG/ASG and applied DDoS protection.• Implemented Express Route connectivity form Azure Cloud to partner on-prem.• Enabling Azure Defender on subscriptions to protect our azure resources and hybrid resources.• Implemented MFA with conditional access policies and Privilege Identity Management (PIM).• Performed SAST security testing on applications and performed False positive analysis.• Worked on Intune, i.e., Device enrollment, Device Configuration, Device Security, Conditional Access policy and Device compliance• Deployed Web application firewall (WAF) for existing Az Webapps to protect from external attacks.• Implemented and configured security controls and policies, managed access to data and monitored threats to ensure that azure webapps, infrastructure, and networks are protected.• Implemented Azure Monitoring Dashboard and alerts as per the requirement. • Develop least privilege model for the Azure Active Directory / Entra infrastructure as well as critical applications, and ensure product and tooling enforces policies and controls from a technological level.• Collaborated with development teams to ensure that security is designed into new applications and systems.• Worked on security compliance standards, such as ISO 27001/27002.• Worked on Azure firewalls, intrusion detection/prevention systems, vulnerability scanners, etc.• Created documentation on security best practices and performed audits to ensure compliance with regulations. Show less

isk for adherence to security policies, standards, and industry best practices.• Developed new frameworks for cloud security. Implemented new security measures on the Azure cloud.• Served as an Azure Security Subject Matter Expert (SME) on the Governance and Architecture team as part of a cloud optimization program to deliver new and secure cloud services throughout the organization.• Worked with penetration/compliance teams to close the risks, security gaps, and threats in cloud… Show more isk for adherence to security policies, standards, and industry best practices.• Developed new frameworks for cloud security. Implemented new security measures on the Azure cloud.• Served as an Azure Security Subject Matter Expert (SME) on the Governance and Architecture team as part of a cloud optimization program to deliver new and secure cloud services throughout the organization.• Worked with penetration/compliance teams to close the risks, security gaps, and threats in cloud environments.• Responsible in web application vulnerabilities (OWASP) to review application source code to find its security vulnerabilities and recommend remediation. • Investigated and resolved security concerns raised by internal teams and partners.• Participated in system and network specification review process to ensure system/network requirements translated into industry best practice as per the requirements.• Worked with vendor on Proof of concept (POC) for new security tools.• Reviewed IAM roles and polices and mitigate the gaps and re-structured the roles and groups.• Upgraded cloud services version and end of life (EOL) products to reduce the threat surface and migrated applications on new cloud platform.• Experience in AWS creating services like EC2, IAM, VPC, NACL, Security Group, EBS, AMI, Route53, Snapshots, Backup Life cycle manager, Autoscaling, Cloud Watch, Cloud Trail, Cloud Front, WAF, SNS, S3 bucket using Terraform.• Created or updated policies and procedures documents to comply with industry regulations and best practices.• Implemented and configured security controls and policies, managed access to data and monitored threats to ensure that apps, containers, infrastructure, and networks are protected.• Worked on security standards such as GDPR & PCI DSS.• Performed network troubleshooting to isolate and diagnose common problems. Show less

• Experience in Cloud planning, designing, implementation, development, and optimization solutions on Microsoft Azure/office365 and AWS.• Integrate on-premises Windows AD with Azure AD/Office 365, configure multi-factor authentication (MFA), Single Sign-on and Azure Role-based Access Control (RBAC).• Expertise in MS Azure Security, Monitoring, Azure Identity and Access Management (IAM), Azure Information Protection (AIP), Azure Advance Threat Protection (ATP).• Worked on Conditional… Show more • Experience in Cloud planning, designing, implementation, development, and optimization solutions on Microsoft Azure/office365 and AWS.• Integrate on-premises Windows AD with Azure AD/Office 365, configure multi-factor authentication (MFA), Single Sign-on and Azure Role-based Access Control (RBAC).• Expertise in MS Azure Security, Monitoring, Azure Identity and Access Management (IAM), Azure Information Protection (AIP), Azure Advance Threat Protection (ATP).• Worked on Conditional Access (CA) and Privileged Identity Management (PIM).• Design, implement and manage virtual networking within Azure and connect to on-premises environments, configure Express Route/Direct Connect, Virtual Network, Virtual WAN, VPN Gateways (Site to Site and Point to Site), NSG, ASG, Firewall, Routes, Bastion etc.• Experience in Azure load balancing services including Application Gateway, Traffic Manager, Front door, Azure Media Services, Content Delivery Network (CDN) with Web Application Firewall (WAF).• Installed, configured, administered, monitored Azure, SAAS and PAAS application.• Implemented Azure DDoS protection to protect your Azure resources from denial-of-service threats.• Worked on Azure Security Center and implemented the policy as per the requirements.• Use Watchlists, Visualize and Monitor your data in Azure Sentinel (Azure SIEM Solution).• Set up automated threat responses in Azure Sentinel.• Knowledge of CI/CD pipeline using DevOps tools on cloud with GITHub, Docker with Jenkins plugins.• Experience with configuration management tool like Terraform and understand their common use cases.• Develop PowerShell scripts and ARM templates to automate the provisioning and deployment process. • Troubleshoot and identify performance, connectivity and other issues for the applications hosted in Azure platform.• Deep understanding of ITIL practices and toolsets. Show less

• Design and implement advanced functions of Azure AD Premium / Office 365 including security, governance, and compliance.• Experience in planning, designing, implementation, migration, operation of complex solutions on Microsoft Azure/office365.• Integrate on-premises Windows AD with Azure AD, configure multi-factor authentication (MFA) and Single Sign-on.• Led implementation of Office 365 with Azure Active Directory for single sign on, authentication, authorization, and Azure… Show more • Design and implement advanced functions of Azure AD Premium / Office 365 including security, governance, and compliance.• Experience in planning, designing, implementation, migration, operation of complex solutions on Microsoft Azure/office365.• Integrate on-premises Windows AD with Azure AD, configure multi-factor authentication (MFA) and Single Sign-on.• Led implementation of Office 365 with Azure Active Directory for single sign on, authentication, authorization, and Azure Role-based Access Control (RBAC).• Strong expertise in MS Azure Security & Azure Identity and Access Management (IAM).• Design, implement and manage virtual networking within Azure and connect to on-premises environments, configure Express Route, Virtual Network, Virtual WAN, VPN Gateways (Site to Site and Point to Site).• Designed Network Security Groups (NSGs) / ( ASGs ) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.• Knowledge of CI/CD pipeline using Azure DevOps cloud and on-premises with GITHub, Docker with Jenkins plugins.• Understanding with container orchestration – Kubernetes, Docker.• Configured private and public facing Azure load balancers.• Prepared capacity and architecture plan to create the Azure Cloud environment to host migrated IaaS VMs and PaaS role instances for refactored applications and databases.• Experience with configuration management tool like Terraform and understand their common use cases.• Building and Installing servers/infrastructure through Azure Resource Manager (ARM) Templates, Azure Portal or GIT.• Deploying VM's, Storage, Network, and Affinity Group through PowerShell Script.• Worked on Unify Security Management/Security Center and enable advanced threat protection for workloads in the cloud and on-premises.• Implemented Azure DDoS protection to protect your Azure resources from denial-of-service threats.• Worked on Azure Security Center and implemented the policy as per the requirements. Show less

Sr. Cloud Consultant: (December 2018 – January 2020)• Experience in Cloud design, development, and implementation using Microsoft Technologies for enterprise applications.• Worked with large teams and involved in architecture of highly scalable, secure, distributed applications, aligned with company standards, process, methodologies, and best practices.• Performed migration from ON - Premises to Azure cloud (Servers / Applications / Office365).• Led implementation of Office… Show more Sr. Cloud Consultant: (December 2018 – January 2020)• Experience in Cloud design, development, and implementation using Microsoft Technologies for enterprise applications.• Worked with large teams and involved in architecture of highly scalable, secure, distributed applications, aligned with company standards, process, methodologies, and best practices.• Performed migration from ON - Premises to Azure cloud (Servers / Applications / Office365).• Led implementation of Office 365 and Azure Active Directory for single sign on, authentication, authorization, and Azure Role-based Access Control (RBAC).• Building and Installing servers/infrastructure through Azure Resource Manager (ARM) Templates with PowerShell, Azure cli, and Azure Portal.• Design, implement and manage virtual networking within Azure and connect to on-premises environments, configure Express Route, Virtual Network, Virtual WAN, VPN Gateways (Site to Site and Point to Site). Also deployed NSG, Azure Firewall, Load Balancer, Application Gateway.Sr. Security Architect: (October 2012 – November 2018): • Having sound knowledge of designing, implementing, configuring with best practices on NexGen Network & Security Appliances (Checkpoint, Palo Alto & Fortinet Firewalls, Bluecoat proxy, Intrusion Detection and Prevention.• Managed more than thousands Checkpoint/Palo Alto Firewalls via Checkpoint Provider-1 and Panorama console.• Provided 24*7 supports for day-to-day global operational activities for multiple global clients. Including Change Implementation, Handling Work order access Request, High Priority incident handling / troubleshooting for Network and Security Devices (Checkpoint, Palo Alto, Fortinet, & Bluecoat).• Worked in various domains like Financial, Banking, Insurance, Law Firm, Digital Marketing, Non-profit and Manufacturing business unit. Show less

• Worked with US prestigious banks, Insurance companies, and Retail businesses.• Install computer hardware and software on desktops to keep versions current.• Install, upgraded, supported, and troubleshoot Windows Operating Systems and Microsoft Office suite, and other applications as assigned.• Configure antivirus software to fully protect IT environment.• Analyzed and diagnosed DNS/DHCP/VPN and other networking issues.• Monitor the performance of the computer systems and… Show more • Worked with US prestigious banks, Insurance companies, and Retail businesses.• Install computer hardware and software on desktops to keep versions current.• Install, upgraded, supported, and troubleshoot Windows Operating Systems and Microsoft Office suite, and other applications as assigned.• Configure antivirus software to fully protect IT environment.• Analyzed and diagnosed DNS/DHCP/VPN and other networking issues.• Monitor the performance of the computer systems and address issues as they arise.• Provide technical support for software reconfigurations to aid in function customization.• Conceptual and hands-on experience with Microsoft technologies (Windows, Active Directory, DNS, Group Policy, Skype, File Server, Print Server.• Test software performance throughout the desktop network to ensure peak performance.• Experience of VMware Administration and maintenance.• Network with LAN/WAN and active directory for continuous company connection.• Strong knowledge in supporting video conference.• Worked of Foundry load balancer.• Performed general preventative maintenance tasks on computers, laptops, printers and any other authorized equipment.• Provided real-time network and bandwidth statistics to clients and upper management.• Managed and coordinated equipment purchases, by negotiating purchase and service agreements with external vendors.• Build strong working relationships with key customer contacts. Show less

• Collaborated with other departments in a team-oriented environment.• Provided first line support for customer inquiries, problems, and/or requests including web portal.• Reduced the deployment time of a new computer by 50% by creating hard disk images containing a standardized list of application suites and security updates.• Facilitated desk and floor moves.• Installing, configuring, and troubleshooting various peripheral options and networks devices.• Configured Cisco IP… Show more • Collaborated with other departments in a team-oriented environment.• Provided first line support for customer inquiries, problems, and/or requests including web portal.• Reduced the deployment time of a new computer by 50% by creating hard disk images containing a standardized list of application suites and security updates.• Facilitated desk and floor moves.• Installing, configuring, and troubleshooting various peripheral options and networks devices.• Configured Cisco IP desk and software phones for end users.• Provided support for Blackberry devices.• Set up lab environment for testing application installs and MS updates push.• Created new user accounts, password resets, group policy, logon scripts, as well as creating and managing file shares within an active directory environment.• Setup and maintain network cabling at corporate and remote location. Show less