We provide IT Staff Augmentation Services!

Sr Azure Intune Cloud Security Engineer Resume

2.00/5 (Submit Your Rating)

SUMMARY

  • I’m a result - driven, outside the box analytical IT Professional that enjoys creating, designing, and overseeing technical projects in alignment with organizational goals, and supervising a team of workers, while working closely with management, external vendors / stakeholders / partners, along with having experience engineering CI/CD SaaS, PaaS, IaaS cloud / On-premise environments.
  • Team player identifying new market opportunities and researching and recommending new products who has considerable knowledge with developing and implementing effective quality control processes, ensuring, cost-effect, scalable, and elasticity
  • With more than five years of demonstrated superb technical competency, delivering mission-critical infrastructures with the software development life cycle (SDLC) from preliminary system analysis to tests (Design, Develop, Test, Tune) and deployment, engineering cloud computing and on-premise infrastructures.
  • Participated in design of Lift, Shift, and Optimize Hybrid/Legacy Cloud Infrastructures migration, Identity Access Management (IAM) / Privileged Access Management (IAM) and On-boarding of Office 365 cloud/ hybrid / on-primes projects, working with information engineers to find solutions to manage business activities, providing 24/7 onsite, on-call working collaboratively with 2nd and 3rd level support with vendors and other personnel for problem resolution that comply with regulations and compliance standards.

TECHNICAL SKILLS

Microsoft Software Products: (Windows, Office, SharePoint, Exchange, SharePoint, One Note, InfoPath, Skype, and Microsoft Teams, SCCM, Excel, MS-ProjectPower-point, MS-Access, MS-Word, MSI Package MS Azure, Office 365 Enterprise E3/ E4/ E5, Enterprise Mobility + Security E5 )

Microsoft Admin Portal: Azure Active Directory, Devices Management, Exchange Online, SharePoint Online, OneDrive Online, Flow, PowerApps, Dynamic 365, Microsoft Teams, Yammer

Scripting Languages: VBScript, PowerShell, Python, SQL, Java, HTML, CSS, jQuery, PHP, JavaScript, Java, C++, PowerShell, Python, WordPress

Databases: Oracle 10g, SQL, MySQL, PL/SQL, DB2, .NET, NET core

Protocols: IPv4, TCP, DNS, DHCP, TRUNK, ISO, RDP, TTP, LAN, WAN, NTP, TFTP, NTP, FTP TCP, DNS, DHCP, ISO, TTP, NTP, SAN, DAS, FTP, SNMP, ICMP, RADIUS, TACACS+, NetFlow, CDP, Telnet, SSH, HTTP/HTTPS

Virtualization Software: Hyper-V, VMware Horizon Suite, Citrix XenDesktop, VDI, Hyper-V, AirWatch, vSphere 6.7, XenApp, VMware Thin App, Microsoft App-V, AWS, vCloud Air, Google Cloud Platform, HotLink SuperVISOR, NPM, PRTG Network Monitor, Cisco Network Assistant, AWS

Software Deployment: SCCM, Altiris, Afaria, Adaptive Workbench, AdminStudio, MSI, VHQ

Network Security: CyberArk, SuperPutty, Arcsight, Tripwire, Skybox, Wireshark, SIEM, IDS/IPS, Nagios

Active Directory: Domain Services, controlling access Creating Deleting Moving and Read Writing Attributes of Objects, Managing users and groups, Service publication and logon accounts

SCCM: Hierarchy Migration, Role-Based Security, Site System Roles, OS & Application Deployment, Software Updates, Asset Management, Client Installation, Reporting, Compliance, Endpoint Protection, Mobility, Site Installation

Engineered Servers: Windows Server 2012-2016, Linux 6, Microsoft Dynamic 365 Server 9.0, Microsoft Active Directory Server, Microsoft DNS, Microsoft DHCP Server, MS SQL Server, SCCM Server

Application Management Tools: Google Analytics, Google Ads Export, Google Site Map Online SCCM, SCOM, VHQ, New Relic, AppDynamics, Retrace

Cisco Training: (CCNA Boot Camp, Cisco Switch, and ASA Firewall)

Switch Configurations: Show int status, Show Mac address, Show cdp nei det, conf t, switchport access Vlan, end, ipconfig /all, wr mem, no shut

Networking Tools: Cyberark, InfoBlox, VHQ, Superputty, Comemu64, Palo Alto firewall, Adaptive Network, NX9500, WireShare, InfoPing, Zabbix, Nagios, Meraki

Networking Hardware: Cisco UCS P81E Virtual Interface Card, Cisco Catalyst 9300, ISR 800 Series, Cisco Catalyst 9800, Cisco Meraki AP

Ticketing Systems: Remedy, ServiceNOW, Dev Tracker (Bug Tracking), Cherwell (Replacement for Remedy), Severs Desk

Operating Systems: Windows xp-10, Mac OS Sierra(Lobo&Fuji), UNIX, MS-DOS, Linux, Win sever 03- 2016

Access Management Tools: ICOMS, CSG, Citrix, Active Directory, DPFM, NBC

PROFESSIONAL EXPERIENCE

Sr Azure Intune Cloud Security Engineer

Confidential

Responsibilities:

  • Created Microsoft Visio diagrams and documentation based on customer on premise environment and future Azure cloud environment; provided guidance on how to secure Azure Cloud Infrastructure and Office Enterprise environment.
  • Managed, created, and troubleshoot users, groups, organizational relationships, roles and administrators, enterprise applications, Identity Governance, application proxy, licenses, Azure AD Connect, MDM, Password reset, user settings, properties, and notification settings within the Azure Portal; identity conditional Access and risky users
  • Monitored sign-ins, audit logs; enforce MFA and PIM methods
  • Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, security policies and routing
  • Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets.
  • Designed Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.
  • Created .NET Core apps for Azure COSMOS Database in Visual Studio Code to store and query data; created, read, update, and delete NoSQL data
  • Designed, configured and deployed Microsoft Azure for a multitude of applications utilizing the Azure stack (Including Compute, Web & Mobile, Blobs, Resource Groups, Azure SQL, Cloud Services, and ARM), focusing on high - availability, fault tolerance, and auto-scaling.
  • Designed, created, and deployed Web API’s merging 3rd party (SecureWorks “SonicWALL’s” & Palo Alto) firewall applications; configured ports, created tags, and modified policies
  • Configured identity support in existing ASP.NET core web app and continuous deployment (CI/CD) pipeline; provided new users registration capabilities, ensured multi-factor login capabilities with policy-based authorization using claims; extend the underlying identity data stored and deployment policies configurations
  • Engineered, configured, modified and troubleshoot Azure containers using Kubernetes (AKS)& blob (Block Blobs, Append Blobs, Page Blobs) storage accounts; Reviewed Azure Storage Account pricing based off volume of data stored per month, quantity and types of operations performed along with data transfer costs, and data redundancy
  • Utilized Azure Event, Network, and SQL Database Analysis; identified executed process from uncommon locations, suspicious path, abnormal context, unusual account and attempts to start all executables (*.exe) in a directory executed from the command line; detected suspicious incoming SQL brute force attempts & RDP network activity from multiple sources
  • Implemented OpenID Connect and OAuth protocols; provided secure access to resources, web applications, desktop applications, mobile applications, and single-page applications
  • Analyzed and resolved brute force attempts against SQL servers with Microsoft Azure Network Analysis (IPFIX); detected suspicious incoming SQL communications
  • Designed users resource groups settings and management, label management, policies and configurations management, security rules, iOS, W10M, Android new versions testing, and tagging schema, Mobile Application Management within Intune; provided signing of in-house apps by enterprise certificates (iOS, W10M), provisioning profile management, app publication in internal enterprise store), improved audit

Microsoft FastTrack Engineer

Confidential, Charlotte, NC

Responsibilities:

  • Transformed Enterprise / Government Customers data daily with Power BI explored and analyzed vulnerability scan data for Fortune 500 companies on premises and in their cloud environment; enhanced data before it leaves the Outpost24 platform, exported and sanitized data, created basic visuals based off relevant information, impetrated data from all of the Outpst24 platform elements
  • Educated / collaborated with Enterprise Customers on customized Security and Compliance (Permissions, Data Loss Prevention, Records Management, Data Governance, Threat Management, Data Privacy, Data Investigations) & Cloud App Security (Treat Detection, Privileged Accounts, Cloud Discovery, Sharing Control, Access Control) dashboards with exported interactive Microsoft Excel spreadsheet reports; provided guidance for successful user adoption, ensuring infrastructure readiness by delivering technical workshops as necessary with customized Microsoft Excel spreadsheet remediation checklist; defined Enterprise Customers group polices, data management, network bandwidth, security clients, application readiness, encryption and drivers
  • Provided Windows OS Support with Desktop Analytics and Windows Update configurations; improved Inventory Apps, App Compatibility issues, pilot groups / driver estate across a minimal set of devices; highlighted migration readiness based on cloud-enabled data insights
  • Assist Enterprise / Government Customers with Microsoft Office COTS Core products based off Customers Tenant Level, Sets and amount of licenses; provided migration prerequisites and requirements for Enterprise / Government Customers daily; violated Global Admin access and permission within Microsoft Office Enterprise Exchange Online / Azure Portal, performing standardized and prescheduled Mailbox, SharePoint Online (File Share SMB, Box), OneDrive Online for Business(File share Server Message Block (SMB) 2.0, G Suite and Google Drive, Box) and Exchange Online (Exchange 2003- 2016, G Suite and Gmail, IBM Domino Notes, Group Wise IMAP) migrations with cloud-based migration tools / customized PowerShell scripts based off the amount of Licenses, Set’s, and Storage the customer has; identified risk with customized Remediated Check List’s, providing guidance and best practices for migrating from Exchange on-premises to Exchange Online, SharePoint on-premises to SharePoint Online; verified identity within Azure Portal, ensured Enterprise Customers accomplished hybrid identity goals; assisted with Password hash synchronization, Pass-through authentication, Federation integration, Synchronization, and Health Monitoring of Enterprise Customer on-premises and cloud environments for a successful migration
  • Designed custom base solutions based off if Customers primary goal is handling sensitive data, services offered by the cloud provider, deployment, and privacy statement terms; provided Criminal Justice Information Services (CJIS), Cloud Security Alliance (CSA) STAR Certification, General Data Protection Regulation (GDPR), EU Model Clauses, Health Insurance Portability and Accountability Act (HIPAA), International Organization for Standardization (ISO), Multi-Tier Cloud Security (MTCS) Singapore, Service Organization Controls (SOC) 1, 2, and, National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and UK Government G-Cloud Compliance offerings.
  • Collaborated with partners and team determined deployment ring planning, upgraded Windows 10 using Configuration Manger Current Branch with Microsoft Deployment Toolkit (MDT) guidance; ensured that task sequence is successfully created for OS and Office 365 ProPlus app package with MDT, deployed Windows 10 Enterprise using a PXE server and enabled licenses
  • Organized and hold conference calls via Microsoft Outlook, Microsoft Teams, and Skype for Business according to agreed schedule to review the progress of the remediation activities and success planning; educated Enterprise Customers, partners and stakeholders on required steps to complete remediation SDLC phases with migration progress and updates to timelines utilized Microsoft Excel spreadsheet / FastTrack Project Management System; analyzed planning, design, building, testing, and deployment for the process of developing, altering, maintaining, and replacing software systems
  • Analyzed, developed and communicated key Onboarding process and technology improvement feedback for Office 365 Onboarding and entire Software Deployment Lifecycle (SDLC) / Security Development Lifecycle (SDL).
  • Designed a customized solution for Microsoft Enterprise Customers & created PowerPoint Presentations; assist and educated enterprise customers with their Mobile Devices Management (Intune) lifecycle phases (Enroll, Configure, Protect, Retire)
  • Created Azure Active Directory, Configuration Manger, Microsoft Intune, and Windows 10 diagrams based off Enterprise Customers Infrastructure assessment; engineered customers deployment & remediation co-management (Auto-enroll existing clients &Bootstrap with modern provisioning) approach
  • Educated Enterprise and Government customers on how to mitigate the threat of their contextual information utilizing Azure Security Incident Alerts for log clear events, PNP device plugged from unknown device, new account creations, file decoded using curtail tools

Cloud Infrastructure Engineer

Confidential, Rocklin CA

Responsibilities:

  • Completed and lead MacAfee antivirus SCCM remediation / vulnerability assessment project assigned by IT Director during breach of all application on operating systems and servers; Analyzed a exported Microsoft Excel spreadsheet daily; identified software installation errors and misconfigurations compromise security and stability, resulting in escalated support costs, prevented errors and security risks, increased organizational uptime, secured infrastructure before yearly audit; successfully monitored the configuration of Microsoft Windows operating systems, Internet Explorer, Microsoft Office, SQL Server, and Internet Information Services (IIS) of client’s health, deployed software, protected data and while testing hundreds of applications within SCCM, enforced compliance across all devices in production.
  • Resolved SQL injections with Azure Threat Detection for Azure SQL Database; created vulnerability to SQL injection alerts focused on PaaS services and applications
  • Tested, Packaged and deployed thousands of CyberArk COTS agents to Win 2008, 2012, & 2016 Servers/ Hyper-V Servers, Win 7 & 10 Clients using SCCM; analyzed privileged credentials, record and monitor privileged sessions and remediation risky activities across on-premises, cloud and hybrid environments, ensured end-user access privilege on both Windows and Linux servers and detect and mitigate threats on domain.
  • Engineered Confidential - Confidential retail infrastructures within an enterprise level environment, redesigned thousands of Legacy hardware that support Windows 2003 server with in store VSS (Virtual Store Server) with HP ML150 Gen9 headless design enterprise class server tower with Hypervisors (Hyper-V) that support Windows Server 2012 R2 within a VMware environment mirrored/replaced their old Win 2003 inventory server with New win 2008 Server and Created break fix environment for RHEL using VMWare to train team members, ensured enhanced remote capabilities for day to day support, increased system availability and productivity by 75%
  • Successfully performed storage back up recovery strategy, backed up, copied, and replaced files / applications from Thousands of Legacy Win 2003 Server, Win XP POS debit terminal to New Win 2012 Server, Win 2008 Server (Hyper-V), and Win 2007 POS debit terminal/ Win 2010 PC’s; configured servers static ipv4 (IP, Subnet Mask, Default Gateway, DNS 1, DNS 2) settings within VMware/Win Server 2012 & 2008/Hyper-V SAN, Created and Modified PowerShell scripts to join Servers/ OS’s to company domain (troubleshooted within Active directory Users and Computers), and Manually installed/created (clients .exe .vbs . batch) scripts/files/ applications; ensured retail store systems/PCs was operational before next day open.
  • Designed containers C1/CD and application within Microsoft Azure resource group; provided isolated execution environment for cloud / 3rd party / On-premise applications; improved software deployment and application start time by 75%
  • Collaborated, managed, trained and supervising of over 500 Onsite Field Engineers remotely / Onsite created schedules and step by step documentation; ensured filed engineers verify physical server, BOP (Windows 2007 HP ProDesk 400 Back Office PC), Windows 2007 Point of Sales systems, Printer, Pin-Pad (VeriFone’s), and Scanner Patch Cables are plugged into correct Cisco Catalyst’s 8 or 24 switch ports and Power cards plugged in correctly for Server build, and Software Deployment project
  • Engineered the mapping of thousands of Windows 2012 servers, Windows 7, and Windows 10 HP/ Lexmark printers, installed/ removed drivers, configured TCP/IP settings, named hostnames, configured /named TCP/IP switch ports and configured firewall settings; ensured printers was operational before William- Confidential retail stores open next day
  • Created, Deleted, and Moved read writing attributes of objects, managing users and groups, service publication and logon accounts within AD; decreased user vulnerability, improved services requests, and provided access to thousands of end users
  • Created, Modified, and maintain custom PowerShell and SQL scripts, increased system efficiency and lower the human intervention time on any tasks
  • Desktop support including software and hardware installation and trouble shooting and Consisted of upgrading Windows 7 machines to Windows 10, adding users to company domain & enabling them in active directory, upgrading computers, printers, monitors and misc. equipment.
  • Oversee Tier 3 cases/escalations for Windows High-availability Team, which covers Hyper-V, Clustering, Storage, and Backup in both on-premises and Azure deployments. Helped to bring 12 3T engineers online in under six months; mentored new engineers on sites coming online in other countries (Costa Rica and India).
  • Resolved the most cases in area of responsibility with 100% customer satisfaction; served as technical resource for several technologies, including Windows Clustering, Hyper-V, Storage and Backup
  • Resolved hundreds of SNOWS 1st 2nd and 3rd level production base tickets; troubleshoot Window Server 2012 /Hyper-V inventory Servers, Windows 7 / 10 Point of Sale systems, Cisco Switch VLAN LAN DHCP TCPI/P port’s, reimaging operating systems and install applications, improved operation and system availability throughout infrastructure; automated tasks with engineered serverless process within Microsoft Azure ( Serverless Computing )
  • Participated in daily meetings interacting face to face with clients, DevOps Engineers and project managers to understand systems Software Development Lifecycle (SDLC) and consult with customers and third-party vendors to determine their needs in a courteous manner, ensuring the highest levels of systems and infrastructure availability by thoroughly documenting and creating diagrams for concepts of backups, migration strategy, and design and systems management strategies provided the best Solutions.
  • Created and modified SQL scripts; exported audit deliverables requested by IT Director/ Project Manager into Microsoft Excel spreadsheet created Pivot Tables, Macros and VLOOKUP’s, decreased risk and improved audit completed projects before aggressive deadlines
  • Utilized and knowledgeable of Azure Portal, Azure PowerShell / Azure Command-Lin Interface, Azure Cloud Shell and Azure Mobile App management tools to resolve, configure, and troubleshoot incidents / tickets within a project management system (ServicesNow)
  • Managed Windows 10 devices of all kinds, from desktop PCs to HoloLens and Surface Hubs, company-owned or employee-owned, as well as mobile devices using Microsoft Intune & SCCM; joined devices to Azure Active Directory (Azure AD), On-premises Active Directory (utilized Hybrid Azure AD Join)
  • Created and manage device security policies, remotely wipe a device, and view detailed device reports with Microsoft Intune (MDM); applied broader privacy, security, and application management settings through lighter and more efficient tools, while also allowing you to target internet-connected devices to manage policies; resolved incident / ticket requests, improved quarterly audit and decrease risk across company’s Infrastructure
  • Managed, configured, and deployed Apple / Android / Windows enrollment within Microsoft Azure Intune; installed prerequisites ( Apple MDM Plus Certificate), bulk enrollment, program tokens, and targeting enrollment methods for all personal devices with work profiles, corporate owned / fully managed user devices, and corporate owned dedicated devices; Created & assigned terms and conditions to all MDM devices; monitored & resolved enrollment failures by analyzing audit logs and incomplete user enrollments, ensured users have access to corporate resources with certificates, wireless networks, VPNs, and email profiles

We'd love your feedback!