PROFILE SUMMARY:

Over Twenty years of IT industry experience - 8 plus years of experience in Azure and GCP Cloud Security and 12 plus years of Datacenter Infrastructure design and Implementation

PROFESSIONAL EXPERIENCE

Confidential, Nashville TN

Cloud Security Engineer

Responsibilities:

• Involved in Cloud Security Infrastructure and design for client’s in-house Azure Applications
• Experience wif Understanding of Compliance needs across Industry verticals - PCI, SOC2, ISO
• Performed cloud security risk assessment for cloud applications already in Azure
• Involved in defining cloud security controls for an Azure environment at an Enterprise level
• Configured Azure Key vault and key management policies
• Performed security assessment on Azure Hub-Spoke environment
• Enable/Disable Security Policies in Azure Security Center for all Subscriptions
• Validated teh Azure subscriptions for Security controls before going into production.
• Involved in determining Encryption Policies for Azure Resources.
• Worked in User Account Management (SSO/SAML) and multifactor autantication.
• Experienced in Azure features which include Azure Security Center, Virtual Machines, Virtual Networks, Network Security Groups (NSG), Application Gateways, Load Balancers, Storage Accounts, Access Control (IAM), Azure Active Directory, RBAC, Recovery Service Vault
• Identify recommendations in Azure Security Center and GCP Security Command Center and Implement as required
• Experienced in Azure Sentinel, IBM QRadar SIEM tools.
• Automation Cloud Security Tasks and monitoring tasks wif PowerShell, Python and Shall scripting
• Planning and implementing Disaster Recovery solutions, capacity planning, data archiving, backup/recovery strategies, Performance Analysis and optimization.
• Setup Alerting and monitoring using Stack driver in GCP
• Experienced in GCP features which include Google Compute engine, Google Storage, VPC, Cloud Load balancing, IAM
• Build, maintain and manage central security policies for Azure cloud infrastructure.
• Azure Security Center monitoring to address threats and resolve security vulnerabilities.
• Analyze security data and report on threats and incidents across various platforms and environments
• Configured User defined routes to route traffic between teh Azure Networks
• Identify risks and vulnerability reported in Azure security center and GCP Security Command Center and remediate them.
• Implemented all aspects of Google Cloud (GCP) Security including IAM Roles, User and Group Management, 2SV/MFA, Securing VPC's, Firewall Rules, Encryption, Vulnerability scanning.
• Implemented and monitored Google Cloud (GCP) Secret Management using KMS
• Implemented Google Cloud IAM roles on Organization, Project, and resource level
• Implemented and monitored GCP Cloud monitoring and Logging (Stackdriver)
• Configured Pub/Sub to send logs from Google Cloud (GCP) to IMB QRADAR and Splunk using Terraform

Confidential, Fort-worth TX

Cloud Security Engineer

Responsibilities:

• Involved in Cloud Security Infrastructure and design for client’s in-house Azure Applications
• Experience wif Understanding of Compliance needs across Industry verticals - PCI, SOC2, ISO
• Performed cloud security risk assessment for cloud applications already in Azure
• Involved in defining cloud security controls for an Azure environment at an Enterprise level
• Implemented Cloud security controls in SecOps including Encryption, Tagging, Container security, NSG management, Service Endpoints, DDoS
• Configured Azure Key vault and key management policies
• Performed security assessment on Azure AD structure
• Performed security assessment on Azure Hub-Spoke environment
• Performed automation tasks using Azure ARM Templates, Terraform, Shall/PowerShell scripts to implement security solutions
• Enable/Disable Security Policies in Azure Security Center for all Subscriptions
• Validated teh Azure subscriptions for Security controls before going into production.
• Involved in determining Encryption Policies for Azure Resources.
• Worked in User Account Management (SSO/SAML) and multifactor autantication.
• Involved in security assessment while moving on-prem applications to cloud.
• Experienced in Azure features which include Azure Security Center, Virtual Machines, Virtual Networks, Network Security Groups (NSG), Application Gateways, Load Balancers, Storage Accounts, Access Control (IAM), Azure Active Directory, RBAC, Recovery Service Vault
• Identify recommendations in Azure Security Center and GCP Security Command Center and Implement as required
• Experienced in Azure Sentinel, IBM QRadar SIEM tools.
• Automation Cloud Security Tasks and monitoring tasks wif PowerShell, Python and Shall scripting
• Planning and implementing Disaster Recovery solutions, capacity planning, data archiving, backup/recovery strategies, Performance Analysis and optimization.
• Setup Alerting and monitoring using Stack driver in GCP
• Experienced in GCP features which include Google Compute engine, Google Storage, VPC, Cloud Load balancing, IAM
• Created Bastion Servers to access VMs in VPC and VNets
• Build, maintain and manage central security policies for Azure cloud infrastructure.
• Azure Security Center monitoring to address threats and resolve security vulnerabilities.
• Analyze security data and report on threats and incidents across various platforms and environments
• Configured Network Security Groups for Subnet and NIC level for Azure Virtual Machines
• Configured Azure VPN gateway and established Site-to-Site connectivity.
• Configured User defined routes to route traffic between teh Azure Networks
• Configured Recovery Service Vault for Backups.
• Configured DR for Azure VM’s using Azure Site Recovery (ASR)
• Identify risks and vulnerability reported in Azure security center and GCP Security Command Center and remediate them.
• Implemented all aspects of Google Cloud (GCP) Security including IAM Roles, User and Group Management, 2SV/MFA, Securing VPC's, Firewall Rules, Encryption, Vulnerability scanning.
• Implemented and monitored Google Cloud (GCP) Secret Management using KMS
• Implemented Google Cloud IAM roles on Organization, Project and resource level
• Implemented and monitored GCP Cloud monitoring and Logging (Stackdriver)
• Configured Pub/Sub to send logs from Google Cloud (GCP) to IMB QRADAR and Splunk using Terraform

Environment: Azure Cloud, Google Cloud Platform, Azure Security Center, GCP Security Command Center, Azure Firewall, CISCO ASAv, Azure ARM Templates, Terraform, Shall/PowerShell scripts, Harness, Chef, Palo Alto Prisma

Confidential

Cloud Engineer

Responsibilities:

• Responsible for Security Assessment and Security architecture definition for teh Cloud environment
• Responsible for teh day-to-day administration of key security tools such as Vulnerability Management Systems, Endpoint Protection systems, Cloud Access Security Broker (CASB) solutions, Security Incident & Event Management (SIEM) systems, intrusion detection and prevention systems (IDPS)
• Performed in-depth investigation of indicators of compromise (IOC) identified during security monitoring activities and built Playbook to automate investigation and response.
• Experienced in ARM Template, JSON, PowerShell, Shell scripting
• Build, maintain and manage central security policies for Azure cloud infrastructure.
• Azure Security Center monitoring to address threats and resolve security vulnerabilities.
• Remediate Container image scan results and alerts.
• Analyze security data and report on threats and incidents across various platforms and environments.
• Enable Identity & Access Management using AD, Azure AD and Privilege Identity Management.

Confidential

Sr. Storage Engineer

Responsibilities:

• Experienced in FC/FCoE/iSCSI/CIFS/NFS connection technologies
• Experienced in Storage/Backup Design, Implementation, Migration and Administration of EMC Symmetrix/DMX, VMAX/VMAX-3 VMAX/AFA, XTREMIO, VPLEX, Clariion FC/CX/VNX/VNX-2/Unity Flash/Isilon/Data Domain Storage Arrays and NetApp Arrays.
• Experienced in NAS implementations and Administration of Celerra/VNX/Unity for File, Isilon OneFS 6.5.5/7.2.0/8.0.0 and NetApp FAS/V-Series/AFF Clusters.
• Experienced in Datacenter consolidation and Migrations
• Experienced in Remote and Local Replications for DR Solutions
• Experienced in storage performance tuning and capacity planning and troubleshooting