Sharath Kumar Kannan

Okta, PAM, PI - Current Technologies:

• Created and put into use Okta solutions, such as lifecycle management, multi-factor authentication, and single sign-on (SSO).
• Developed and modified Okta scripts, policies, and workflows to satisfy certain organizational requirements.
• Continuously maintained and supported Okta infrastructure, guaranteeing high availability and execution.
• Centralized and automated user authentication and access control using the Okta IAM platform.
• Worked together with cross-functional teams to guarantee Okta's seamless integration with the current IT infrastructure.
• Continuously supporting my attempts to carry out both easy and difficult BAU tasks pertaining to Identity and Access Management.
• To improve the security of multi-factor authentication (MFA), YubiKey hardware tokens were implemented procedures for user authentication.
• YubiKey was integrated with Okta, an IAM platform, to give users an extra degree of security.
• Created and kept up-to-date documentation for IAM policies, procedures, and processes.
  
  

• Azure security centre- To work closely on Azure security alerts and to remediate those alerts to keep the Severs & Databases from all suspicious activities.
• Azure Firewall- Creating rule in Application level and Network level to filter the traffic from internet (Inbound & Outbound)
• Security Review- whenever the new servers are deployed the security check is done depending upon the requirement which is set to the servers.
• AZTS Dashboard- Regular scans in Azts dashboard and remediating the Azts controls and making the resources complaint. Monitoring Tools and Periodic scans:

OMS, Antimalware, Geneva, Disk Encryption & Open Port Validation scans- Which is done on Production environment via PowerShellscripts to validate OMS,

Antimalware and Geneva agents are installed, also to check the Disk is encrypted and to validate open Ports.

Service 360, Kevlar & Vanquish Monitoring: In S360 we do periodic observation and follow the State of Missed and In-SLA action items which are KPI’s of Azure and

creates a ticket and escalates to next level team to fix with ETA.

Kevlar and Vanquish: These two dashboards are checked regularly in order to verify the agent files are installed in the Production environment and escalating to next level team to work on Missed Azure resources

PAVC Dashboard Monitoring: (Patch, Antivirus, Vulnerability and Configuration) Daily monitoring is made on this dashboard (Power BI) to check on overall

vulnerabilities and provide the solution to the next level team to fix the issue.

Storage Account blob public access validation is done on weekly basis in order to check weather IP is restricted to Private, or it is open to all network and validating

from user end and restricting to Private with Prior information few will be in exceptions.

Ticketing Tools: Azure Devops, Azure Support Ticket, ICM

• Worked as Cloud Internal Support for existing AWS and Azure Servers.
• Worked on day to day service request on Azure and AWS servers.
• Deploying new servers for the existing and new project.
• Worked on Access Management (Virtual Network, Virtual Network Peering, VPN, Azure AD etc.,)
• Created cost estimation for Azure and AWS services for provisioning.
• Worked on Cloud advisory for cost optimization on regular interval.
• Worked on RCA (Root cause Analysis) and documented the daily support and troubleshooted activities.
• Creating CMR and eCMR(Change Management Request) for change request in CAB(Change Advisory Board) to explain getting approval before implementing the change.

Task Performed for Clients related ( Clients: CPS & Parata Systems):

• Deploy, Configure and Maintain compute on Azure Cloud.
• Worked and provided solutions on Azure Services for migration.
• Worked internally with team for providing solutions for client requirement.
• Deployed POC as an initial phase for client requirements on azure services.
• Develop and implement new process and document it in Azure.
• Worked on cloud infrastructure for software patching using Manage Engine Desktop central.
• Deployed Desktop central Manage Engine tool for POC in server on Azure VM.
• Deployed Jump box server on Jump box VNET which is peered to Production VNET.
• Configured Jump Box NSG rule for RDP access.
• Creating and configuring Azure Backup. Creating and configuring Azure Storage.

Roles & Responsibilities:

• Designed Architecture for Migration to Domains mapping to Comodo DNS globally.
• Provided a demo on designed architecture to customer.
• Provided a migration / workflow process.
• Used Comodo DNS to monitor Traffic through Cloud based Environment and real-time
• CDN Firewall protection.
• Collected event logs from domains in real-time to identify and block attacks based on rules managed by Comodo Cyber Security Operations Center (CSOC). It will also identify and block vulnerabilities found in the Open Web Application Security Project (OWASP) top ten lists.
• cWatch ships with built-in rules for the web application firewall (WAF) which provide the highest levels of protection for client’s website.
• We work on Manual Malware quarantine process as per final results in Firewall tasks include preventing SQL injections, preventing bot traffic.
• We customize several types of WAF policy, each with a set of constituent rules. We can enable or disable rules as required.

Tasks Performed:

• Work on an on-call based as Tier 2 offshore team and transition solutions for US Clients - Installing, Configuring, deploying and troubleshooting Linux Servers.
• Configuring Project public share folders using Sticky bit Creating New shares in NFS and SAMBA for Development Team.
• Creating NFS mounts for Linux network.
• Creating New Database, Restore backup of .sql, & backup of SQL.
• Allowing privileges on Mysql for remote connection.
• Level 1 troubleshooting Linux Server issues, Troubleshoot Network issues.
• Worked on Migration Plans for the clients, did effort hours calculations for migration.
• Worked on Solution documents for Migration did overall planning for migration and providing the high level architecture in AWS and AZURE.
• Provided many solutions to clients related to Technical Advisory.
• Coordinated with Migration team to perform Migration task and providing technical related queries.
• Setting up AMI for the different projects with required configuration.
• Deployed a staging environment in AWS cloud’s US East Ohio region consisting of over 100 EC2 instances, ASGs, S3 buckets etc. to help developers perform real time load and stress testing of their code.