Abhishek Kulshrestha
Cloud Security Manager
Faridabad
Summary
Results-driven consulting professional with strong focus on strategic problem-solving and optimizing business operations. Known for effective team collaboration and adaptability in dynamic environments, ensuring reliable and impactful outcomes. Possesses deep expertise in project management, client relationship building, data analysis, and process improvement, coupled with proactive approach to meeting organizational goals.
Overview
9
9
years of professional experience
9
9
Certifications
Work History
Consulting Manager
Ernst & Young
02.2021 - Current
- Leading the global Cloud Security Posture Management (CSPM) solution at EY GDS, within the Cybersecurity Consulting practice, driving strategic initiatives to enhance cloud security frameworks, ensure compliance, and mitigate risks across multiple industries
- Engaged with multiple clients to move towards cloud-based solutions in Azure and AWS
- Working on the RFPs and deals specifically for the Europe and American region
- Helping the pre-sales team in technical components of the sales process
- Working with Application team in architecting applications to be cloud native
- Assisting Application developers in following secure application development in Cloud
- Work with a wide variety of stakeholders to understand business problem and customer requirements
- Supplied leadership and oversight for twenty cloud consulting resources, requiring mentoring and career development
- Creation point of view and Business case for the new services & Solutions to be introduced to the organization
- Conducted feasibility, cost studies, recommendations and designed cost-effective Cloud solutions
- Performed more than 22+ Security assessments across 3 organization in regulated industries of health care, banking, and Insurance
- Assessment included comprehensive methods of configuration reviews against the industries best practises as well as various aspect of IT within the organization, considering CIS, Azure security benchmark, NIST and CSA
- Directly responsible for examining results for providing specific recommendation for reducing risk to it assets within the environment, and for presenting the recommendation to executive management
- Consulted European Union insurance company to align with the industry best security practices to build their Azure Cloud Architecture
- Building identity governance model for Brazilian customer to improve their secure identity score
- Additionally, helping them to integrate their applications with Azure AD and implementing the SSO for some of the complex on-premises application
- Preparation of Application Migration / Modernization plan for the organizations to on-board them to Cloud
- Building solutions for the Cloud security within the organization for helping client with their Cloud transformation journey
- Leading Cloud security automation division within the organization
Senior Consultant
Mercedes Benz Research and Development Centre
09.2019 - Current
- Acting as a technical point of contact to guide customer to on-board to Data Science Platforms
- Working with Architects to build different solution in our environment e.g Backups, PIM
- Review the Architecture designs on the basis of Azure security benchmark, CIS, CSA and NIST
- Guiding the developers to make use of Cognitive services in their existing applications
- Helping the team with the escalated cases if it falls under my domain of expertise
- Understanding the HLD for any new architecture and providing KT to the offshore team
- Attending weekly calls with automation team to provide them the detailed information for the development tasks raised
- Acting as bridge between Azure AD and Azure Infrastructure team
- Managing security recommendation from the azure security centre
- And taking action based on the alert
- Encryption of VM disk which are having trouble during deployment
- Analyzing and reconfiguration of NSG rule to meet the Daimler standards
- Troubleshooting Azure AD app proxy issues as we are vividly using it for accessing the Webapps
- Recovering the VM’s if they fails to boot or if there is any RDP related issue
- Deployment of resources in Azure environments by Devops pipelines
- Assisting end customer with the CI/CD deployments and issue related to it
- Leading the project of IAM stream where I am responsible for below activities
- Identifying the usage of historic service principals in the environment
- Coordinating with the Daimler Azure AD team for the building automatic process creation and update of SPs
- Building a plan on the renewal of service principals
- Performing the POC for the artefacts which will get affected by the renewal of service principals
- Removal of double assignment of SPs
- Creation of custom RBAC roles according to the requirements
- Building a plan to clean up the data lakes and a strategy to make it more secure
- Resource planning for the team and assigning them the activities
- Creation of task and updating the dev ops board
- Communicating to the end customer if they have any queries
- Currently working with MS consultants in on boarding the AKS service on the platform considering all the security and network recommendation
- Currently implementing Privilege Identity Management in the complete environment
Technical Support Engineer
Microsoft (via Harman Connected Services)
05.2018 - 08.2019
- Acting as a technical contact, delivering advanced technical troubleshooting support and problem resolution including issues escalated to the highest levels of management
- Worked on below Components in Windows Servers
- Windows Azure Active directory, Microsoft Office365, Active Directory Federation Services (ADFS), Directory Sync tool (AD connect, Ad sync, Dirsync)
- Responsible for handling all escalations regarding (ADFS, Sync services and Account management)
- Azure active directory application integration and management
- Worked on Oauth, open ID protocol based and Saml based applications
- Working on the most updated Azure Active Directory features: Azure AD Conditional Access, Azure AD Connect Health, Azure AD Reporting, Azure AD Identity Protection, Azure AD Cloud App Discovery, Azure AD Privileged Identity Management, Azure AD Domain Services, Azure AD Seamless Single Sign-On (SSO), Azure AD Multi Factor Authentication, Azure AD Pass-through Authentication, Azure AD Application Proxy, Hybrid Azure AD Device Registration, SAAS Apps, Identity protection
- Designing and implementation of ADFS (Active Directory Federation Service)
- Installed and configured ADFS service and ADFS Proxy service on servers
- Worked with network team to put ADFS / ADFS Proxy servers under load balancer
- Installation and configuration of Office 365 relying party trust
- Working on Azure AD connect sync server to provision sync between on-premises to on-cloud and write back
- Configuring as well as troubleshooting Azure MFA server
- Assisting consultants the customer with password protection feature
- Worked with teams in setting up Hybrid Azure AD joins in the environment
- Helping the customers to build Cloud identity security solutions based on Microsoft recommendations
- Troubleshooting and explaining the identity protection features to customers
- Understanding of any new feature cycle from Preview to General Availability
Associate System Engineer
CGI Pvt. Ltd.
02.2016 - 04.2018
- VM creation using Azure Resource Manager (ARM)
- Creating Resource Groups
- Creating Virtual Network and Network Security Groups for Resource Groups
- Implementing the Security to the Virtual machines via NSG
- Creating Web Apps as per user requirements for Production
- Creating User Defined Groups (UDR)
- Database Creation and Maintenance
- Migration of on-premise databases to Azure Databases via DMA tool
- Creating and Publishing Azure websites
- Creating Images and Data disks from virtual hard disks and maintaining data disks
- Configuring SSL certificates for Azure web sites
- Implementing and Managing blob storage
- Configuring Internal Load Balancing
- Implementing point-to-site VPN and site-to-site VPN
- Implementing Virtual Network-to-Virtual Network connectivity via peering
- Replicating Azure VMs from one region to another via ASR
- Implementing Content Delivery Network and Configuring Custom Domains
- Configuring Network traffic rules
- Implemented Azure AD Connect for our clients with PHS configuration
- Performing Disk Encryption using key vaults
- Implementing transparent data encryption for Azure SQL server
- Implementing Cloud Security features based on Microsoft recommendation
- Implementation of Conditional access policies based on customers environments
- Understanding the HLD (High Level Design) of the new clients
Education
B.Tech - Computer Science
MDU University
09-2015
MBA - Consultancy Management
BITS Pilani
02-2025
Skills
Cloud-Based Solution Design
undefinedCertification
AZ-500 Microsoft Azure Security Technologies
Accomplishments
- Multiple Spot Awards from EY for exceptional performance.
- Pursuing innovation Award.
Personal Information
- Father's Name: Mr. Prashant Kulshrestha
- Date of Birth: 11/30/92
- Nationality: Indian
Timeline
Consulting Manager
Ernst & Young
02.2021 - Current
Senior Consultant
Mercedes Benz Research and Development Centre
09.2019 - Current
Technical Support Engineer
Microsoft (via Harman Connected Services)
05.2018 - 08.2019
Associate System Engineer
CGI Pvt. Ltd.
02.2016 - 04.2018
B.Tech - Computer Science
MDU University
MBA - Consultancy Management
BITS Pilani
Similar Profiles
Sivashankari ShaseederanSivashankari Shaseederan
Finance Manager at Ernst & Young Solutions LLPFinance Manager at Ernst & Young Solutions LLP
Abhijit ThakurAbhijit Thakur
SAP ABAP Developer- Associate Consultant 2 at Ernst & Young LimitedSAP ABAP Developer- Associate Consultant 2 at Ernst & Young Limited
Smiriti MittalSmiriti Mittal
Senior Consultant at Ernst & Young LLPSenior Consultant at Ernst & Young LLP