Amal V Nath

Act as primary contact for Identity and Access Management, implement or amend policies that align with Zero Trust concept.

Offered L3 support for Active Directory, Azure AD, and federation, resolving severe incidents within SLA and performing root cause analysis (RCA).

Established two-way trust between different business units and newly acquired BUs.

Administered Azure AD Connect sync, troubleshooting replication problems.

Organization-wide Conditional Access policy implementation (MFA, Geo Location blocking, etc.).

Developed and implemented Group Policies (GPOs), security baselines, and access controls according to various security standards.

DNS and DHCP server administration.

Identity Governance: Privileged users entitlement management and Privileged Identity Management (PIM) and Role-Based Access Control (RBAC).

Deployed Single Sign-On (SSO), Multi-Factor Authentication (MFA), and B2B/B2C integrations through SAML, OAuth, and OpenID.

Created technical documentation, such as Operational Manuals (KB Articles and SOPs), Design Documents, and RCA reports for reported P1 and P2 issues and for Problem tickets.

Exchange Online Administration (Email Trace, Mail Flow Rules, SMTP Integration for emails from Applications, Send Connector and Receive Connector configuration in both on-prem and Office 365, SSL Certificate renewal for on-prem Exchange server, Microsoft Purview: Organization-wide Data Retention policy configuration for email, OneDrive, etc., Mailbox Retention policy and utilize tools like eDiscovery and content search tools for fulfilling DSAR requests raised by the customer).

SharePoint Online Administration (File share migration from on-prem to SharePoint Online using SPMT tool, RBAC provisioning for folders inside SharePoint, SharePoint site-level security settings like external domain whitelisting, Application integration for reading SharePoint data or files by the 3rd party application, etc.).

PowerShell and Microsoft Graph-based scripting optimizing data gathering for presenting to the customer.

Active Directory Users, Groups, and Exchange Server Administration for L1 and L2 issues.

Entra ID Guest user ID creation and access provisioning.

Access-related problem troubleshooting by verifying sign-in logs.

SharePoint user access provisioning via RBAC.

Regular monitoring of Domain Controller health checkup like Replication status and AD Connect sync status and disk utilization proactively.

Configured email security features such as anti-spam and transport rules.

Automated user ID deletion or RBAC provisioning using Excel VBA and Automation Anywhere.

Fixed business-critical mail flow problems such as queues, NDRs, and connector failure.

Tier 3 support for Outlook clients and MFA-enabled access.

Created performance reports for leadership, including server health, storage trends, and future scalability requirements.

Controlled 50+ Windows Servers (Active Directory, DNS, DHCP) with 99.9% uptime for 1000+ users.

M365 Migration - Migrated 500+ mailboxes to Exchange Online with no downtime.

Installed Veritas NetBackup, managed backup job creation, day-to-day monitoring, and ensured data backup and redundant.

Configured FortiGate Firewall policies for LAN users, Guest WiFi users, and on-demand whitelisting of websites based on user requirements.

Managed Hyper-V server, VM creation, and decommissioning.

Led new store installations - sourced hardware, set up network equipment, and coordinated with vendors.

Implemented automated patch management (WSUS) and AD GPO.

Remote IT user support, troubleshoot, and solve AD user login issues, Outlook, and other business application support.

Kaspersky Antivirus server administration: Update antivirus application on end-user machines via policy.

Removable storage encryption configuration via policy.

Business application whitelisting via server-level policy.

DLP policy configuration for preventing enterprise data leakage.

Active Directory: User ID, group, distribution list, shared mailbox, contact creation, or deletion.

Group policy creation and troubleshooting GPO-related issues.