Ankit Kumar
Summary
With a total experience of 5 yrs and a foundational grounding in Azure infrastructure operations, I've evolved my professional trajectory towards cybersecurity. Building on this cloud-focused background, I've immersed myself in the domains of endpoint defense, Information protection, Data loss prevention, threat intelligence, vulnerability assessment, Identity & Access Management (IAM) ,Privileged Access Management (PAM) and Security Assessment.
Overview
5
5
years of professional experience
Work History
Cloud Technical Lead
Insight
01.2023 - Current
- Act as an Advisor to CISO
- Lead team of 20+ to formulate plan and execute security governance
- Lead team to help customer in security assessment for Azure infrastructure and provide recommendation and remediation plan
- Help customer identify application level, Network level, OS level vulnerabilities(internal/external) and remediation plan to address based on criticality
- Ensure solutions meet industry-specific compliance standards (e.g.
- HIPAA, GDPR, PCI-DSS)
- Use Azure-native tools like Azure Security Center, Azure Policy, and Azure
- Blueprints to enforce security policies
- Develop and implement cloud security strategies and best practices across azure and aws
- Implement Microsoft Defender for Identity to help protect on-prem user identities and lateral movement
- Implementation, migration to Defender for Endpoint/Defender for
- Servers to protect endpoint workstation devices and server against threats
- Configure Tenable.SC, Tenable.IO to help customer scan and remediate vulnerabilities emerging in an on-going process
- Creation of process to help Discover, identify, classify, and protect sensitive data that is business critical, then manage and protect environment
- Help customer in implementing Microsoft Purview in Audit, Data Map and Data Catalog, Communication Compliance, Information Protection
- Data Life cycle Management, Insider Risk Management, Data Loss
- Prevention
- Implement data encryption at rest and in transit
- Design and implement backup, disaster recovery, and business continuity solutions using services like Azure Backup and Azure Site Recovery
- Conduct threat hunting, incident response, and remediation activities using Defender suite
- Details
Cloud Technical Lead
Hanu Software Solutions
07.2022 - 01.2023
- Design, plan, and implement Azure infrastructure solutions
- Design, plan and implement PIM (Azure), PAM (Beyond Trust, CyberArk) by right-sizing access control
- Develop standards and approaches to enable seamless and secure integration of PAM solutions
- Determine the most appropriate Azure services and configurations based on requirements
- Factor in scalability, performance, resilience, and cost in designs
- Design and manage Azure Active Directory (AD) including user identities, roles, and permissions
- Implement role-based access control (RBAC) and other access policies to ensure the principle of least privilege
- Assess current AD, conditional access polices and provide recommendation to secure access
- Design and implement Azure networking components such as VNETs
- Subnets, VPN Gateways, Azure Firewall, Network Security Groups, and
- Application Gateway
- Ensure secure and efficient connectivity between on-premises and Azure environments
- Work closely with developers, IT teams, and stakeholders to understand their needs and translate them into technical requirements
- Create and maintain detailed architectural diagrams and documentation
- Set up Azure Sentinel for a cloud-native SIEM solution, collecting security data across hybrid environments
- Monitor resource utilization and costs with Azure Cost Management
- Migration planning from OnPrem to azure
- Lift and shift, modernize
- Containerize
- Perfrom Wave planning and help in approval process by identifying any risks associated
- Experience in Active directory migration from 2008r2
Senior Cloud Engineer
Hanu Software Solutions
01.2021 - 06.2022
- Experience in configuring and managing Azure security services, such as
- Azure Security Center, Azure Firewall, and Azure Sentinel
- Skilled in setting up and managing endpoint security solutions, including
- Microsoft Defender for Endpoint and third-party tools
- Experienced in vulnerability management, including vulnerability scanning, assessment, and remediation
- Strong understanding of security compliance frameworks and standards, such as SOC 2, ISO 27001, and GDPR
- Knowledge of identity and access management (IAM) and authentication protocols, including Azure Active Directory and Multi-Factor
- Authentication (MFA)
- Deploy, manage, and scale virtual machines (VMs), networks, storage accounts, and other Azure resources
- Design, implement, and manage virtual networks, subnets, VPNs, network interfaces, and routing
- Design and manage data storage solutions like Azure Blob Storage, Disk
- Storage, File Shares, and more
- Implement security best practices for infrastructure components
- Develop automation scripts using Azure CLI, PowerShell, or other scripting languages to streamline infrastructure tasks
- Implement and test disaster recovery solutions using Azure Site Recovery and other tools
- Evaluate on-premises or other cloud infrastructure to determine migration readiness
- Choose appropriate Azure migration tools such as Azure Migrate, Azure
- Site Recovery, or third-party solutions
- Configure the Azure environment to receive the migrating workloads, including setting up virtual networks, storage, and relevant configurations.
Cloud Engineer
Hanu Software Solutions
11.2018 - 12.2021
- Design and develop cloud infrastructure solutions in Microsoft Azure based on client needs, industry best practices, and Microsoft guidelines
- Deploy and configure cloud infrastructure solutions in Microsoft Azure, including virtual machines, storage accounts, networking, and security resources
- Monitor, maintain, and optimize Azure infrastructure solutions to ensure optimal performance, availability, and security
- Automate deployment and management tasks using Azure automation tools such as PowerShell, ARM templates, and Azure DevOps
- Monitor and optimize Azure infrastructure costs by identifying opportunities to reduce waste and optimize resource utilization
- Provide on call technical support and troubleshooting assistance to clients, resolving issues related to Azure infrastructure resources and services.
Education
B. Tech - Computer Science
BIT
Skills
- IT Project Management
- Azure Infrastructure
- Azure VPN
- Azure Networking
- Azure firewall
- Azure storage
- Microsoft defender for Endpoint
- Defender for cloud
- Defender for identity
- Information Security
- Data Migration
- Penetration Testing
- Virtual machines
- Penetration testing
- Vulnerability management
- AD management
- IAM
- RBAC
- Azure policies
- Azure governance
- Azure security
- Security Consulting
- Vulnerability assessment
- Information Protection
- Data Labelling
- Threat Mitigation
- Security Assessment
Accomplishments
- AZ-300: - Azure Solutions Architect Expert
- AZ-301: - Azure Solutions Architect Expert
- AZ-500: - Microsoft Azure Security Technologies
- SC-100: - Microsoft Cybersecurity Architect
- SC-200: - Microsoft Security Operations Analyst
- SC-300: -Microsoft Identity and Access Administrator
- SC-400: - Administering Information Protection and Compliance in
- Microsoft 365
- Nessus Fundamentals
- Tenable Vulnerability Management Specialist
- Tenable Security Center Specialist
Timeline
Cloud Technical Lead
Insight
01.2023 - Current
Cloud Technical Lead
Hanu Software Solutions
07.2022 - 01.2023
Senior Cloud Engineer
Hanu Software Solutions
01.2021 - 06.2022
Cloud Engineer
Hanu Software Solutions
11.2018 - 12.2021
B. Tech - Computer Science
BIT