Arghya Neogi

Azure Infrastructure Support Team Lead

- Led a team of 3 engineers providing operational support for Azure infrastructure, ensuring high availability, performance optimization, and compliance across all cloud-hosted systems.

- Served as the primary liaison between technical teams, management, and stakeholders, translating business requirements into actionable infrastructure and support solutions.

- Facilitated Agile ceremonies, including daily stand-ups, sprint planning, and retrospectives, driving consistent delivery and process improvement.

- Delegated tasks, tracked project progress, and conducted performance evaluations to align team output with strategic goals.

- Mentored junior engineers in Azure best practices, cloud architecture, troubleshooting, and automation, fostering continuous skill development.

- Participated in hiring processes through technical interviews, candidate assessments, and onboarding of new team members.

Azure Infrastructure Management & Operations

- Designed and deployed scalable, secure Azure infrastructure using Azure Portal and Infrastructure as Code (Bicep), covering VMs, VNets, NSGs, Load Balancers, and resource groups.

- Configured and supported Azure services including App Services, Azure SQL, Azure Storage, Key Vaults, and Azure Functions.

Monitored system health and performance using Azure Monitor, Log Analytics, and Application Insights, ensuring minimal downtime and fast incident resolution.

- Conducted cost optimization initiatives using Azure Cost Management tools to reduce infrastructure spend while maintaining service levels.

- Documented system architecture, standard operating procedures, and incident resolution runbooks to support operational continuity.

Azure Networking & Security

- Configured and managed hybrid connectivity solutions such as VPN Gateway, ExpressRoute, and VNet Peering across multiple regions and subscriptions.

- Implemented Azure Application Gateway and Azure Front Door for global load balancing, WAF protection, and SSL offloading.

- Deployed Azure Firewall, UDRs, and NVAs for advanced traffic filtering and segmentation.

- Managed Private Endpoints, Service Endpoints, and Azure DNS zones to ensure secure and private connectivity to Azure resources.

- Diagnosed and resolved network issues using Azure Network Watcher tools including Connection Monitor, NSG Flow Logs, and IP Flow Verify.

- Tuned network performance and latency across multi-tier, distributed environments.

Microsoft Entra ID (Azure AD) & Identity Management

- Administered Microsoft Entra ID for user lifecycle management, group policies, RBAC assignments, and identity integrations across hybrid environments.

- Integrated Single Sign-On (SSO) with enterprise applications using SAML, OIDC, and OAuth standards.

- Enforced Conditional Access Policies based on user risk, device compliance, and geolocation to strengthen access security.

- Enabled and supported Multi-Factor Authentication (MFA), SSPR, and password protection features to enhance identity security posture.

- Managed enterprise app registrations, service principals, and delegated permissions via OAuth and Microsoft Graph.

- Deployed Identity Governance capabilities including Access Reviews, Entitlement Management, and Privileged Identity Management (PIM).

- Monitored and analyzed identity-related activities using Entra Admin Center and Azure logs for threat detection and compliance.

Azure Virtual Desktop (AVD) Deployment & Operations

- Designed and managed end-to-end AVD solutions including host pool setup, session host provisioning, application groups, and workspace configurations.

- Optimized multi-session Windows 10/11 environments for performance and cost-efficiency.

- Implemented FSLogix for profile container management to deliver persistent and fast user sessions.

- Managed access via RemoteApp streaming and full desktop assignments using RBAC and group memberships.

- Configured autoscaling plans to reduce compute costs based on usage patterns.

- Led migration of on-premises RDS/VDI environments to AVD with minimal user disruption and post-migration support.

• Executed subscription creation and decommissioning processes for Azure resources.
• Managed user and group maintenance in Azure Active Directory.
• Registered third-party applications in Azure AD tenant, granting admin consent to users.
• Created, maintained, and decommissioned servers on Azure Platform.
• Optimized costs associated with Azure platform usage.
• Migrated virtual machines from VMware to Azure using Azure Migrate.
• Configured backup and disaster recovery strategies for servers with Azure Backup and Azure Site Recovery.
• Established governance policies within Azure Platform using Azure Policies.

• Worked with in-house teams and all line of services cohesively to achieve organizational goals.
• Assess requirements to ensure cost effective solutions in line with compliance requirements.
• Engage in close monitoring with service providers to ensure quality output.
• Responsible for working on the escalated issues from L1 and L2 team on Windows Server Administration.
• Responsible for execution of any new projects as per business plans.
• Work with different service providers to ensure maximum IT service as per agreed SLA.
• Responsible for patch management and vulnerability management of servers.

• Installation of new/rebuild existing servers and configure hardware peripherals with standards and project operational requirements.
• Performing daily system monitoring, verifying the integrity and availability of all hardware, server resources, systems and key processes, reviewing systems and application logs.
• Performing regular security monitoring to identify any possible intrusions.
• Creation and deletion of user accounts as per request.
• Patch Management of servers.
• Performance tuning, hardware upgrades, resource optimization.
• In-Place operating system upgrades of the systems as and when required.