Saif Sayed

• Owning and prioritizing project tasks leveraging Azure DevOps Boards.
• Improving Security Posture from an Identity Standpoint by leveraging the following :-

1. Microsoft Defender for Identity

2. PIM

3. Access Review

4. Conditional Access

5. AD Connect Hardening

6. Identity Protection (User Risk and Sign-in Policies)

7. Mitigation of vulnerabilities with reports from :

Purple Knight

PingCastle

BloodHound

Credential Theft Prevention

8. AD Security Tiering

9. LAPS

10. Baselining GPO as per NIST Framework

• Managing implementation of new features by outlining plans and specifications such as how, where and when each component would work.
• Collaboration with different teams for improvement in existing services and tasks.(JML Process, Hybrid Identity , IAM , Service Desk etc.)
• Identifying constraints and technical challenges.
• Contacted proper stakeholders to share changes to project scope and timelines.
• Brainstormed with peers and other members of design team to determine enhancements
• Managing multiple projects effectively in demanding environment with tight deadlines.
• Documentation wrt. SOP's, HLD's etc
• Suggesting enhancements in the current environment that would improve user experience.
• Identifying issues, analyzing information and providing solutions to problems.
• Conducting research, gathering information from multiple sources and presenting results with POCs.

Working as Digital Workplace Lead Consultant and Technical Architect contributing as a key contributor in design decisions in solutions like Active Directory, Azure Active Directory, Identity and Access Management Solutions and Azure Infrastructure as a Service.

• Leading Technical Designs for a highly regulated financial services customer and Assessing migration feasibility, identifying dependencies, and overcoming obstacles. • Troubleshooting issues while implementing solutions in the domain of :- o Active Directory Domain Services (AD / AD DS) o Active Directory Federation Services (ADFS) o Active Directory Certificate Services (ADCS / PKI) o Azure AD Connect (AAD Connect) o Azure Active Directory (Azure AD or AAD) o Single Sign-On o Application Migration o Azure IaaS

• Responsible of producing end-to-end solution roadmap, architecture, and designs, putting together technologies from multiple IT systems and departments across either the Application or Infrastructure domains.

• Responsible for Delivery of the right technology choices for clients’ businesses. This includes focusing on, enablement, demonstration, technical sales, internal evangelism, and technology strategy.

• Responsible for identifying business needs and leading the creation of detailed functional specs, Architecture/HLD diagrams, HLD/LLD

• Provisioning of technical mentorship on behalf of sub-competency to make sure implementations are in line with standard methodology and policy and meet the design requirements.

• Key Contributor in Assurance of technical quality and participation in Architecture Governance and Technical Design peer review processes, working closely with customer and internal partners as appropriate.

• Served customers across the globe by delivering Greenfield & Brownfield Deployments, Assessments and Design Review
• Discussions helping them make better decisions to achieve success on below technologies: -
• Active Directory (On-Premises Operations Management, Troubleshooting and Security)
• Azure Active Directory (Onboarding customers via Hybrid Identity using AAD Connect)
• AAD B2B and B2C
• Microsoft 365/AAD (Self Service Password Reset (SSPR), Azure AD Identity Protection, Privileged Identity
• Management (PIM), Company Branding, Application
• Provisioning, Azure RBAC, Azure Application Proxy, Audit Reports and Monitoring)
• Active Directory Federation Services (AD FS)
• Active Directory Certificate Services (AD CS / PKI)
• Azure IaaS & SaaS offerings
• Azure Update Manager
• Azure Key Vault
• MFA & Conditional Access
• Azure App Proxy & WAP

• Served Premier Customers across the globe by working on Break/Fix, Advisory and Disaster Recovery tickets as a part of the following Cloud Identity Team technologies: -
• Active Directory (On-Premises Operations Management, Troubleshooting and Security)
• Azure Active Directory (Onboarding customers via Hybrid Identity using AAD Connect)
• AAD B2B and B2C
• Microsoft 365 (Self Service Password Reset (SSPR), Azure / Microsoft Information Protection (AIP), Azure AD
• Identity Protection, Privileged Identity Management (PIM), Company Branding, Application
• Provisioning, Azure RBAC, Azure Application Proxy, Audit Reports and Monitoring)
• Active Directory Federation Services (AD FS)
• Active Directory Certificate Services (AD CS / PKI)
• Azure App Proxy
• Multi Factor Authentication (MFA)
• Key Vault
• O365 Admin Portal
• Custom Domains
• Web Application Proxy
• Conditional Access

• Managed Cloud Based Certificate Services including issuance of certificates from the portal, validated pending certificate requests and generated report for list of expiring certificates
• Published monthly dashboard for list of certificates nearing expiry and raised incidents related to the same with a resolution
• Conducted Classroom Training for Team Members and Service Desk Team on certificate renewal steps
• Prepared Active Directory for PKI deployment, designed CA hierarchy & certificate templates, verified MS PKI, secured CA hierarchy and implemented role-based separation
• Managed PKI migrations for clients based in Nordic regions
• Responsible for Knowledge Transfers for New Clients acquired by Capgemini

• Providing voice-based technical support to global customers as a part of the Escalation Team
• Troubleshooting environment and business down issues on Windows server 2003, 2003R2 2008, 2008R2, 2012 and 2012 R2
• Hands on experience of Group Policy Management and Troubleshooting
• Troubleshooting issues related to DFSR, DFSN and FRS
• Implementation & Troubleshooting issues related to Child/Tree Domain and Additional Domain Controllers
• Managing Trust Relationships between domains, Slow Logon Issues, FSMO Roles, AD Replication, ADMT, Disaster Recovery, Terminal Server Licensing, RODC
• Troubleshooting Account Lockouts, Authentication Issues (Kerberos/NTLM/PKI) ,LSASS, User Profiles, CSC
• Active Directory Federation Services Configuration and Troubleshooting
• Active Directory Certificate Services
• SSL/TLS Issues
• Certificate Enrollment using Web Services and Web Enrollment using IIS
• Key Recovery Agent and Data Recovery Agent
• Encrypted File Services (EFS)
• Network Device Enrollment Services and Smart Card Authentication
• Online Certificate Status Protocol (OCSP)
• Leveraging various Windows Integrated tools like PSTools, Netmon 3.4, Procmon, Perfmon, Certutil, PortQryUI etc

• Improved operations through consistent hard work and dedication.
• Managed team of employees, overseeing hiring, training and professional growth of employees.
• Exceeded goals through effective task prioritization and great work ethic.
• Developed and implemented performance improvement strategies and plans to promote continuous improvement.

• Maintenance and Upgrade of Computer Systems and Peripherals
• Document Creation , Invoice Generation and Voucher Creation
• Generated reports covering details about business transactions