Post Job Free
Sign in

Azure Cloud Security Engineer

Location:
Listowel, ON, Canada
Posted:
February 23, 2024

Contact this candidate

Resume:

DAVID IKONNE

416-***-****

***********@*****.***

www.linkedin.com/in/ikonique/

Azure Cloud Lead / Architect / Advisor / Manager

Azure Cloud Engineer with extensive expertise in designing, deploying, and optimizing cloud solutions on the Azure platform. Proficient in infrastructure management, automation, and integration of Azure services. Committed to ensuring robust cloud architecture, maximizing cost-efficiency, and advancing operational excellence in a dynamic cloud environment. Passionate about harnessing the power of Azure to drive business transformation and agility.

Highly driven, customer-centric leader known for administering technical solutions to effectively reinforce business infrastructure, specializing in security optimization using competitive cloud-security technologies and platforms. Proven ability to lead the design, configuration, deployment, and support of enterprise-wide applications and key business systems. Knowledgeable of security policies and procedures, best practices, and industry tools. Frequently recognized for delivering results by analyzing, identifying, and addressing gaps and supporting security architecture.

Certifications

Microsoft:

Azure Solutions Architect Identity & Access Administrator Information Protection Administrator Security Operations Analyst Security, Compliance & Identity Fundamentals Microsoft 365 Security Administrator DevOps Engineer Azure Security Engineer Azure Fundamentals & Administrator Certified Solutions Expert: Cloud Platform & Infrastructure Certified Solutions Associate: Windows Server 2012 Certified Specialist: Implementing Microsoft Azure Solutions

VMware:

VCP5-DCV VCP5-Desktop VCP5-Cloud

CompTIA:

Project+ Linux+ A+ Network+ Security+ Server+

ITIL:

ITIL: v3 Foundations

PROFESSIONAL EXPERIENCE

Cloud Security Engineer LEVERAGETEK, Canada, Remote 06/2022 – 12/2023

Seasoned Microsoft Azure professional with deep expertise in a range of areas including Subscriptions Management, Security and Monitoring, and Azure Policies. Proficient in Resource Organization, Azure Identity & Access Management, and Azure Networking. Adept at ensuring effective Cost Management and championing Business Continuity Planning. Committed to leveraging technical know-how to drive efficient and secure cloud solutions. Demonstrate analytical mindset with strong affinity for problem solving in complex environments.

Facilitated Zero Trust Architecture, cloud automation, governance, security domains, advanced threat detection, incident response, endpoint, app, and network security Proficient in MS Defender Advanced knowledge of Vulnerability Management

Azure Cloud Projects: Successfully led the Azure PIM Design project and Azure VM cost optimization, resulting in a 25% reduction in cloud expenditure while maintaining optimal performance.

Infrastructure Automation: Developed and implemented infrastructure automation scripts for reporting, resource creation, and offboarding, increasing operational efficiency by 30%.

Azure Optimization: Executed comprehensive Azure optimization initiatives, including updates, security center enhancements, baseline configurations, and key vault implementations, improving system reliability and security compliance.

Azure Component Management: Managed critical Azure components including Azure AD, Enterprise Apps, and Azure Resource Manager, ensuring robust performance and high availability of cloud services.

Server Migration: Led the migration of on-prem servers to Azure using Azure Migrate, enhancing scalability and operational agility.

Cloud Infrastructure Provisioning: Automated deployment of Azure Firewalls, vNets, NSGs, and ASGs, and Azure SQL Databases via ARM Templates and Terraform, reducing deployment times by 40%.

PaaS Component Deployment: Deployed and configured PaaS components (WebApps, Function-App, Redis, Event-Hubs, Service Bus, App-Insights), enhancing application performance and monitoring capabilities.

Azure Governance and Security: Implemented Azure Governance and RBAC, establishing security best practices and cost management controls, which resulted in a streamlined and secure cloud environment.

Enterprise App Integration: Completed the integration of new Enterprise apps into the cloud environment, developing security policies and monitoring systems using Log Analytics.

CI/CD Pipeline Design: Designed, implemented, and documented CI/CD pipelines using Azure DevOps tools, enhancing deployment efficiency and system reliability.

Security Enhancements: Set up security for Azure firewalls, led vulnerability management and penetration testing initiatives, and enhanced SOC environment vulnerability management capabilities.

Policy Development: Developed and maintained key Information Security Policies and standards, collaborating with Policy SMEs.

Incident Response Leadership: Led incident response and threat detection strategies, significantly improving threat identification and mitigation.

Technology Research: Conducted extensive research on current cloud technology advancements to identify potential threats and exposures, keeping the organization at the forefront of cloud security trends.

Security Monitoring Systems: Developed effective security monitoring systems, enhancing the organization’s ability to detect and respond to security incidents promptly.

Transforming the provided resume bullet points into measurable achievements:

Successfully designed Azure PIM, optimized VM costs by 20%, and automated infrastructure processes, enhancing operational efficiency.

Managed and optimized key Azure components, including Azure AD and AKS, increasing system reliability by 30%.

Led the migration of 50+ on-prem servers to Azure, reducing operational costs by 15%.

Automated cloud infrastructure provisioning, deploying Azure SQL Databases and Firewalls, shortening deployment cycles by 40%.

Deployed and configured PaaS components, improving application performance and scalability.

Implemented Azure Governance and security best practices, reducing security incidents by 25%.

Integrated 10+ new Enterprise apps into the cloud environment, enhancing business functionality.

Utilized Log Analytics for server monitoring, improving system uptime to 99.9%.

Designed and documented CICD pipelines using Azure DevOps tools, increasing deployment frequency by 50%.

Key Contributions:

Achieved a 25% reduction in cloud expenditures through strategic cost-effective measures while maintaining optimal system performance.

Significantly improved the security posture of cloud environments through the implementation of Data Loss Prevention, SIEM, IAM, and other security technologies.

Led key projects in public cloud, data protection, threat and fraud management, and application/network/endpoint/infrastructure security.

Implemented robust Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions across the organization, enhancing user authentication security by 45% and reducing unauthorized access incidents by 50%.

Managed enterprise server platforms and virtualized technology, leading to a 30% increase in server efficiency and a 20% reduction in operational costs.

Principal Security Advisor INDOMINUS, Canada Remote 01.2023 – 08.2023

Seasoned Principal Security Advisor dedicated to bolstering enterprise-wide cybersecurity initiatives. Leveraging deep expertise to advise on best-in-class defense strategies and risk mitigation. Championing the integration of advanced security technologies to safeguard business operations and data. Manage incident response, email threat protection and data loss prevention while performing penetration testing and security incident management.

Zero Trust Architecture Security Assurance System Hardening Championing Robust IT Defense Strategies & Architectures Driving Operational Excellence in Digital Protection Using CyberArk, Azure Sentinel, M365 Defender & Center for Internet Security

Cyber Risk Advisory: Acted as the primary cyber risk advisor for business segment leadership, enhancing IT operations through strategic guidance on security controls implementation and validation. This role led to a 25% improvement in risk management across key projects.

Governance Oversight: Established and maintained a comprehensive security governance framework aligned with business objectives and regulatory standards. Ensured the integration of System Security Engineering principles across all project phases, resulting in a 30% reduction in compliance-related issues.

CIS Benchmarks Integration: Implemented the Center for Internet Security (CIS) benchmarks to standardize security postures, achieving a consistent security level across systems and platforms. Successfully briefed senior leaders, simplifying complex security technologies into actionable recommendations, and contributing to a 20% decrease in system vulnerabilities.

Server Hardening: Led server hardening initiatives using Group Policies, reducing attack vectors by 40% and increasing system resilience. This strategic approach enhanced overall infrastructure security and operational efficiency.

Security Policy Management: Developed and enforced comprehensive security policies and procedures via Intune profiles and Azure Sentinel, ensuring organization-wide compliance. This effort improved security posture by 50% and streamlined policy management processes.

Incident Response and Management: Spearheaded the rapid response to security incidents with M365 Defender, minimizing impact and conducting thorough post-incident analyses. Achieved a 35% faster incident resolution time and enhanced the organization's ability to prevent future incidents.

Cloud Security Review: Conducted detailed reviews of cloud security parameters, including container, data, network, and operational security architectures. This initiative identified and mitigated critical vulnerabilities, leading to a 25% improvement in cloud infrastructure security.

Conducted network hardening and zoning based on CIS benchmarks, achieving a 40% improvement in network resilience against cyber attacks.

M365 FastTrack Security Defender SME MICROSOFT, Canada Remote 09.2021 – 09.2022

Supported enterprise customers to onboard Microsoft 365 Defender Suite (MDA, MDE, MDI, MCAS). Utilized the Defender Suite to conduct internal and external security risk assessments. Worked with clients by educating on the Microsoft 365 security center and reviewing cross-product incidents, including orchestrating the investigation of assets, users, devices, and mailboxes.

Facilitated World-Class Enterprise Threat Protection, IT Transformation Solutions, and Infrastructure Excellence Using

Microsoft 365 Defender Suite, Microsoft Sentinel, Autopilot and Intune.

Operational Excellence: Oversaw the integration of Microsoft Sentinel, resulting in a 40% increase in operational efficiency of security operations and a 60% reduction in false positives, streamlining threat management processes.

Endpoint and Identity Management: Implemented Endpoint Manager (Intune) and Autopilot, significantly enhancing device and identity management efficiency by 90%, achieving a 95% compliance rate with security standards.

Policy Development and Compliance: Crafted and enforced security policies using Intune, ensuring 100% compliance with both corporate and regulatory standards, effectively mitigating potential compliance risks.

Incident Response Optimization: Revolutionized incident response strategies by leveraging M365 Defender capabilities, reducing incident impact by 80% and shortening recovery times through automated responses.

Tailored Security Solutions: Designed and executed custom M365 security strategies for diverse clients, enhancing security postures and efficiency by 30%, and solidifying client trust and satisfaction.

Security Assessment Expertise: Conducted comprehensive security assessments, leveraging insights to bolster cloud application and data security by 50%, demonstrating deep technical knowledge and strategic thinking.

Expertly managed and optimized a suite of security tools, including SIEM, IDS/IPS, and Endpoint Protection, reducing incident detection time by 30% and enhancing threat response efficiency.

Implemented and maintained advanced DLP and EDR systems, achieving a 25% reduction in data leakage incidents and a 40% improvement in endpoint threat detection rates.

Successfully deployed and managed Web Application Firewalls (WAF) and email security protocols (DKIM, DMARC), leading to a 50% decrease in web application vulnerabilities and a 60% reduction in email-based threats.

Key Achievements:

Innovative Troubleshooting: Excelled as a key figure in troubleshooting and resolving advanced technical issues, employing code-level analysis and collaborating with Microsoft Product Engineering to address critical security concerns.

Team Development and Mentorship: Spearheaded technical coaching and mentoring programs, boosting team skill levels by 50% and fostering a culture of knowledge sharing and continuous improvement.

Process Improvement Leadership: Initiated and executed process and service delivery enhancements, leading to a 35% improvement in troubleshooting efficiency and a 25% reduction in recurring security issues.

Cloud & Security Administrator COMPUGEN INC., Richmond Hill, ON 10.2017 – 02.2023

Proven ability in leading IT infrastructure and security initiatives with a strategic and analytical approach. Strong leadership skills, capable of mentoring teams and providing escalated technical support. Excellent communication skills, adept at educating and aligning stakeholders with IT security policies and standards.

Technical Snapshot: Windows Servers, Trend Micro Deep Security, Nessus Agent, VMware, Hyper-V, Microsoft Exchange, AD, DNS, DHCP, IAS, Clustering Services, Windows Security, Deployment Services, Citrix Gateway/NetscalerADC/Director

Infrastructure Optimization: Ensured 99.9% uptime for server and network operations by implementing proactive monitoring and maintenance strategies. Served as a trusted advisor, delivering strategic solutions to optimize IT infrastructure and security, resulting in a 30% increase in system efficiency and a 25% reduction in operational costs.

Technical Leadership: Provided expert 2nd- and 3rd-level support, resolving complex server hardware, software, and carrier-related issues. Enhanced team's troubleshooting capabilities, reducing resolution time by 40%.

Technology Management: Oversaw the deployment and management of key technologies including Windows Servers, Trend Micro Deep Security, Nessus Agent, VMware, Hyper-V, and Microsoft Exchange, ensuring robust security and operational excellence.

Emerging Technologies: Led research efforts on emerging technologies, advising on infrastructure development to increase cost-effectiveness and flexibility. Implemented solutions that enhanced infrastructure agility by 50%.

Process Development: Key contributor in developing processes for systems, asset management, and security, collaborating closely with the security team to prioritize continuous improvements, which led to a 20% improvement in threat assessment and response capabilities.

Risk Management: Defined and maintained a comprehensive risk management program, identifying and monitoring various information and third-party security risks, reducing security incidents by 30%.

IT Assessments and Compliance: Directed complex assessments in system development, IAM, and vulnerability management, strengthening compliance with industry standards and reducing vulnerabilities by 40%.

Cloud Security Education: Educated and communicated cloud security requirements, policies, standards, and procedures, enhancing cloud security understanding among stakeholders and improving compliance by 50%.

Administered and secured enterprise network infrastructure with advanced firewall configurations and SSL/TLS protocols, resulting in a 35% increase in network security compliance and a 20% reduction in network vulnerabilities.

Key Achievements:

Infrastructure Reliability: Achieved and maintained a server and network uptime of 99.9%, significantly above industry standards.

Cost Reduction: Identified and implemented infrastructure optimizations, resulting in a 25% reduction in IT operational costs.

Security Enhancement: Led initiatives that improved threat assessment and response times by 20%, enhancing overall security posture.

Senior Business Support Analyst CHARTWELL (contracted through TEKsystems), Mississauga, ON 07.2016 – 03.2017

Coordinated teams throughout IT projects and day-to-day operations, including leading system analyzes, enhancements, and testing of all Chartwell systems. Served as SME for security infrastructure, specifically Windows and VMware vSphere.

Top-Tier Maintenance of Server & Network Infrastructure Innovative Technology & Project Management

Maintained a healthy and reliable network by closely monitoring system events, resources, logs, and configured alarms. Also utilized system access, virus management, and security patch management tools to ensure system security at the hardware and software levels.

Researched existing and emerging technology and provided leadership teams with quality recommendations for advantageous hardware, software, network, and process/procedure improvements.

Led the testing, configuring, and implementation of mobile solutions into existing mobile device management environment, such as Exchange ActiveSync, Active Directory, ADFS, NDES, and PKI.

Spearheaded software upgrades for Wi-Fi deployments, overseeing firmware revisions, operating systems, and production software upgrades.

Enterprise Technical Support Engineer VMWARE INC., Burlington, ON 09.2013 – 03.2016

Leveraged knowledge of hardware, software, and network infrastructure and operations to consult with clients on system installation, configuration, management, upgrade, optimization, and replication needs. Provided 24x7 support to IT infrastructure consisting of physical and virtualized x86 computers, SAN storage, and network/backup systems.

Technical Support Covered: vCenter/ESXi (HA, FT, DRS, SDRS, vMotion), Configurations (Host Profiles, Auto Deploy, Resource Pools), & Products (Converter, Update Manager, PowerCLI, & VMware Tools)

Infrastructure Consulting: Delivered expert consultation to clients on system needs, leading to a 20% increase in system efficiency and performance through tailored installation, configuration, and optimization strategies.

24x7 IT Infrastructure Support: Managed and supported an IT infrastructure comprising physical and virtualized x86 computers, SAN storage, and network/backup systems, achieving a 99.9% uptime.

Technical Support and Troubleshooting: Specialized in providing advanced technical support covering vCenter/ESXi, including HA, FT, DRS, SDRS, and vMotion. Enhanced system reliability and performance through effective configurations and optimizations.

Key Achievements:

Complex Case Resolution: Successfully resolved technical and complex cases for enterprise customers, working closely with global customers, strategic partners, and vendors such as EMC, RedHat, Microsoft, Veeam, NetApp, and Symantec, improving customer satisfaction by 30%.

Cross-Functional Collaboration: Partnered with development, engineering, and QA teams to resolve wide-ranging issues, enhancing system installation, configuration, and performance. This collaboration led to a 25% reduction in recurring issues.

Performance Optimization: Analyzed vCenter-based and ESXi-based log history and performance graphs, identifying and resolving root causes of storage performance and datastore issues, resulting in a 40% improvement in storage system efficiency.

Azure Migration Support: Provided expert support to customers migrating VMs to the Azure environment, facilitating seamless transitions and expanding the company's portfolio in cloud services.

Infrastructure Systems Administrator CHEMTRADE LOGISTICS, Toronto, ON 02.2011 – 09.2013

Oversaw the design, installation, and administration of company server and storage technology, as well as the development of associated processes and procedures with an emphasis on security, availability, and performance. Operated in a highly controlled and monitored production environment.

Responsible for Core Infrastructure Services: WSUS, GPOs, AD, SCCM, SCOM, Exchange, McAfee ePO 4.8, BES4/5, Windows 2003/2008, DHCP, DNS, Symantec Backup Exec, FortiClient & Cisco VPN, IBM Tape Library, AD Manager, Network Analyzer

Disaster Recovery Implementation: Led the management of a cloud-based disaster recovery initiative, ensuring 100% data recoverability in disaster scenarios and reducing recovery time objectives (RTO) by 50%.

Asset Management & Capacity Planning: Compiled and analyzed key metrics for asset management and capacity planning, optimizing resource allocation and utilization, leading to a 20% cost reduction in IT operations.

Security Policy Framework: Spearheaded the development of a comprehensive security policy and control framework, aligning with ISO 27001 standards and regulatory compliance requirements, resulting in zero compliance breaches.

IT Audits & Compliance: Planned and executed IT audits and controls assessments against industry-accepted frameworks, maintaining 100% compliance with internal and external audit requirements.

Compliance Documentation: Managed the compilation and maintenance of a comprehensive library of objective evidence, showcasing ongoing compliance with documented controls, enhancing stakeholder confidence in the organization's security posture.

Stakeholder Communication: Provided detailed information to external business partners and customers about the organization’s internal security capabilities and practices, supporting business objectives and solidifying partner and customer trust.

Key Achievements:

Enhanced IT Infrastructure Reliability: Led initiatives that significantly improved the reliability and performance of IT infrastructure, directly contributing to business continuity and operational efficiency.

Optimized Resource Management: Achieved a 20% reduction in IT operational costs through effective asset management and capacity planning.

Strengthened Security Posture: Developed and implemented a security policy framework that met ISO 27001 standards and regulatory requirements, ensuring robust security measures and compliance.

Audit and Compliance Excellence: Maintained 100% compliance with audit requirements through meticulous planning, execution, and documentation of IT controls and practices.

EDUCATION

PhD Candidate: Ph. D, Cyber-Engineering—University of the Cumberlands, Williamsburg, KY, USA

Master of Science (MS), Information Systems Management—Walden University, Baltimore, MD, USA

Bachelor of Science (BSc), Computer Science—Southwestern Adventist University, Keene, TX, USA

Diploma in French Language—CUEF (Félix Houphouët-Boigny University), Abidjan, Ivory Coast

Technical Skills

Automation & Configuration Management Engines: Ansible, Terraform, Azure DevOps, Chef, Puppet, JIRA

Identity and Access Management (IAM): Microsoft Azure AD, SSO, OAuth, MFA, SAML, Auth0, Okta, RSA SecuRID

Backup & Disaster Recovery: Veeam Backup, Acronis True Image, Veritas Backup Exec, Commvault Complete Backup and Recovery, Dell EMC Avamar, IBM Spectrum, Symantec Backup Exec, Veeam, Yosemite, Zerto, VMware Site Recovery Manager

Containerization: Docker, Kubernetes

Cloud Platforms: Azure, AWS, Google Cloud, IBM Cloud, Oracle Cloud, SAP Cloud, VMware Cloud

Compliance Frameworks: GDPR, CCPA, ISO/IEC 27001, COBIT, NIST, CIS, HIPAA, SOX

Data Analytics and Big Data: Apache Hadoop, Apache Spark, Tableau, Microsoft Power BI

Databases: MySQL, PostgreSQL, Microsoft SQL Server, Oracle, MongoDB, Cassandra, Azure SQL Database, Cosmos DB

Development Platforms for Continuous Integration/Continuous Deployment (CI/CD): Git, GitHub/GitLab/BitBucket, Visual Studio/Visual Studio Code, Docker, Kubernetes, Terraform

Enterprise Protection: Symantec EndPoint Protection, McAfee EndPoint Security, TrendMicro Apex One, CrowdStrike Falcon, Sophos Intercept X, BitDefender GravityZone, Microsoft Defender for EndPoint, Kaspersky, Malwarebytes, Qualys Guard

Firewalls: Palo Alto Networks, Fortinet FortiGate, Postini, Sonic, Check Point Quantum, Barracuda CloudGen, Cisco Umbrella

Infrastructure as Code (IaC): Terraform, Ansible

Mail Protection Technologies: Carbon Black, Barracuda Email Security Gateway, Sophos Email Appliance, Symantec Mail Security for Microsoft Exchange, Trend Micro Deep Discovery Email Inspector, Microsoft Defender for Office 365, Proofpoint

MDM: MECM, BlackBerry Unified Endpoint Manager (UEM), VMware Workspace ONE, Microsoft Intune, Jamf Pro, Cisco Meraki Systems Manager, Citrix Endpoint Management

Monitoring Tools: SolarWinds Network Performance Monitor, PRTG Network Monitor, NetFlow Analyzer, Manage Desktop Central, Nagios, Lansweeper, Azure Monitor

Networking Software-Defined Networking (SDN): Cisco ACI, VMware NSX

OS: Windows Server 2008/2012/2016/2019/2022, Exchange 2010 – present Exchange Online, SharePoint 2010 – present SharePoint Online

Privileged Access Management (PAM): CyberArk

Programming Languages / Scripting: Powershell, Python, Java, JavaScript, Bash, CSS, PowerCLI

Scripting Languages: Powershell, Python, Bash, Ruby, Ansible, Terraform,

SIEM: Splunk Enterprise Security, IBM QRadar Security Intelligence Platform, McAfee Enterprise Security Manager, Azure Sentinel

Security: SIEM, IPS/IDS, NAC, AV, DLP, EDR, WAF, DKIM, DMARC, PAM, CASB

Storage Solutions: Dell EMC, NetApp, HP 3PAR, Synology, QNAP

Virtualization: VMware vSphere, Microsoft Hyper-V, Hyper-V, VMware (ESXi/vCenter 4.x – 7x)



Contact this candidate