Active Directory Cloud Engineer
Resume:
Saint Paul, MN ***** 301-***-**** **************@*****.***
BERTRAND KUM
Innovative, driven, adaptable, and results-oriented Cloud Engineer professional showcasing 9+ years of experience spanning cloud infrastructure, experience in designing, implementing, and managing identity and access management solutions in Azure and OKTA, automation, improved scalability, and efficient deployments.
PROFESSIONAL
SUMMARY
User Lifecycle
Management- Okla Role
Based Access Control
(RBAC) Process
Improvement and
Automation Azure Active
Directory (Azure AD)
OAuth 2.0 and OpenID
Connect Active Directory
Audit Reporting Azure
APP registration
Microsoft AD Oracle
relational databases SQL
Server/ MySQL Azure AD
Connect Azure AD
B2B/B2C Federation
Protocols (SAML, WS
FederationForefront/Micro
soft Identity Manager
(FIM/MIM) Multi-Factor
Authentication (MFA)
Delinea (PAM solution)
Governance and
Compliance
Azure AD Conditional
Access Active Directory
SOC
It Skills-PowerShell
Scripting for Azure AD
automation On-prem to
Cloud migration Linux
IAM SSO Azure AD
Privilege Identity Access
Management (PIM)§ Cloud
Infrastructure
Management
Continuous Integration &
Deployment
Infrastructure
Automation
Containerization &
Orchestration
Configuration
Management Terraform
Bash Python Docker
Kubernetes JIRA
Tomcat GIT GitHub
Bitbucket Nexus Chef
Puppet Java
PowerShell PostgreSQL
SKILLS
AZURE AD/IAM ENGINEER 01/2016 to Current
UnitedHealth Group
WORK HISTORY
Manage, maintains, supports troubleshoots and optimizes Azure AD environment and suggests adjustments and new system designs for future needs
●
Configuration, integration and management of Azure AD Identities, Groups, App Registrations and SSO services
●
Facilitates relationship with external managed service provider to provide IAM services to 15,000 users
●
● Ensures timely response for over 24,000 IAM requests each year across enterprise
● Partners with HR and IT Finance to hire and train new IAM engineers
● Coordinated with IAM Engineers to implement Thycotic (PAM solution) across enterprise Architects' user provisioning/deprovisioning and role-based access control across enterprise for applications with and without SSO, and for applications with both legacy and modern authentication mechanisms
●
Partners with ServiceNow developers to automate service catalog items with Active Directory and to improve process workflows
●
Oversees internal user access request system and reviews approvals for multiple enterprise applications
●
AZURE CLOUD ADMINISTRATOR 01/2014 to 01/2016
Regions Bank
DATABASE/SENIOR LINUX ADMINISTRATOR 01/2009 to 01/2014 Optum
Internal and external point of contact on customer escalations and ensuring customer issues are resolved as expediently as possible.
●
● SLAs and provide best practice recommendations
● Resolve level 2 and 3 problems and issues related to Azure AD Development and upkeep of documentation relating to clients Azure Active Directory environments
●
● In-depth understanding of Azure AD Identities, Security Groups, Azure AD Roles Experience with Azure App registrations, SAML SSO, Azure Active Directory Connect and Azure Portal Administration
●
● Knowledge of Office 365 Management Suite and PowerShell Designed and implemented Azure IAM solutions for clients, ensuring secure access to cloud-based resources and applications
●
Configured and managed Azure AD, including user provisioning, group management, and policy enforcement
●
Implemented Single Sign-On (SSO) solutions using federation protocols such as SAML and WS-Federation, enabling seamless access to cloud and on-premises applications
●
Developed PowerShell scripts to automate identity management processes, improving efficiency and reducing manual effort
●
Integrated Azure AD with third-party identity providers, enabling external user access through Azure AD B2B/B2C
●
Implemented Azure AD Conditional Access policies to enforce granular access controls based on user, device, and location
●
Configured Azure AD Privileged Identity Management (PIM) to enforce just-in-time access and monitor privileged access to Azure resources
●
Implemented Multi-Factor Authentication (MFA) for enhanced security, leveraging Azure MFA and third-party MFA solutions
●
Conducted security assessments and audits, ensuring compliance with industry standards and best practices
●
Collaborated with cross-functional teams, including developers, network engineers, and security teams, to implement comprehensive identity and access management solutions.
●
● Perform automation tasks in PowerShell, Azure CLI and JSON form ARM templates
● Deployment of Virtual Machines to Virtual Networks using Azure portal or PowerShell Working Experience with Microsoft Azure Administrator like configuring availability sets, virtual machine scale set(VMSS) with load balancers, Virtual networks, network security group (NSG), Docker and Kubernetes
●
Configuration of Azure Virtual Networks, Subnets, DHCP, DNS, Network Security Groups, Load Balancers, Front door, Application Gateway, and Traffic manager
●
● Provision, manage and monitor storage accounts
● Ability to install Operating System on Servers and Devices
● Ability to work on IoT devices
● Create and configure Network security group
● Generation Monthly health check reports of VM's in Log Analytics. Linux Infrastructure Management: Maintained City's Linux infrastructure, including servers, applications, and networks, delivering secure foundation for city's critical IT systems and services while adapting to evolving technological demands.
●
Database administration: Supporting multiple databases for production, development, test and staging purposes on Linux and Windows environments. Performance tuning, upgrades, Backup and Recovery, Database security, Database Migration, Replication and Applying upgrade patch, maintenance and interim (opatch) patches on all the databases.
●
Server Configurations & Security Policies: Devised and implemented Linux server configurations and security policies, fortifying infrastructure defenses, minimizing vulnerabilities, and safeguarding sensitive data against potential threats.
●
Performance Monitoring & Troubleshooting: Monitored server performance, proactively identifying issues, and swiftly resolving them to maintain optimal system functionality,
●
minimize service disruptions, and enhance overall system reliability. End-User Technical Support: Provided comprehensive technical support and assistance to end-users, fostering seamless system usage, enhancing user satisfaction, and ensuring effective resolution of technical challenges.
●
· System Backups & Recovery: Executed rigorous system backups and recovery procedures, safeguarding critical data, enhancing disaster recovery capabilities, and ensuring continuity of essential services in the face of unexpected incidents.
●
Automation & Scripting: Developed and maintained automation scripts and tools, streamlining processes, reducing manual labor, and promoting resource utilization, ultimately boosting productivity and system performance.
●
Software & Hardware Configuration: Installed and configured software and hardware components, enabling seamless integration with existing systems, maintaining compatibility, and optimizing system performance in a dynamic landscape.
●
SQL Optimization: Monitored database performance and fine-tuned SQL queries to maximize performance, ensuring rapid data retrieval, supporting informed decision-making processes, and enhancing overall responsiveness of city services.
●
Unix Script Automation: Automated processes like moving files, managing alert logs, and efficient backups by developing Unix scripts, reducing manual intervention, minimizing errors, and contributing to a streamlined and resilient IT infrastructure.
●
University of Science And Information Technology
Bachelor of Science, Computer Science, 2007
EDUCATION
CERTIFICATIONS ● SC-300: Microsoft Identity and Access Administrator
● Microsoft Azure Administrator Associate
● Oracle Database Administration Certified Associate
● AWS Certified Solutions Architect Associate
Contact this candidate