Network Security Customer Success

Location:

Orlando, FL

Salary:

Posted:

November 25, 2024

Contact this candidate

Resume:

DANIYAL SIDDIQUI

407-***-**** Email

Passionate cloud engineer with track record of achieving consistent results and delivering complex projects on time.

Dedication to customer success, experience and support by collaboratively and proactively solving customer problems

Hands on experience and knowledge of cloud operation management, security and testing. Extensive experience in configuring, managing, supporting, and handling customers in Azure and AWS environments for multiple global customers.

EXPERIENCE

Jan 2024 – Present

Azure Network and Security Engineer, Apex System (Remote)

Work on a Microsoft Networking Support team as a contract through Apex System

Collaborated with customers to troubleshoot and resolve 502 errors by analyzing Network Security Groups (NSGs), User Defined Routes (UDRs), and DNS configurations. Diagnosed issues using tools such as ping tests, traceroute, nslookup, and Wireshark for deeper packet analysis. Additionally, leveraged Azure Network Watcher and Connection Troubleshoot to pinpoint and resolve network-related problems.

Reviewed network, firewall, and service-specific logs (e.g., NSG flow logs in Azure) to identify potential misconfigurations or security threats. Utilized log analysis to detect and respond to anomalies, ensuring optimized network performance and security.

Implemented Network Security Groups (NSGs) and Azure Firewalls to control and secure inbound and outbound traffic. Designed and enforced rules to optimize network security, ensuring proper traffic flow and protection against unauthorized access.

Implemented Azure DDoS Protection to mitigate distributed denial-of-service (DDoS) attacks, ensuring the availability and resilience of critical services. Monitored traffic patterns and applied automated protection to safeguard resources against potential threats.

Conducted regular vulnerability assessments using Azure Security Center to identify and remediate security risks. Implemented recommendations to strengthen security posture, ensuring compliance with best practices and reducing potential threats

"Designed and implemented multi-region deployments to enhance redundancy and scalability. Ensured high availability and fault tolerance by distributing resources across multiple Azure regions, optimizing performance and minimizing downtime.

Assisted customers in integrating Azure Traffic Manager for efficient traffic routing and load balancing. Configured and optimized Traffic Manager profiles to distribute traffic across multiple endpoints, improving application performance and availability.

Assessed current network infrastructure to identify outdated components and performance gaps. Conducted comprehensive evaluations to pinpoint areas for improvement and optimize network performance.

Engaged stakeholders to understand business needs and ensure minimal disruption during upgrades. Facilitated clear communication and coordination to align technical changes with business objectives and maintain operational continuity.

Developed a detailed project plan that included a comprehensive rollback strategy to address potential failures. Ensured that all phases of the project were well-documented, with contingency measures in place to minimize risk and facilitate recovery if needed.

Utilized automation tools such as Terraform and Azure Resource Manager (ARM) templates to streamline and automate network infrastructure deployment. Designed and implemented infrastructure as code (IaC) to improve efficiency, consistency, and scalability in network provisioning.

Configured Azure Monitor and Log Analytics to track performance and set up comprehensive monitoring and alerting. Implemented dashboards and alerts to proactively identify and address issues, ensuring optimal performance and reliability.

Implemented identity-based controls using Azure Active Directory, including Conditional Access and Multi-Factor Authentication (MFA). Configured policies to enhance security and manage access based on user identity and risk levels.

Helped customers apply zero-trust architecture principles to ensure least-privileged access to resources. Implemented stringent access controls and continuously verified user identity and device compliance to enhance security and minimize risk.

Utilized role-based access control (RBAC) to limit permissions and enforce least-privileged access. Configured roles and assigned permissions based on user responsibilities to enhance security and ensure appropriate access to resources.

Implemented multi-region deployments with load balancing using Traffic Manager and Azure Load Balancer. Designed solutions to ensure high availability and optimal performance by distributing traffic across multiple regions and balancing workloads effectively.

Assisted customers with implementing Virtual Machine Scale Sets to manage capacity and ensure scalability. Configured auto-scaling and load balancing to dynamically adjust resources based on demand, optimizing performance and cost-efficiency.

Leveraged Availability Sets and Availability Zones to enhance fault tolerance and ensure high availability. Designed and implemented strategies to distribute resources across multiple fault domains and update domains, minimizing the impact of hardware failures and planned maintenance.

Assisted customers with deploying Application Gateway and provided support for resolving related issues, including HTTP 403, 503, and 504 errors, as well as configuration challenges. Ensured effective troubleshooting and optimization of Application Gateway to maintain reliable application delivery and performance.

Assisted customers in configuring Azure Key Vault to securely store secrets and credentials. Enabled managed identities to allow applications to access and authenticate resources through Azure Active Directory, ensuring secure and seamless integration with Azure Key Vault.

Also provided support for configuring Azure Front Door to enhance global application delivery and performance, ensuring optimal routing and security.

Assisted customers in deploying Web Application Firewall (WAF) and troubleshooting related issues. Provided support for resolving WAF-related challenges, ensuring robust protection against web vulnerabilities and optimizing firewall configurations for enhanced security.

Used OpenSSL tools to identify certificate-related issues, including incorrect certificates or missing certificate chains. Analyzed and diagnosed SSL/TLS certificate problems to ensure proper configuration and secure communications.

Utilized Microsoft internal tools such as Jarvis, Action Genova, and Azure Security Center (ASC) to diagnose customer environments. Identified and resolved configuration issues and other data plane-related problems to ensure optimal performance and security.

Assisted customers in deploying Azure Content Delivery Network (CDN) services and resolving related issues. Provided support throughout the deployment process, ensuring effective configuration and optimization of CDN services to enhance content delivery and performance.

Configured geo-location routing on Azure Traffic Manager and Application Gateway to direct traffic based on user location. Set up Geo-Zone Redundant Storage (GZRS) and Local Redundant Storage (LRS) to ensure synchronous data replication across three Azure availability zones within the primary region, enhancing data durability and availability.

Assisted customers in troubleshooting private endpoint-related issues. Provided support for diagnosing and resolving connectivity and configuration problems to ensure seamless integration and secure access to Azure resources through private endpoints.

Assisted customers in designing and implementing hub-and-spoke VNet architectures to centralize connectivity, optimize routing, and enhance security.

Configured VNet peering between the hub and spoke networks, ensuring seamless communication between VNets while maintaining isolation for sensitive workloads.

Helped customers set up and manage traffic flow between on-premises networks, the hub VNet, and spoke VNets using Azure VPN Gateway, ExpressRoute, or Azure Firewall.

Assisted in integrating shared services, such as DNS, firewalls, and identity management, within the hub VNet for efficient resource sharing across spokes.

Supported customers in optimizing costs by centralizing network resources like firewalls and VPN gateways in the hub VNet, reducing the need for duplication across multiple spoke VNets.

Configured Network Security Groups (NSGs) and Azure Firewall in the hub to control and secure inbound and outbound traffic between the hub, spokes, and external resources.

Provided ongoing support for monitoring and troubleshooting connectivity, latency, and performance issues within the hub-and-spoke architecture using Azure Monitor and Network Watcher.

Feb 2023 – Dec 2023

Azure Architect Engineer, Healthymd, Inc (Remote)

I am working at Healthy MD Inc 5701 NW 88th Ave#300, Tamarac, FL 33321

Design, deploy, and maintain Azure IaaS/PaaS/SaaS a variety of cloud services, ensuring optimal integration and performance.

Expertise in architecting and implementing solutions for healthcare applications, including EMRs and other critical systems.

Experience architecting and managing hybrid cloud environments.

End-to-end experience with cloud migration, from discover, assessment to execution, including greenfield environments through Azure Migrate Tools.

Lead customer design efforts, ensuring solutions meet business needs and align with the organization's technology goals

Architected complex Azure solutions for healthcare clients, supporting mission-critical applications such as EHRs, AI/ML, and data analytics.

Collaborated with stakeholders to define cloud architecture, ensuring high availability, scalability, and security for healthcare workloads.

Led cloud migrations, including greenfield deployments, ensuring seamless transition and integration with existing healthcare systems.

Worked closely with the sales team to articulate the value of Azure Hosting and Cloud technology to healthcare customers.

Ensured cloud solutions met compliance requirements and security standards, safeguarding healthcare data and operations.

Provided advanced troubleshooting and problem resolution for cloud-based healthcare applications, ensuring business continuity and optimal performance.

Support for Microsoft and Open-Source operating systems in healthcare environments.

Working on standardizing/templatizing Azure resource groups, policies, tags and RBACs for customers reducing operational errors and troubleshooting times. Consult customers in selecting appropriate Azure services to design and deploy applications based on given architecture requirements.

Standardize IaC (Terraform) templates to uniformly deploy cloud resources across different customer accounts.

Reduced customer provisioning/onboarding times by 40% leveraging Terraform/ARM/Azure CLI automation for different Azure services and resources including VMs, VNETs, NSGs, LRS/ZRS, Vaults, CDN, Gateways, Service endpoints, AD, Blob storage, VM, Functions, ACS, Guard Duty, Vnet, Notification hub, Managed Storage, EFS etc.

Conducted a thorough analysis of business requirements and budget constraints to design an optimized Azure architecture. Ensured scalability, performance, and cost-efficiency by selecting appropriate Azure services and resources.

Created detailed solution architecture documentation, including high-level design diagrams, network topologies, and resource allocation strategies, to ensure alignment with business goals and stakeholder approval.

Design a hub-and-spoke network topology, where the hub contains shared resources like firewalls, Application Gateway and Private Endpoints and the spokes connect workloads.

Developed infrastructure as code (IaC) scripts using Terraform to provision and manage Azure resources. Defined and automated resource deployment for VNets, storage accounts, virtual machines, application gateways, and other services.

Designed modular and reusable Terraform code to support flexibility and ease of future modifications. Used modules and state management to organize the infrastructure for better scalability and team collaboration.

Set up a CI/CD pipeline in Azure DevOps to automate infrastructure deployment and updates. Integrated the Terraform code with the pipeline to ensure seamless provisioning of resources through continuous integration and continuous deployment (CI/CD).

Implemented automated testing and validation steps in the Azure DevOps pipeline to verify Terraform code before deployment. Used linting, security scans, and environment-specific validations to ensure code quality and compliance.

Factored in cost management strategies during both the design and deployment phases. Implemented resource tagging, scaling policies, and budget tracking to optimize costs while meeting performance objectives.

Set up monitoring and logging tools such as Azure Monitor and Log Analytics to track resource usage and performance. Continuously gathered feedback to iteratively improve the architecture and pipeline processes.

Designed and implemented multi-region deployments to enhance redundancy and scalability. Ensured high availability and fault tolerance by distributing resources across multiple Azure regions, optimizing performance and minimizing downtime.

Configuring Azure Key Vault to securely store secrets and credentials. Enabled managed identities to allow applications to access and authenticate resources through Azure Active Directory, ensuring secure and seamless integration with Azure Key Vault.

deploying Web Application Firewall (WAF) and troubleshooting related issues. Provided support for resolving WAF-related challenges, ensuring robust protection against web vulnerabilities and optimizing firewall configurations for enhanced security.

deploying Azure Content Delivery Network (CDN) services and resolving related issues. Provided support throughout the deployment process, ensuring effective configuration and optimization of CDN services to enhance content delivery and performance.

Implement for secure access to virtual machines without exposing public IP addresses.

Configure SSO for enterprise applications, enabling users to authenticate once and access multiple apps securely.

Apply identity-based security policies to enforce least-privilege access. Utilize Multi-Factor Authentication (MFA) to ensure secure authentication.

Deploy resources across multiple Availability Zones for redundancy and fault tolerance.

Implement Azure Site Recovery (ASR) for automatic failover in the event of a disaster. Ensure regular backups using Azure Backup.

Enable Azure Security Center to monitor security across all resources. Use Azure Defender for threat detection and response.

Regularly assess usage patterns and set up autoscaling policies to ensure you're only using resources when needed.

Use this for highly available, enterprise-level databases like Azure SQL managed Instance

Leveraged Hyper-V as a virtualization platform to extend on-premises workloads to the cloud, facilitating seamless integration with Azure resources.

Managed and maintained VMs on Hyper-V, ensuring scalability, security, and high availability for workloads in a hybrid cloud setup.

Used ASR to implement disaster recovery solutions, replicating on-premises VMs in Hyper-V to Azure, enabling efficient failover and business continuity.

Integrated Hyper-V environments with Azure services like Azure Backup, Azure Monitor, and Azure Security Center to enhance monitoring, security, and backup capabilities.

Configured virtual networks between Hyper-V and Azure using VPN gateways to enable secure communication and resource access across both environments.

Utilized Windows Server 2016 to deploy and manage on-premises infrastructure, seamlessly extending resources to Azure for hybrid cloud scenarios.

Connected Windows Server 2016 with Azure through features like Active Directory Federation Services (AD FS) and Azure AD Connect, enabling identity synchronization and secure access.

Leveraged the advanced virtualization features of Windows Server 2016, such as Shielded VMs and Nested Virtualization, for enhanced security in hybrid environments.

Implemented storage replication between on-premises Windows Server 2016 and Azure Storage to ensure high availability and data redundancy in the hybrid setup.

Feb 2022 – Jan2023

Azure Devops Engineer, Amdocs (Remote)

I am working for At&t at 3329 Oak Lawn Avenue, Dallas, TX 75219

Azure Cloud Architect with extensive experience in designing and managing telecom cloud solutions, including mission-critical workloads, network functions virtualization (NFV), and IoT.

Expertise in Azure services to support high-performance, scalable, and secure cloud infrastructure in telecom environments.

Skilled in automation through Infrastructure-as-Code (IaC) and cloud-native solutions for optimizing telecom network operations.

Architect and manage a variety of services with a focus on telecom applications, including virtual networks, IoT, NFV, and telecom APIs.

Oversee security safeguards to ensure the integrity and compliance of telecom cloud solutions with industry standards.

Expertise in hybrid environments to support seamless integration between on-premises telecom infrastructure and the Azure public cloud.

Proficient in designing and implementing virtual networks, VPNs, and ExpressRoute to optimize connectivity for telecom clients.

Experience leading full lifecycle cloud migrations, including planning, execution, and optimization for telecom environments.

Ensured telecom solutions met security, scalability, and compliance requirements, safeguarding sensitive customer data and aligning with industry regulations.

Provided advanced troubleshooting for cloud network issues, ensuring minimal downtime and high availability for telecom operations.

Utilized DevOps methodology of Azure Devops continuous integration/continuous delivery to

develop, automate, and operate cloud deployments for web applications and

IaaS/Paas/SaaS platforms

Architected, developed, and deployed highly available and scalable systems within

the cloud using infrastructure as code tools such as Terraform and ARM

Tracked any defects or issues with Astra for cloud inspect, Workload inspect and Security related vulnerabilities

Designed and developed automation tools and infrastructure to run service-oriented

stacks on public and private clouds

Automated tasks using Ansible Scripts for faster and more accurate

deployment in Maintenance window

Worked on cloud inspect related to the Azure infrastructure vulnerabilities like subnet unattached, Storage related discrepancies most of the discrepancies removed through Azure Devops CI/CD pipeline

Worked on workload related vulnerabilities which are the Software and security related vulnerabilities

For software and security related vulnerabilities we are doing Golden Image upgrade so that all vulnerabilities removed through Azure Devops Continuous deployment pipeline

Worked on compliance related vulnerabilities so that all non-compliance resources become compliance

Troubleshoot user permission related issues

Worked on certificate renewal

Creating a new environment for newly migrated applications

Standardize IaC (Terraform) templates to uniformly deploy cloud resources across different customer accounts.

Responsible for migrating on-prem Environment to Azure Environment using Cloud Adoption Framework

Implement/maintain different Azure networking functions including VNETs/Subnets and VPN (site-to-site) connections to customer on-prem. Configure Azure firewall rules to restrict traffic to multiple virtual networks in multiple subscriptions.

Having knowledge of middleware technologies like WebLogic 12c, Apache web server, Apache Tomcat, Connect direct

OCT 2018 – SEP 2021

AZURE ARCHITECT ENGINEER, netkom technologies