Security Engineer Infrastructure
Resume:
DANIEL DAVIDSON
The Colony, TX ***** 440-***-**** ******************@*****.***
CLOUD SECURITY & INFRASTRUCTURE ENGINEER AZURE SPECIALIST 6+ YEARS EXP
Results-driven IT professional with 6+ years of proven success architecting, securing, and managing enterprise Azure environments across various sectors. Specialized in designing scalable cloud infrastructure, enforcing enterprise-grade security protocols, and leading full-cycle Azure implementations from planning to support.
Experienced Security Engineer with hands-on expertise using Microsoft Defender, CrowdStrike, and Azure Sentinel for threat protection. Skilled in enabling firewalls, Private Link, VM encryption at host, patching, and enforcing policies to secure and optimize Azure environments.
Experienced in optimizing Azure environments through VM patching, backup configuration and management, performance tuning, and cost efficiency. Implement proactive monitoring and provide 24/7 operational support, handling Tier I and Tier II escalations. Engage with stakeholders, clients, and cross-functional teams to align optimization efforts while maintaining functionality, and actively identify opportunities to improve infrastructure and processes.
Skilled in quickly patching AKS cluster vulnerabilities and enforcing Azure Policy to maintain compliance, enhance security, or optimize processes, while maintaining clear, up-to-date documentation for effective governance. Whether designing AKS clusters, optimizing storage and backups, or building out and maintaining Azure infrastructure, I bring a strong balance of technical expertise and business alignment. I am always looking for ways to test myself and grow.
CORE EXPERTISE
Azure Virtual Machines, Powershell, Bash, Backup and Disaster Recovery, Azure container instance, Azure Logic Apps, Azure Key Vault, Azure Policy, Azure Resource Manager (ARM), Azure App Service, Azure Functions, Azure Load Balancer, Network Security Groups (NSGs), VPN Gateway, ExpressRoute, Azure Bastion, Azure Storage Accounts (Blob, File, Table, Queue), Azure Backup and Site Recovery, Azure Active Directory (AAD), Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA), Azure Monitor & Incident Response: SIEM, Log Analytics, Network Configuration and Troubleshooting, Azure Automation, Azure Cost Management and Billing, Azure Security Center, Azure Firewall, Azure Sentinel, MS Defender, Azure patch Management, Azure backup/ Vault Administration, Azure Policy. PROFESSIONAL EXPERIENCE
Westshorehome, Dallas, Texas August 2024 - Present Title: Azure Admin II
● Security Management: Configure and maintain Microsoft Defender for Endpoint,.
● Azure Patch Management: Implement and manage Azure Update Management to ensure critical patching for virtual machines and infrastructure components.
● Backup & Vault Administration: Build and migrate backup solutions, transitioning from classic backup alerts to Azure Monitor, setting up Azure Backup and Vault for VMs, and implementing blob storage backup.
● Set up and manage Azure Monitor, Log Analytics, and Network Watcher for performance monitoring and diagnostics
● Develop and configure automated alerting systems with email notifications based on pre-defined thresholds and rules.
● Perform proactive monitoring and troubleshooting to ensure high availability and performance
● Azure Policy & Compliance: Develop and enforce Azure Policy for governance, including guest user retention policies to control access duration and security compliance.
● Azure Cleanup & Optimization: Conduct environmental cleanups by meeting with stakeholders to understand requirements, resizing or deprecating unnecessary resources, and optimizing infrastructure to reduce costs and improve performance.
● Resource Documentation & Topology Mapping: Create and maintain topology diagrams to track and document resources across multiple subscriptions, improving visibility and governance.
● Provide 24x7 operational support, including incident response and issue resolution across Azure environments
● Azure Kubernetes Service (AKS) – setup, configuration, scaling, ongoing support and vulnerability patching
AIRBUILD ENERGY, San Diego, California February 2021 - July 2024 Title: Cloud Engineer II
● Azure Infrastructure Management: Manage and optimize Azure cloud infrastructure to ensure high availability and performance.
● Resource Deployment: Deploy and configure Azure resources using Terraform and Bicep for efficient and scalable infrastructure management.
● Provide 24x7 operational support, including incident response and issue resolution across Azure environments
● Configure and maintain DevOps pipelines – manage CI/CD workflows for Azure-based applications
● Automation: Automate administrative tasks and workflows using PowerShell and Bash scripting to enhance operational efficiency.
● Resource Management: Manage Azure resources with Azure Resource Manager (ARM) templates to ensure consistency and compliance.
● Active Directory Management: Oversee Active Directory, user accounts, and group policies in a cloud environment.
● Data Security and Compliance: Ensure data security, compliance, and governance in line with company policies and best practices.
● Perform proactive monitoring and troubleshooting to ensure high availability and performance
● Training and Support: Provide training and support to team members on Azure best practices and administration.
● Documentation: Document cloud deployment procedures, troubleshooting processes, and technical solutions.
LAMPY TECHNOLOGIES, Prosper, TX April 2019 - January 2021 Title: Security Engineer
● Endpoint & Threat Protection: Managed Microsoft Defender for Endpoint, Identity, and Office 365, and remediated Defender security recommendations across environments.
● Advanced Threat Detection: Integrated CrowdStrike alongside Defender and configured Azure Security Center and Sentinel for real-time monitoring, alerting, and threat hunting.
● Secure Access & Perimeter Control: Deployed and managed Azure Bastion for secure VM access; configured NSGs, firewalls, WAF, and Azure Front Door to harden the environment.
● Network Security: Applied IP filtering by whitelisting/blacklisting office and branch IPs to control access at the network level.
● Identity & Access Management: Enforced RBAC and IAM policies; implemented guest user expiration policies using Azure Policy to maintain governance.
● Incident Response: Led escalated incident response efforts and performed regular vulnerability assessments to reduce security risk.
● Training & Enablement: Delivered documentation, playbooks, and security training to cross-functional teams to promote best practices and awareness. Education & Certifications
Certifications:
● Microsoft Certified: Azure Fundamentals (AZ-900)
● Microsoft Certified: Azure Administrator Associate (AZ-104)
● Microsoft Certified: Azure Security Engineer associate (AZ-500)
● CompTIA Network+
● Microsoft Certified: Azure Solution Architect (AZ-305)
Contact this candidate