Post Job Free
Sign in

Security Engineer C#

Location:
Bothell, WA
Posted:
July 06, 2025

Contact this candidate

Resume:

FEROSKHAN HASENKHAN

Azure Security Dev Engineer

LinkedIn: https://www.linkedin.com/in/feroskhan-hasenkhan-69050937/

Ph: 302-***-****, H1B, Email: *****.******@*****.***, Bellevue, WA

•Over 18 years of IT Experience Including 11+ years Worked as Azure Security Engineer, design Develop security architecture on Microsoft Security solution.

Technical Skillsets:

Security and governance with a strong proficiency in defining and modelling security baselines and managing security posture.

Worked on implementing Azure cloud security and hardening, especially in a large or complex environment

R&D, design, architect and develop a cloud platform solution (.NET, C#, Microsoft Azure, Entity Framework, LINQ, Web Api)

Analyse of existing on-premises management software’s family to build a brand-new load test with the goal to create a cloud first scalable platform based on Microsoft .NET / C# / Azure

Design and implementation of Azure AD hybrid identity, RBAC, Azure AD Privileged Identity Management (PIM), Identity Protection, MFA, Azure App Proxy, Single Sign-On (SSO), OpenID Connect, OAuth 2.0, and SAML and conditional access policy

Strong understanding of Cloud Security Expertise in Azure Infrastructure operations security tools inclusive of:

Azure Security and Audit dashboard, Azure Monitor, Azure Monitor Logs, Azure Security Center, Azure Resource Manager Templates,Azure Application Gateway, RBAC for storage accounts, Shared Access Signatures(SAS), Storage Service Encryption, VPN Gateway, Azure Key Vault, Azure Site Recovery, Azure Active Directory (AAD), Single Sign-On(SSO), Condition Access, OAuth2,SAML,Azure Sentinel and ServiceNow SIEM,Expertise in Infrastructure and container security, Azure Operations Management Service, Federation, Traffic Manager, data security

Knowledge of security standards (SOC Type 1 & 2, ISO, NIST, PCI, HITRUST, ISO 17799, ISO27005)

IaaS, PaaS, VM Migrations, SQL Databases, Database Migrations, Express Route Application Migrations, SSMS, DMA, Windows 11 Security, ARM Templates, AZURE Automation, AZURE Monitoring SIEM, Azure Site Recovery, ARM Templates, blueprints, logging, Azure Sentinel. Network Security Group (NSG), Azure Virtual Network

Implements the security solution, that includes following:

· Azure security (IAM, SPN, Managed Identities, PIM, CA, MFA)

· Endpoint security (Intune, JAMF, W365, AVD, MDE, CyberArk EPM, Automox, PMP)

· Incident Management (Microsoft Sentinel, PagerDuty, Kusto)

· Network security (Vnet, Firewall, Private Endpoint, Service Endpoint)

· Secret Management (Keyvalut, OneCert and Digicert)

· Perimeter security (Next-Gen firewalls)

· Application security (WAF, DDoS protection, Vulnerability Management)

· Data protection (Encryption at-rest and in-transit)

Experience in driving effective implementation and adoption of Security Development Lifecycle (SDL) and software maturity model

EDUCATION: Bachelor of Engineering Major: Computer Science and Engineering

PROFESSIONAL EXPERIENCE:

Company: Truveta (03/2021- Till Now)

Position: Senior Security Engineer

Accomplishments:

Security Infrastructure Design: Architected and implemented secure network, system, and software configurations, ensuring robust protection against cyber threats, especially within the Microsoft Azure and 365 ecosystems.

Access Control Management: Implemented and manage access control systems, including role-based access control (RBAC), identity and access management (IAM), and privileged Identity management (PIM), Conditional Access (CA) especially within Microsoft cloud environments.

Endpoint Security and Protection: Implemented various configuration policies, profiles, recommendations and remediations to protect Devices (Laptops, Servers, BYOD, W365 and AVD) Using Intune, JAMF, MDE, CyberArk EPM and Automox

Incident Response: Involved investigations and responses to security incidents, including monitoring, detection, and containment of threats.

Security Monitoring: Managed and configured security monitoring tools (SIEM, IDS/IPS, firewalls, etc.) to detect unusual or unauthorized activity across networks and systems, especially in Microsoft cloud environments.

Infrastructure Security: Build infrastructure automation using DevOps pipelines and enhance internet security with Zscaler Client Connector

Application Security: Perform secure code reviews, penetration testing, and vulnerability management using tools such as Wiz, Snyk, and Microsoft Defender for Endpoint (MDE), while actively engaging in the Secure Development Life Cycle (SDLC).

Compliance and Governance: Ensure compliance with regulatory and industry standards (SOC Type 1 and Type 2, ISO 27001, NIST, HITRUST, FDA) and manage security audits and assessments.

Security Awareness Training: Collaborate with other departments to provide security awareness training and ensure security policies are followed across the organization.

Collaboration with Teams: Worked closely with IT, DevOps, and other cross-functional teams to embed security into the development lifecycle (DevSecOps) and to address internal security needs.

Policy and Procedure Development: Developed and maintained security policies, procedures, and standards to protect sensitive information and systems.

Technology Evaluation: Evaluate and recommend new security tools and technologies that enhance security capabilities and defense mechanisms.

Threat Intelligence: Monitored and interpreted threat intelligence sources to stay ahead of evolving cyber threats and vulnerabilities.

Company: CirqueTech Group (05/2020- 02/2021)

Client: State of Investment Board

Position: Azure Security Dev Engineer

Accomplishments:

Security and governance with a strong proficiency in defining and modelling security baselines and managing security posture

Designed, architected, and implemented the deployment orchestration, automation, and security configuration management

Created Azure Run books/Playbooks pertaining to deployment processes and operational support

Working with engineers and architects to design security solutions via design input and code reviews

Created Azure Dashboard for Log analytics metrics for application data

Define and implemented the security architecture to ensure data security at rest and in transit, application security, key management, identity management, authentication, and authorization with OIDC and OAuth2, infrastructure security with Azure VNets, NSGs, UDR, etc.

Implemented the log analytics and monitoring architecture using Azure Monitor, Azure Application Insights

Azure Sentinel, Workbooks Integration with ServiceNow. Configured the incidents with SCOM.

Working on the POC for Azure Sentinel to replace the Sumo Logic

Working on service-oriented architecture and experience of the Release Management process with CI/CD pipelines using Azure DevOps.

Strong understanding of Cloud Security Expertise in Azure Infrastructure operations security tools inclusive of:

Security and Audit dashboard, Azure Resource Manager Templates, Azure Monitor, Azure Monitor Logs, Azure Security Center, Azure Application Gateway, RBAC for storage accounts, Shared Access Signatures, Storage Service Encryption, VPN Gateway, Azure Key Vault, Azure Site Recovery, Azure Active Directory (AAD), Expertise in Infrastructure and data security

Strong understanding of Security best practices and Good understanding of Microsoft Azure architecture and design

Company: MyAppsHub LLC (07/2018- April 2020)

Client: Microsoft

Position: Azure Security Engineer

Accomplishments:

Develop and implement Azure Cloud Infrastructure, Azure Data Streaming Analytics, Azure Data Lake store and Analytics and Platform Automation in Microsoft PowerShell, ARM SDK and API and .NET.

Develops techniques and procedures for conducting IS and cyber security risk assessments and compliance audits, the evaluation and testing of hardware, firmware, and software for possible impact on system security, and the investigation and resolution of security incidents

Perform deep analysis and develop metrics that measure current risk

Develop metrics that effectively evaluate and manage threats

Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats

Data Loss Prevention (DLP): Work with Customers to plan and define an appropriate Data Loss Prevention strategy, (AIP)Azure Information protection, Data Loss Prevention, Microsoft Cloud App Security (MCAS), Windows Information Protection (WIP)

Azure Information Protection: Enable the core Azure Information Protection capabilities for the Azure tenant, such as onboarding users, assigning the appropriate licenses, and access to both the AIP configuration portal and the Azure RMS Templates portal

Build an appropriate classification and labelling strategy

Planning and integration support with DLP, MCAS, WIP, Conditional Access policies and SIEM integration

Microsoft Cloud App Security (MCAS): Assist with provisioning Cloud App Security. This includes verification that all prerequisites have been met, and licenses have been assigned

Assist with the review of the discovered apps and potentially risky applications that have a low-security score

Windows Information Protection: Design and deployment of WIP policies through Microsoft System Center Configuration Manager (SCCM) or Microsoft Intune

Experience with Security Centre, Key Vault, Application Gateway, Network Security Groups, or Azure Information Protection

Experience with architecting complex IT systems, including operating systems, networks, firewalls, and load balancers

Knowledge of Cloud security fundamentals or Cyber threats as they relate to Cloud

Secure and harden the network, server, data, and end user infrastructure

Architect and implement the monitoring and capacity planning platforms of the systems, network, data, and end user infrastructure

Manage Identity Access management of Azure Subscriptions, Azure AD, Azure AD Application Proxy, Azure AD Connect, Azure AD Pass through Authentication

Creating and managing the IAM users, groups, Roles, Policies, SSO and MFA performance Tuning

Experience with OS firewalls - Windows Firewalls. Next Gen Firewalls

Worked with ARM templates and scripts using Azure PowerShell during Automation and Build Process

Periodically review security reference architecture (security blueprints) and conduct updates/enhancements

Manage identities, troubleshoot RBAC, implement RBAC policies, Azure Security

Assist with development of security standards, policies, procedures, and processes

Possess an agile focus across technology and security architecture, automation, integration, and distribution

Periodically review security reference architecture (security blueprints) and conduct updates/enhancements

Company: Infosys Ltd (12/2015- 07/2018)

Client: Microsoft

Position: Azure Security Engineer

Accomplishments:

R&D, design, architect and develop a cloud platform solution (.NET, C#, Microsoft Azure, Entity Framework, LINQ, Web Api)

Analyse of existing on-premises management software’s family to build a brand-new load test with the goal to create a cloud first scalable platform based on Microsoft .NET / C# / Azure

Security Engineer deep dives with the requestor of the assessment Prioritize risks identified in relation to business risks

Conduct assessment and provide technology risk/requirements to the requestor Authentication, Authorization, Auditing

Application Security – Session Security, Vulnerability/Pen Testing items, Input Validation Secure data transport and storage

Participate in various Operational and Technology Risk governance processes

Assist in identifying new areas and opportunities of technology investment for the firm

configure multi-factor authentication settings

manage Microsoft Azure AD directory groups, Users, implement conditional access policies

monitor privileged access, activate Privileged Identity Management

Create App registration, configure App registration permission scopes,

Assist with the implementation, modification, and improvement of the Sponsor's Risk Management Framework (RMF) workflow and its component parts

Exploit Tool development: Developing the security toolset to exploit newly found vulnerabilities to perform real-world attacks

Confirms project teams comply with regulatory compliance and best practices automate cloud security solutions and controls

Migrating an On-premises virtual machine to Azure Resource Manager Subscription with Azure Site Recovery

Virtual Machine Backup and Recover from a Recovery Services Vault using Azure PowerShell and Portal

AAD security log Analytics integrate with Azure Sentinel, Workbooks and Playbooks

Solutions Consultant responsible to be primary SME on Azure services including SaaS, PaaS and IaaS while contributing architecture decisions and tasks for ongoing migration efforts

Implemented Barracuda Next Gen Firewall to flow all the traffic from two regions virtual networks

Worked on Barracuda Admin terminal implementing Access rules and controlling traffic through all the regions

Hands on experience on Site to site VPNs, Virtual Networks, Network Security Groups, Load balancers, Storage Accounts

Worked on ADFS and SSO - Active Directory Federation Services for on premise and Azure Cloud Active Director

Worked on Configuration of Internal load balancer, load balanced sets and Azure Traffic manager

Working on service-oriented architecture and experience of the Release Management process with CI/CD pipelines using Azure DevOps.

Experience in building security processes, document important security tasks, develop procedures, policies, and process flow

Company: TringApps Inc (01/2015- 12/2015)

Client: Department of Education

Position: .Net/Azure Consultant

Migrate Database Services from on-premises to Azure Cloud Environments using DMA and SSMS, updating the connection strings; collaborate with development and QA teams to maintain high-quality deployment.

Lead automation efforts to minimize security manual work, ensure compliance goals, and support continuous monitoring

Worked on Azure AD connect to sync on-premises AD user data, groups, and organizations to Azure AD and troubleshoot Azure services sync with on-premises AD and resync using the Azure tools.

Install and Configuring AD FS role on Domain Controllers, deploy WAP Server for the users to reach AD FS out of company network

Architect solutions using MS Azure IAAS services such as SQL Server, service bus, etc

Configured Azure Traffic Manager to build routing for user traffic Infrastructure Migrations: Drive Operational efforts to migrate all legacy services to a fully virtualized Infrastructure

Design, Install, Administer and Optimize hybrid cloud components to ensure business continuity (i.e. Azure AD, ADFS, SSO & VPN Gateways)

Provide consulting and cloud architecture for premier customers and internal projects running on MS Azure platform for high availability of services, low operational costs

Design & implement migration strategies for traditional systems on Azure (Lift and shift/Azure Migrate, other third-party tools

Manage proof of concepts POCs & exploratory projects; to identify, evaluate and eventually adopt most suitable Cloud model (Public & Private Clouds, IaaS) for the customer

Innovate, develop, and drive the development and communication of technology strategy and roadmaps across the technology organization to support project portfolio and business strategy

Company: Wipro Ltd (India) (12/2013 - 01/2015)

Position: .Net Security Lead

Company: Datamatics Vista Info System Ltd (India) (03/ 2013 -11/2013)

Position:.Net Team Lead

Company: Accenture (India) (05/ 2011 -10/2012)

Position:Senior Software Engineer

Company: Cognizant (India) (12/ 2006 -05/2011)

Position:Associate – Projects

Company: Blackstone Group Technologies (India) (07/ 2004 -12/2006)

Position:Software Engineer



Contact this candidate