Senior Identity & AD/Azure Engineer with 13+ Years Experience
Resume:
Saumil Desai
*********@*****.*** 609-***-**** LinkedIn: https://www.linkedin.com/in/dsaumil2024/
Marlton, NJ US Citizen
PROFESSIONAL SUMMARY
Over 13+ years in IT, specializing in Azure Active Directory, traditional Active Directory, Windows Server, and VMware environments.
Managed identity and access for Azure Subscriptions, Azure AD, Application Proxy, AD Connect, and Pass-through Authentication, ensuring secure user management.
Configured and maintained Azure AD Connect and its health, enabling efficient integration across hybrid cloud environments.
Solved complex Azure AD and Office 365 integration issues, including migrations and directory synchronizations (e.g., CAIDM and Active Directory).
Addressed synchronization challenges with MMSSPP, ensuring seamless provisioning in managed service contexts.
Led projects for migrating data to Office 365, from gathering requirements and planning to implementation and adherence to best practices.
Developed and updated PowerShell scripts for automating management across Windows, Active Directory, Azure AD, and Office 365.
Strong background in Active Directory administration, combining traditional AD with tools like Varonis for security and compliance.
Designed migration strategies to move workloads from on-premises Active Directory to Azure, enabling modern, cloud-ready business applications.
Designed, configured, and maintained Active Directory environments on Windows Server 2003 through 2016 for testing and development.
Installed and managed security tools to monitor Active Directory, and led all migrations and upgrades for domain controllers.
Specialized in resolving AD issues, including recovery of deleted objects and using the AD Recycle Bin.
Created and managed Group Policy templates and oversaw security patch updates to ensure a safe and compliant network.
Deployed web apps and synchronization jobs to streamline moving on-premises AD users to Office 365 using AD Connect and ADFS.
Hands-on experience with Varonis Data Security Platform to monitor, audit, and secure Active Directory objects and file systems.
Skilled in user access audits, permissions cleanup, and data classification using Varonis, ensuring least-privilege access.
Designed and managed Hyper-V failover clusters and provisioned virtual machines to support high availability.
Established and tested Azure AD tenants for production, providing leadership in syncing on-premises AD with the cloud.
Experience integrating Varonis alerts and reports with security operations, enhancing threat detection and response.
Experienced in object synchronization and authentication technologies such as ADFS, SAML, Single Sign-On (SSO), and OAuth.
Adept at collaborating with IT security teams to design identity governance frameworks leveraging AD and Varonis insights.
Managed Active Directory Domain Services for users, groups, printers, and other resources, and used AD LDS for application deployments.
Scripted updates of AD user and contact objects to support Azure AD syncs, leveraging PowerShell modules for Azure, AD, and Exchange Online.
Troubleshot and optimized provisioning between legacy directories, CSC Active Directory, and LDAP, ensuring smooth user lifecycle management.
Technical Skills
VMware Tools
VMware VSphere 4.0/4.1/5.0, 5.5 vCenter Server 4.0/4.1/5.0,5.5 ESX, 3.0/3.5/4.0/4.1, ESX i 4.0,4.1,5.0,5.1,5.5 Virtual Center Server 2.5,4.0,4.1,5.0,5.1,5.5 VMware Converter Enterprise, VMware View, VMware ThinApp 4.6, VMware Update Manager, HA, DRS, FT, VMotion, Storage VMotion, VMware Workstation.
Operation System
Windows Server NT /2003/2003R2/2008/2008R2/2012/2012R2, Windows XP/Vista/7, Wintel, Linux (Red Hat Enterprise Linux), Unix
System Automation
System Center Operation Manager (SCOM) 2007 R2, SCCM, System Center Configuration Manager (SCCM), System Center Virtual Machine Manager (SCVMM)2012, Scripting via Power shell, Power CLI, VB Script
Application Servers
Microsoft Active Directory 2000/2003/2008/2008 R2/2012, DHCP, DNS, WINs, IIS 6.0/7.0, FTP, DFS, Double Take Replication, LDAP, Windows clustering 2003/2008
Hardware
HPE Proliant Rack Mount 380/490/360 BL 460/480/490 G3/G4/G5/G6/G7 c7000 series, HPE EVA 4400, HPE HSA 300, HPE MSA 1000, IBM Blade Center S, IBM 3690s series, Dell Power Edge Server, Dell Rack mount Servers, iSCSI/SATA/SAS hard disk drives, Floppy drives, CD drives, ECC/non-ECC registered, Fabric HBA 4GB/6GB/8GB cards, Fabric switches and cable
Windows Administration
Configuration of DHCP and DNS, installation and configuration of VPN client, Windows Server 2003/2008/2012R/2016 - installation and configuration, installation and configuration of Active Directory creating users and groups, setting user access controls, domains creation and setup.
Programming Skills
Power shell, PowerCLI, VBScript, Batch Script
DR Tool
VMware SRM 5.0, Double Take
PROFESSIONAL EXPERIENCE
Lead System Administrator/Engineer
Honeywell Fort Washington, PA June 2022 – Present
Expert in configuring, maintaining, and troubleshooting Active Directory, handling user accounts, group policies, and schema extensions to ensure smooth directory services across the enterprise.
Designed and managed Host Profiles and Datastore Pools for multiple hosts and datastores across diverse data centers, enhancing resource efficiency.
Built robust authentication and authorization systems via Active Directory to safeguard network resources and enforce security standards.
Created and enforced Group Policies to ensure consistent system configurations, secure environments, and standardized software deployments.
Integrated and managed Active Directory with DNS for seamless name resolution and reliable resource location within the network.
Established and managed trust relationships between domains and forests, enabling secure and efficient collaboration.
Applied in-depth knowledge of Active Directory replication and disaster recovery strategies, ensuring directory data consistency and rapid business recovery in the event of failures.
Leveraged Active Directory Federation Services (ADFS) for implementing Single Sign-On (SSO) and identity federation, streamlining user access management across applications.
Configured and managed Active Directory Certificate Services (AD CS) for issuing digital certificates, reinforcing network and communication security.
Implemented robust security measures and access controls within Active Directory, upholding data integrity and compliance with security policies.
Used Varonis dashboards to identify stale AD accounts and excessive group memberships, streamlining identity management.
Conducted data access clean-up campaigns in AD based on Varonis recommendations, reducing exposure to sensitive data.
Integrated Varonis reporting into quarterly compliance reviews, supporting internal and external audits.
Partnered with InfoSec teams to map business unit permissions to Varonis policies, ensuring security alignment.
Diagnosed and resolved Active Directory-related issues, maintaining optimal network availability and performance.
Executed thorough Active Directory backup and recovery procedures to minimize data loss and downtime.
Utilized Active Directory Administrative Center (ADAC) for efficient and user-friendly directory administration.
Configured and supported Active Directory Lightweight Directory Services (AD LDS) for lightweight and specialized directory requirements.
Applied understanding of Active Directory Rights Management Services (AD RMS) to protect sensitive information and manage rights policies.
Integrated cross-platform systems and applications with Active Directory using LDAP and related protocols, ensuring compatibility and smooth operations.
Led complex VMotion and Storage Migration projects, consolidating 1,300+ VMs across data centers and coordinating with storage/network teams for seamless transitions using EMC SAN solutions.
Deep experience with Host Profiles, Distributed Switches, DRS, VMotion, Storage vMotion, resource pools, permission management, patching, snapshots, tool upgrades, disk expansions, and template creation.
Managed and audited vCenter permissions, aligning virtualization access with organizational policies.
Oversaw Windows Server upgrades, migrating enterprise environments from Windows Server 2003 to 2008 R2 smoothly and efficiently.
Deployed and managed high availability Clustered File & Print servers and DHCP servers, supporting core infrastructure needs.
Hands-on in physical infrastructure work: racking/stacking servers, switches, and SANs, maintaining datacenter reliability.
Directed efficient Active Directory and DNS infrastructure setups for Windows Server 2003 and 2008 R2, responsible for domain and workgroup management, as well as user and computer accounts.
Delivered effective group policy management, ensuring cohesive enterprise security and configuration standards.
Created and administered VMs as needed, using vSphere 5.x to manage VMware VMs (including terminal servers, Citrix, Linux) for a wide client base.
Managed VMware clusters with HA and DRS, monitored ESX/ESXi performance, and supported both VMware and Hyper-V virtualized environments. Configured iSCSI NAS/SAN and managed multi-site data migrations.
Set up, maintained, and troubleshot Office 365 environments, including server setup, AD domain configuration, group policies, and administrative scripting.
Customized Windows and Linux servers and OS images to align with company standards for security and efficiency.
Worked directly with business clients to evaluate, streamline, and enhance systems, processes, and workflows, tailoring IT solutions to business needs.
Coordinated with IT teams to troubleshoot and resolve technical issues, documenting incidents thoroughly to support continuous improvement.
Managed user and group accounts, including password and rights policies, ensuring secure and efficient access management.
Acted as an Incident Analyst, monitoring mailboxes and ticketing systems, adhering to ITIL processes for incident and change management.
Provided training and mentorship to junior administrators, supporting knowledge transfer and team development.
Led the documentation of IT projects and operational procedures, ensuring process clarity and audit-readiness.
Lead System Engineer/ Analyst
JPMC - Remote Part Time Jun 2024 – Nov 2025
Resolved a wide range of Azure AD Connect sync, data, and attribute issues, ensuring reliable user and group synchronization across systems.
Managed user and group administration in Azure AD, keeping organizational structures current and secure in the cloud.
Automated the creation of Azure VMs, cloud services, and storage resources using Azure PowerShell, streamlining cloud infrastructure deployment.
Developed migration strategies to move workloads from on-premises to Azure, enabling new cloud-based business applications and helping organizations modernize their IT environments.
Configured and managed complex cloud platforms—including multi-site and cross-site virtual networks, load balancers, Azure SQL, and other core Azure services—for scalable, reliable architectures.
Enabled and integrated Azure Active Directory Multi-Factor Authentication (MFA) with virtual desktops to enhance user security and access.
Implemented Varonis monitoring for Active Directory and file shares, detecting abnormal user behavior and reducing insider threats.
Automated access reviews and permissions reporting through Varonis and AD scripts, improving audit readiness.
Collaborated with the security team to investigate high-risk Varonis alerts, ensuring timely remediation.
Enhanced IAM operations by correlating Varonis data with AD Connect synchronization, strengthening compliance posture.
Supported large-scale identity management, administering Microsoft Identity Management platforms covering Active Directory, ADFS, Azure AD Connect, and Office 365 for environments with 400,000+ directory objects.
Oversaw identity and access management (IAM) across Azure Subscriptions and directories, built custom app integrations, enforced Conditional Access policies, and resolved MFA issues for secure and compliant access.
Applied expertise in single sign-on, directory design, replication, role-based access control, and user lifecycle management to support seamless authentication and authorization company-wide.
Successfully established Azure AD tenants for production and led technical integrations, ensuring on-premises groups synced efficiently with Azure.
Synchronized users, groups, and devices between Active Directory and Azure AD using technologies like ADFS, SAML, SSO, and OAuth to enable smooth hybrid and federated access.
\Handled Active Directory Domain Services and AD LDS for comprehensive objects management—users, contacts, groups, printers, and deploying specialized directory services for apps.
Automated AD tasks by scripting with PowerShell to update users and contacts and support Azure AD synchronization, leveraging modules like Azure AD, Active Directory, and Exchange Online.
Troubleshot and resolved user account provisioning issues between legacy directories, CSC Active Directory, and LDAP, enhancing smooth transitions and minimizing disruptions.
Configured and monitored the health of Azure AD Connect and Azure AD, proactively resolving operational issues to maintain system integrity.
Presented migration progress to leadership by providing detailed statistics, issue resolutions, and milestone tracking for users, groups, and devices, ensuring transparent project progress.
Managed Group Policy migrations across domains within Active Directory forests, ensuring consistent policy enforcement even during organizational changes.
Mentored junior team members on Azure and Active Directory best practices, contributing to professional development and stronger project results.
Collaborated cross-functionally with security and application teams to support digital transformation, align IT strategies, and ensure smooth technology adoption
Sr System Engineer
Hospital of the University of Pennsylvania, Philadelphia, PA July 2019 – February 2022
Developed the virtualization strategy and administrative oversight for a large, distributed environment—spanning 90+ ESX hosts and 1,200 VMs across multiple geographies.
Designed and implemented VMware ESX solutions to consolidate servers and optimize resource usage enterprise-wide.
Deployed and managed VMware ESX Server 4.0/4.1, creating standardized VM templates and streamlining large-scale virtual machine provisioning.
Installed and administered ESX 4.0 on HP Blade and Cisco UCS platforms, leveraging advanced management tools for high-density server environments.
Supported Azure Key Vault setup to enable secure management of cryptographic keys and secrets in the cloud.
Partnered with the Azure Machine Learning team to develop, deploy, and operationalize data-driven machine learning applications.
Deployed Varonis for file activity monitoring, identifying unusual file access patterns tied to AD user accounts.
Supported insider threat investigations by correlating Varonis activity logs with AD authentication events.
Improved role-based access models by analyzing Varonis entitlement reviews.
Coordinated with IT compliance teams to document AD security improvements backed by Varonis analytics.
Integrated and managed Azure Blob Storage and Data Lake for scalable cloud storage, supporting advanced analytics and big data workloads.
Ensured compliance and data privacy through the configuration of Azure Information Protection and Azure Rights Management solutions.
Installed and maintained vCenter Server instances, enabling centralized, streamlined management of virtual infrastructure.
Linked multiple vCenter Servers in Linked Mode, providing a unified management plane for global operations.
Implemented Active Directory backup and recovery protocols, safeguarding identity data and supporting high-availability initiatives.
Facilitated hybrid identity integration, syncing on-premises Active Directory with Azure Active Directory for seamless user access.
Managed VM lifecycle operations: creation, templating, cloning, and snapshot management for disaster recovery and rapid deployment needs.
Configured clustered VMware environments (HA/DRS), enabling load balancing, high-availability, and seamless VM migrations with VMotion.
Performed hot and cold cloning of virtual machines using VMware Converter, supporting flexible migration and backup strategies.
Optimized VMware infrastructure by configuring HA and DRS to maximize efficiency, resilience, and workload performance.
Led VM and ESX server log analysis to quickly diagnose and resolve service disruptions.
Defined and directed the VMware patch management process, ensuring timely updates via Update Manager across all hosts and VMs.
Conducted hardware replacements and troubleshooting for Dell and HP servers, minimizing downtime and maintaining system reliability.
Employed SolarWinds IP tracking to manage and document network topology for multiple subnets.
Delivered VMware virtualization assessments, advising clients on consolidation opportunities and project cost-efficiency.
Oversaw the end-to-end design and deployment of VMware solutions: ESX, vCenter, VMotion, HA, DRS, VMware Workstation, backup, and more.
Implemented CERT compliance checks for Siemens, ensuring security and operational readiness before production rollout.
Managed Active Directory setup on pre-production servers, creating and configuring administrative groups for each new deployment.
Installed, configured, and maintained VMware ESXi 5.5 Host Servers and the full vSphere suite, including P2P and P2V migrations.
Orchestrated Azure DevOps CI/CD pipelines, streamlining software release cycles with automation.
Leveraged Azure Kubernetes Service (AKS) to optimize container management and microservices deployment in production environments.
Used Azure Monitor and Application Insights for application health monitoring and proactive troubleshooting.
Designed and set up Azure Virtual WAN to simplify and secure network connectivity between branches and the cloud.
Deployed new virtual servers efficiently using templates and cloning techniques.
Managed user access and permissions within vCenter, maintaining robust security and operational control.
Oversaw the configuration and maintenance of Microsoft Windows Clusters to support critical business workloads.
Created vSwitches and port groups to segment network traffic and enhance virtualized security.
Installed and maintained Microsoft Windows (2003, 2008, 2012) servers, managing AD, DNS, and DHCP for enterprise identity and network services.
Expanded disk space on virtual servers and managed server imports using VMware Converter for zero-downtime growth.
Sr System Administrator
Hospital of the University of Pennsylvania Philadelphia, PA June 2014 – July 2019
Provided IT support for more than 300 clients spread across 15+ sites, tackling a diverse array of technical challenges and keeping end-users productive.
Worked closely with Service Operations and Transition Managers, bridging people, processes, and technology to deliver smooth ITSM (IT Service Management) integrations and reliable service delivery.
Maximized system efficiency by proactively monitoring and tuning all aspects of enterprise infrastructure—disk storage, CPU, memory, disk/network throughput, uptime, and cost efficiency.
Maintained robust expertise in BMC Remedy ITSM, confidently navigating Service Catalog, Incident, Problem, Change, Request, and Configuration Management to streamline operations and incident life cycles.
Managed and tracked incident requests through BMC Remedy, ensuring SLAs were consistently met and collaborating with business users, developers, and IT leaders to drive software improvements.
Enforced organizational standards by creating and maintaining Group Policy Objects (GPOs) at both the domain and local levels, strengthening compliance and security.
Kept Windows systems secure and current with updates and patches delivered via Windows Server Update Services (WSUS).
Monitored and audited AD changes and group policies using Varonis to strengthen change management.
Designed and executed regular permission hygiene reviews with Varonis reporting, reducing audit findings.
Collaborated with system owners to remove over-privileged accounts, guided by Varonis alerts.
Tracked and reported sensitive file access trends across departments, aligning with regulatory requirements.
Administered a VMware vSphere server farm, focusing on high availability, resiliency, and seamless scalability for critical business workloads.
Delivered round-the-clock support in a 24/7/365 pharmaceutical environment, ensuring uninterrupted operations for 15,000+ users across multiple domains and domain controllers.
Handled the full spectrum of Windows Server administration—from solution architecture and installations to fine-tuning, troubleshooting, and resolving server issues.
IT System Engineer
AstraZeneca Wilmington, DE Jan 2014 – June 2014
Diagnosed, researched, and resolved complex system and application issues, ensuring minimal downtime and high user productivity.
Provided expert-level technical support for end users, including password resets, application troubleshooting, and remote assistance.
Delivered knowledge transfer and hands-on training sessions to end users, empowering staff with “how-to” guidance for technology tools.
Partnered with IT leadership to evaluate and recommend system upgrades, hardware solutions, and software implementations aligned to business needs.
Ensured timely resolution of service tickets and escalated issues, meeting service-level agreements (SLAs) and boosting customer satisfaction.
Maintained accurate and complete technical documentation, including system procedures, troubleshooting guides, and process improvements.
Assisted in the design, deployment, and configuration of IT systems, including desktops, laptops, and enterprise applications.
Supported after-hours system escalations and incident response under supervision, ensuring continuity of business operations.
Performed hardware and software asset management, including inventory tracking, distribution, and lifecycle support per IT service policies.
Collaborated with cross-functional teams to improve IT service processes and enhance operational efficiency.
Monitored system performance and identified recurring technical issues, implementing preventive solutions to reduce incident volume.
Assisted in testing and validating system patches, upgrades, and security updates to ensure compliance and optimal system performance.
Documented root-cause analysis of recurring user issues, contributing to long-term resolution strategies and system improvements.
Provided hands-on support during system migrations and technology rollouts, minimizing disruption for end users.
Ensured compliance with company IT standards, security policies, and audit procedures throughout asset management and system engineering processes.
Systems Engineer (Contractor)
Ernst & Young - One Desk Upgrades July 2013 – Nov 2013 Philadelphia, PA
Supported the implementation and deployment of the firm-wide One Desk loadset system upgrades across multiple business units.
Delivered Tier 2/3 technical support for incidents impacting end-user systems, including both hardware and software troubleshooting.
Installed, configured, and tested new system images to ensure compatibility with EY’s standardized IT environment.
Performed system reimaging and recovery procedures to restore user productivity with minimal downtime.
Diagnosed and resolved complex issues related to integrated network, workstation, and enterprise application systems.
Partnered with engineering teams to validate new builds before production rollout, ensuring compliance with enterprise standards.
Executed hardware replacements, system repairs, and component upgrades in alignment with project requirements.
Managed software deployment and reinstallation processes for business-critical applications.
Coordinated with cross-functional IT teams to troubleshoot integration issues between firm applications and the loadset.
Documented root causes, troubleshooting steps, and resolutions in firm-standard systems for knowledge base updates.
Ensured endpoint security standards and policies were applied consistently across all upgraded systems.
Maintained strong configuration management discipline for loadset deployment and documentation.
Provided customer-facing technical support, ensuring timely issue resolution and clear communication with firm staff.
Contributed to improving change management processes by escalating recurring incidents and proposing permanent fixes.
Recognized for reliability, problem-solving ability, and commitment to enterprise system stability and user satisfaction.
Systems Engineer
Temple University May 2011 – May 2013 Philadelphia, PA
Provided Tier 1–2 technical support for faculty, staff, and students, troubleshooting hardware, software, and network connectivity issues across Windows and macOS environments.
Supported enterprise-level deployment projects, including migration of all desktops and laptops from Windows XP to Windows 7 with standardized images.
Performed system installations, upgrades, and rebuilds, including RAM, hard drive replacement, driver installation, and firmware updates.
Configured and maintained Active Directory accounts, Group Policy Objects (GPOs), and user access controls for secure computing environments.
Diagnosed and resolved Microsoft Office suite issues, wireless connectivity problems, and local/network printer malfunctions.
Built and deployed system images for desktops, laptops, and iMacs ensuring compliance with university security and performance standards.
Performed malware/virus identification, quarantine, and removal to maintain endpoint health and minimize system downtime.
Supported Apple ecosystem devices (iMac, iPad) including installation, configuration, and integration with enterprise services.
Deployed educational applications, ensured software licensing compliance, and recommended appropriate drivers and patches.
Assisted in user data migration and profile backup during OS upgrades and hardware refresh projects.
Provided technical guidance to students and faculty on software best practices, data security, and system performance optimization.
Maintained inventory and lifecycle management of lab and faculty IT assets to maximize system availability.
Collaborated with IT teams to document troubleshooting procedures and standard operating processes (SOPs).
Supported multi-platform environments (Windows, macOS) ensuring cross-compatibility with university infrastructure.
Recognized for strong customer service, delivering efficient technical resolutions and system stability improvements across the academic environment.
EDUCATION
B.S. in Computer Science or Engineering - 2013
Contact this candidate