Senior Endpoint & Identity Infrastructure Engineer

* * * * * V e n k a t a S a m u d r a l a ’ s R e s u m e

P ROFICIENCY MATRIX

Versatile and results-driven Endpoint & Infrastructure Engineer with over 14 years of experience in managing and optimizing enterprise identity services, hybrid infrastructures, and endpoint environments. Proven expertise in Windows Active Directory, BeyondTrust, M365, Microsoft Intune, and Azure AD/Entra ID. Adept at automating desktop builds, application deployment (MSI, Win32App, PowerShell), patching (Autopilot, Microsoft Autopatch and SCCM), and Proofpoint, QRadar, Zscaler, ensuring compliance across hybrid workspaces. Microsoft 365 tenant administration, and Exchange Online/2019.

Adept at leading complex AD migrations, configuring conditional access and SSO integrations, and automating provisioning and policy enforcement using PowerShell and Intune. Demonstrated leadership in Azure Active Directory operations, including directory synchronization, conditional access, and cloud/hybrid identity design. Experienced in delivering infrastructure and cloud solutions across Azure IaaS/PaaS/SaaS, Exchange (Hybrid & Online), and Office 365, with strong capabilities in server administration, DNS/NPS, NAS/RDS, and Email Gateway Security. Skilled in planning OU structures, designing GPOs, mentoring teams, and leading large-scale AD consolidation and migration projects. Recognized for delivering complex IT infrastructure projects for global enterprise clients with a focus on scalability, security, and efficiency

CORE SKILLS

V A L UE P ROPOSITIONS

Played a significant role in executing the SSO solution migration from ADFS to Azure AD

Configured and managed BeyondTrust as PAM Solution for organisation.

Leveraged BeyondTrust’s Identity Security Insights to detect privilege escalation paths, dormant accounts, and misconfigured entitlements

Integrated BeyondTrust with Azure AD, SailPoint, and ServiceNow to automate access provisioning and unify identity governance

Managed Microsoft 365 tenant policies and Exchange Online/2019 hybrid configurations, ensuring high availability and secure email flow

Successfully implemented ADFS SSO solutions for the KSA government in the job portal registration process for Saudi citizens.

credited with the Best Employee (2019) for EU region for successful completion of the transition and live support for the Dexia Bank project from Cognizant.

Administered Azure Entra ID, configuring conditional access, application proxies, and SSO integrations with third-party apps

Package and automate deployment of enterprise apps (MSI, Win32App, EXE, PowerShell scripts) to thousands of corporate endpoints.

Steered the design and performed the migration from on-prem resources to the Azure cloud with the Azure Migration Manager.

Led the migration of On-prem /third-party applications to Azure Cloud with Azure AD and Azure and configured Azure SSO.

EMPLOYMENT OUTLINE

From Apr 23 to Till Date with TESCO Technologies – as Sr Engineer “Client: Tesco Bank”

Lead daily operations and incident resolution for Windows AD, Azure AD, and M365, managing service requests and troubleshooting complex issues, improving incident resolution times by 20%.

Deployed BeyondTrust Endpoint Privilege Management to enforce least privilege policies and reduce help desk tickets related to application elevation

Implemented and optimized conditional access and multi-factor authentication (MFA) protocols, increasing security by 30% and reducing unauthorized access incidents.

Enforced Just-in-Time (JIT) access policies to eliminate standing privileges and reduce attack surface across critical infrastructure

Developed and enforced comprehensive operational procedures for Azure AD management, ensuring adherence to compliance and security policies

Administer full lifecycle management of Windows 10/11 endpoints, automating image deployment using Autopilot and Intune.

Manage Intune configuration profiles, compliance policies, and conditional access via Entra ID for improved endpoint security posture.

Supported SOX, GDPR, and ISO 27001 compliance by implementing privileged access controls and maintaining detailed audit trails

VENKATA SAMUDRALA

SENIOR IT MANAGEMENT PROFESSIONAL /

TECHNICAL CONSULTANCY

Contact: +1-949-***-****

Email: **********@*****.***

Location: Irvine, California-92602

Azure AD Management &

Operations

IAM & PIM Managment

M365

Active Directory

Cloud Managment

Azure Virtual Desktop

Team Leadership & Mentorship

2 P a g e V e n k a t a S a m u d r a l a ’ s R e s u m e

Implemented Semperis and CrowdStrike tools for AD security hardening and threat detection

Support and optimize Azure Virtual Desktop (AVD), including session host deployment, scaling, and troubleshooting.

Lead monthly and urgent patch management cycles via Microsoft Autopatch and vendor patching tools; conduct continuous assessments to improve process efficiency.

Document all deployment, patching, and troubleshooting procedures; initiate quarterly reviews for process refinement.

Serve as Tier 3 escalation point for complex Windows desktop issues, engaging Microsoft and third-party vendors when required.

Troubleshoot and maintain Active Directory Group Policies impacting end-user desktop environments.

EMPLOYMENT OUTLINE

From Jul’21 to mar 23 with Kasmo Technologies Pvt Ltd – as Technical Manager “Client: Tesco”

Responsible for leading the successful design, implementation and maintenance of infrastructure solutions that meet the requirements of the organization and ensure the most cost-effective approach is taken.

Oversee the performing and monitoring of technical checks, analyzing errors and tracking solutions of errors, planning, and performing upgrade and installation tests for assembly and validation.

Provided technical support for Azure AD services, resolving an average of 50+ incidents per month related to user provisioning, access management, and system performance.

Directed AD domain restructuring and multi-forest consolidation, migrating accounts and resources with minimal disruption

Facilitate the protection of business's credentials, applications, and confidential data from unauthorized access.

Leveraged Identity Security Insights to detect privilege escalation paths, dormant accounts, and misconfigured entitlements across hybrid environments by using BeyondTrust

Play a stellar role in planning and preparing for the domain restructure for your organization and successfully migrating accounts and resources to an Active Directory domain.

Lead the provision of support for the applications and product teams, ensuring timely resolution and minimized impact of critical incidents.

Value Propositions:

Conducted regular system health checks and performance monitoring, enabling proactive identification of capacity issues and reducing downtime by 15%.

Led the automation of identity management processes, including user provisioning and access reviews, reducing manual workloads by 25%.

Mentored and trained junior analysts, contributing to a 15% improvement in team performance and knowledge sharing.

Deployed BeyondTrust Endpoint Privilege Management to enforce least privilege policies and reduce help desk tickets related to application elevation

Added and used the security tools, such as Semperis and Crowd Strike. Apr’20 – Nov’21: Protera Technologies as Senior Infrastructure Specialist L3

Engaged in building on new company strategies looked for new projects; administered Sales and Marketing teams to procure cloud business

Validated Azure Benefits: proposed IaaS and PaaS solutions based on customer discussions

Designed on-prem DevOps Server with DR on Azure solution for a company in USA; delivered some medium-sized sized solutions on Azure for various customers throughout the globe

Provided consulting services on improving solutions; offered corporate training on Azure implementation and serverless computing

Prepared azure estimates for customers for greenfield deployments and designs for HA/DR scenarios for several customers

Conducted meetings with clients and researched and analyzed data, after which presented recommendations to the clients and set a schedule for implementing improvements

Participated in networking activities and developed new strategy tools and techniques in areas of specialist experience

Acted as a SME around Microsoft Azure for other sales and management teams, working on solving all aspects of cloud computing like infrastructure, storage, platforms, and data.

Develop business case analysis on potential projects administered billing analysis and quotes for upcoming projects; provided expertise and leadership regarding Cloud Architecture for both infrastructure and applications in Microsoft Azure

Conducted discussion with top management on project proposals; trained teams to equip with Azure App Development. Guided developers about the available solutions and their benefits in Azure

Developed ARM templates for quicker new deployments. Utilized Azure CLI extensively to take advantage of cross-platforms

Identified existing problems within a business that may be negatively impacting profitability or harming the company’s brand image Value Propositions:

Cloud Migration

One Man Show on AD migration to Azure

3 P a g e V e n k a t a S a m u d r a l a ’ s R e s u m e May’16 – Apr’20: Cognizant Technology Solutions as Senior Associate – Infrastructure Windows Team Lead

Migrated Exchange 2016 to O365 in Hybrid Mode – Moved mailboxes, Resolved Email Address Policy issues, Responsible for DNS changes and First point of contact for any advice related Cut over.]

Expertise in the installation and configuration of Active Directory along with the planning and implementation of Active Directory Migration

Supervised daily Event, Incident, Problem, and Change Management processes to ensure issues are proactively managed to resolution, impacts mitigated, and root cause eliminated

Experience with Azure Active Directory, O365 and Synchronization of entities between On-Premises and Cloud Directories.

Spearheaded deployment, installation & configuration of Exchange 2016 & 2019

Provided support for on-premises different versions of Exchange

Administered:

o Migration of different version of exchange to O365 with Hybrid model o MX cut over from Third Party to EOP

o Primary Active Directory, Exchange, O365 support for DPMO, FDPM, Zajel, and IGA

Responsible for overall administration of Microsoft Windows Server, Exchange servers and Active Directory Infrastructure

As a part of daily support work on Escalated Issues for MS Outlook, O365 setup, for the End Users. Value Propositions:

One man shows on AD transition and transformation

Awarded for best technical work from the total Europe region in 2018 Major Projects:

Project title: AETNA

Coordinated the testing of application accessibility and SSO communication to end users by preparing and providing the ADFS test environment to the client.

Project title: AEC (KSA Riyadh) Onsite

Led the Project NLG for building a portal for educated citizens to provide further guidelines to individuals as an ADFS Consultant. Prioritized and performed the configuration of relaying party in line with the client requirement and with third-party applications, such as Liferay, CRM and IVR clients.

Contributed to troubleshooting the AD and LDAP related to bottlenecks in infrastructure and on the application side.

Steered various activities, such as PKI configuration, troubleshooting, and PKI external & internal. Project title: Dexia Credit Local

Worked as the Windows Infrastructure Lead for Windows VMWare AD and ADFS, engaged in project transition, and contributed towards migration of Windows Active Directory technology.

Actively responded to customer requests and recommenced better solutions throughout the projects.

Prioritized, performed patching for Windows DCs, and spearheaded the patch management. Jun’13 – Apr’16: HCL Technology as Technical Specialist – Infrastructure Windows AD

Ensured all lines of support for more complex incidents, requests, events, and/or problems through the effective coaching and training of IT technical support engineers. Undertook regular reviews to ensure that the assigned infrastructure is configured, installed, tested, and operational. Ensure that the software is installed and configured in line with business requirements.

Resolved calls and identified the root cause of incidents, events, and problems to ensure proactive future management.

Updated incidents, requests, problems, and/or events with progress and resolution details. Major Projects:

Project title: Capsugel

Served as an AD ADFS Administrator as direct endpoint contact with client US-based project.

Played a significant role in administering the user’s password synchronization from AD to Office 365 by using the DirSync tool.

Prioritized, coordinated, and looked after the maintenance of client asset data information and updated with the client every month for auditing purposes.

Significantly contributed to troubleshooting the SSO-related issues and managing the AD & ADFS certificate. Jun’09 – May’13: I Support as Windows AD & ADFS Administrator (In-house Project) 4 P a g e V e n k a t a S a m u d r a l a ’ s R e s u m e

MAJOR P ROJECTS

Project title: Capsugel Client & Location: USA Duration: 3 Team Size: 5 Technologies Used: Windows AD & ADFS Role: Technical Engineer Responsibilities: Technical issues handling and ADFS implementation

Project title: Taqat Client & Location: KSA Duration: 1.5 Team Size: 4 Technologies Used: ADFS Migration & AD Administration Role: Technical Lead Responsibilities: end to end responsibility on AD & ADFS deployment and support

Project title: Dexia Client & Location: France Duration: 2.5 Team Size: 8 Technologies Used: Infrastructure Lead (Windows, AD, Exchange, and SCCM SCOM) Role: Team Lead Responsibilities: Highly involved in transition and transformation of the project. One man show on AD

Project title: Tesco Client & Location: UK Duration: 3.3 Team Size: 10 Technologies Used: Azure Identity Management. Infrastructure AD Security Role: Technical Lead Responsibilities: AD Security tools implementation. Managing Azure Identity. AD technical-level support

A CADEMIC C REDENTIALS

Master of Science, from Osmania University, Hyderabad, India in 2008.

Bachelor of Science, from Sri Krishnadevaraya University, Anantapur, India in 2006. Trainings: AZ-103, AZ-301, AZ-500, MCSA-70-743, and ITIL Certification from HCL Seminars & Workshops: Microsoft Cloud Identity – Microsoft, Ignite Seminar – TESCO, and Cloud Data Engineering – Microsoft

T E CHNICAL P URVIEW

Domain: Azure, Windows AD, Windows, VMWare, and Citrix

Tools: SNOW, PowerShell, IAM tools, SCCM, AD Connect, Quest Migration Manager Email Gateway EOP, ATP, Ironport, and ProofPoint

CERTIFICATIONS

Completed ITILV3 training in HCL and certified

MCSA Certified Windows Server 2016 (70-743)

Microsoft Azure AZ-300 & Az-500 trained and certified

AWS DevOps-certified, CISSP Trained from Infosectrain

Contact this candidate