ASAIAH KANOUO
New Carrollton,MD
Summary
Hybrid Cloud Security Engineer with years of proven experience in leading cloud solutions designing, implementing, managing, and testing cloud infrastructures, with focus on network hardening, identity, and access management, data loss prevention; with demonstrated mastery in evaluating business Application integration requirements and service activation, dedicated in guaranteeing the confidentiality , integrity , and availability of information systems while defending organizations against threat actors . A meticulous, target driven, team player highly skilled in articulating technical information to IT members and ability to work with others in a collaborative environment and passionate about emerging cloud technologies, customer-centric, and a strategic thinker. Adept in cloud operations best practices; able to work for any employer in the U.S.A and within multidisciplinary settings. Resourceful Cloud Security experienced in evaluating and assessing client requirements and implementing infrastructure to solve identified problems. Harnessed code and cloud-native technologies to create scalable and user-centric systems. Strong negotiator with excellent value-driven solutions.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Azure CLOUD SECURITY ENGINEER
Cypher24 -Texas
05.2022 - Current
- Lead cloud Security Engineer in setting up Azure Sentinel (SIEM) and connect it to a live Virtual Machine to observe live attacks (RDP Brute Force) in different regions using Custom PowerShell script to look up the attackers Geolocation information and plot it on the Azure Sentinel Map
- This project was performed to mitigate the risk of data breaches by 95%
- Used custom PowerShell script to extract metadata from windows Event viewer to be forwarded to third party API in order to derive geolocation data
- Configured Log Analytics workspace in Azure to ingest custom logs containing geographic information
- Configured Azure Sentinel workbook to display global attack on Data (RDP brute force) on world map according to physical location and magnitude of attacks
- Leveraging Azure passwordless authentication to mitigate the risk password attacks from privileged accounts and enabling MFA on accounts which are not capable of having passwordless authentication
- Enabling Azure defender on subscriptions to protect Azure and hybrid resources, keeping updated on common queries and technical glitches faced by the clients and escalating them to the concerned authorities
- Configured and monitored sign-ins, audit logs, enforce MFA and Privileged Identity Management (PIM) principle
- Configured and managed Azure Identity and access control including Azure AD, B2C policies, SSO, MFA, periodic sign-in reviews, and RBAC
- Monitored and evaluated the performance of information security breaches to identify vulnerability
- Developed, implemented, and documented security programs, policies, and monitored compliance across departments following standard operating procedure (SOP)
- Implemented data loss prevention (DLP), encryption, identity, and access management, MFA, SSO, endpoint protection
- Taking the lead on all policy creation for compliance and configurations of company devices
- Participate in intra-organizational staff meetings to coalesce company-wide efforts around meeting prescribed business goals and addressing client concerns
- Troubleshot complex issues and drive solutions to automate processes and procedures
- Ensuring change management procedures are documented and followed for process changes
- Recommend Client on best Azure AD licensing for project and improved Cost Management
- Design and implemented Azure AD join hybrid identity for managed domain.
AZURE CLOUD ENGINEER
Innovative Life Solution – Washington, DC
07.2018 - 02.2022
- Maintained and optimized existing cloud infrastructure, including security remediation, setting up VM backups, patching, and implementing recommendations from Azure advisor with customer approval
- Managed approximately 80% of incoming calls , emails , and faxes per day from customers .
- Create user account and group management through Azure AD and configure group policies at different levels according to the requirements
- Provided technical assistance to developers, testers, and engineers to unify operational efforts
- Implemented cloud policies, managed technology requests, and maintained service availability
- Deployed and managed IaaS, PaaS, and SaaS solutions in Azure including VMs, Virtual Networks, Web Applications, Firewall, storage accounts and azure Functions for event-driven tasks
- Received and prioritized support requests to maximize resource utilization
- Supported Execution of complex projects- Delivered Results through Teamwork & Optimizing Business Results
- Implement virtual machine backup and recover from a recovery services vault using Azure PowerShell
- Deployed, managed, and maintained hybrid infrastructure, including physical and virtual machines, Hyper – V, storage accounts, database, servers
- Deploy cloud environments in accordance with best practices and needs of the business.
- Provided 2nd and 3rd level technical support and troubleshooting to internal and external clients.
- Wrote and maintained custom scripts to increase system efficiency and performance time.
- Participated in system development life cycle from requirements analysis through system implementation.
- Proved successful working within tight deadlines and a fast-paced environment.
- Developed and maintained courteous and effective working relationships.
Education
Bachelor of Science - Engineering Geology -
University of Dschang
UD's09.2012
Skills
- Azure Resource Manager
- Cybersecurity
- Azure Network security
- Technology Best Practices
- Azure Automation
- Azure Active Directory
- Troubleshot complex issues
- Azure Migration
- Azure Firewall/Azure Application Gateway
- PowerShell Scripting / Azure CLI
- Virtualization (Hyper – V)
- Domain Name System (DNS) /DHCP
- Privileged Identity Management (PIM) / Conditional Access Policies
- Identity and Access Management (IAM)
- Data Disk Encryption
- Microsoft Sentinel (SIEM)
- Learning attitude
- System and Network technologies
- Azure Backup and Disaster Recovery
- Virtual and Cloud Technologies
- Resource Monitoring and logging
- RBAC and Azure AD roles/ Azure AD Connect
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
- Virtual Private Network (VPN)
- Multifactor Authentication (MFA) / Single Sign-on (SSO)
- Cloud Security / Infrastructure Design
- Microsoft Office 365
- Data Loss Prevention
- Cloud Computing
- MS Defender for Endpoint (ATP) /Cloud Apps
- Azure Web Application and API Management
- Effective Communication
- Attentive to details
- Time Management
- Leadership / Teamwork
- Cloud Risk Assessment
- Security Incident Response
- Data Encryption Techniques
- Container Security
Certification
- AZ-500: Microsoft Certified Azure Security Engineer
- AZ-104: Microsoft Certified Azure Administrator Associate
- AZ-900: Microsoft Certified Azure Fundamentals
- CompTIA Security+ Certification
Timeline
Azure CLOUD SECURITY ENGINEER
Cypher24 -Texas
05.2022 - Current
AZURE CLOUD ENGINEER
Innovative Life Solution – Washington, DC
07.2018 - 02.2022
Bachelor of Science - Engineering Geology -
University of Dschang