EDUARD PASCAL
Ridgefield,WA
Summary
Azure Cloud Security Engineer with extensive experience in Microsoft Azure security solutions, currently serving as Cloud Security Admin at T-Mobile with previous experience at Groupon. Expertise spans Microsoft Defender Suite including Defender for Cloud, Endpoint, and Sentinel SIEM, along with comprehensive knowledge of Azure Active Directory, Conditional Access policies, and Zero Trust Architecture implementation. Skilled in conducting vulnerability assessments, risk management, and automating incident response workflows to enhance threat visibility and operational efficiency. Successfully implemented least-privilege access models across cloud environments while collaborating with cross-functional teams to strengthen security postures and ensure compliance with CIS and NIST standards. At Groupon, designed and deployed Zero Trust security architecture for Azure workloads, managed Microsoft Sentinel SIEM with custom KQL queries for improved threat detection, and led vulnerability management programs for cloud assets. Technical proficiencies include Microsoft security tools, Azure Policy, KQL, and PowerShell with strong understanding of MITRE ATT&CK framework. Recognized as a strategic thinker with hands-on implementation capabilities, able to manage multiple priorities in fast-paced environments while effectively communicating complex security concepts to both technical and business stakeholders. Committed to continuous learning in the evolving cloud security landscape and dedicated to delivering robust security solutions that align with organizational objectives without compromising operational efficiency. Professional attributes include strong problem-solving abilities, collaborative teamwork approach, and proven track record of achieving security compliance objectives while maintaining system performance.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Cloud Security Admin
T-Mobile
06.2020 - Current
- Maintained up-to-date knowledge on emerging threats and attack vectors relevant to cloud environments, proactively adapting strategies as needed.
- Conducted thorough vulnerability assessments for cloud applications, recommending necessary updates and patches to maintain a secure environment.
- Integrated Azure Windows Server VMs (2019-2022) with Azure AD and configured RBAC for secure remote access.
- Deployed advanced Azure AD security controls, including Identity Protection, Conditional Access, and Privileged Identity Management (PIM).
- Enforced least privilege access through RBAC policies and ensured compliance with CIS benchmarks and NIST-800 standards.
- Implemented and optimized Microsoft Defender for Endpoint (MDE) for threat detection and response.
- Developed automated incident response (AIR) policies and conducted investigations on security alerts.
- Managed vulnerability remediation in collaboration with Cloud Engineering teams.
- Onboarded endpoints via Intune (Windows clients) and Azure Arc (on-prem servers) and enforced security baselines.
- Deployed Azure Sentinel for centralized logging and threat detection.
- Configured Microsoft Defender for Cloud Apps (MCAS) to monitor and restrict unsanctioned applications.
- Monitored and investigated suspicious activities across Azure and hybrid environments.
- Strengthened Exchange Online protection with anti-malware, anti-phishing, Safe Links, and impersonation policies.
- Enforced Defender for Endpoint policies (AV, ASR, Firewall) via Intune.
- Conducted security assessments and audits to identify and remediate risks.
- Implemented Defender for Cloud recommendations to harden Azure environments.
- Collaborated with compliance teams to meet CIS, NIST, and industry regulations.
- Stayed updated on Azure security threats, vulnerabilities, and mitigation strategies.
- Recommended and implemented new security technologies to enhance cloud defenses.
Cloud Security Engineer
Groupon
03.2020 - 04.2023
- Conduct periodic security assessments and support audit activities
- Document and maintain security configurations, procedures, and runbooks assessments, vulnerability analyses, and threat modeling to define security requirements for Azure environments.
- Developed technical documentation, runbooks, and security architectures for Azure deployments, ensuring repeatable and secure cloud adoption.
- Deployed and managed Microsoft Defender suite (Defender for Cloud, Endpoint, Sentinel) for EDR, XDR, and SIEM capabilities.
- Led incident response efforts, including alert triage, investigation, and forensic analysis for Azure-based threats.
- Automated security controls and processes to enhance operational efficiency and threat visibility.
- Manage Azure AD security including Conditional Access, Identity Protection, and Privileged Identity Management (PIM).
- Enforce least-privilege access through RBAC and entitlement reviews.
- Administer PIM workflows - review/approve elevation requests and audit privileged access.
- Delivered regular reports on the status of organizational cloud security measures to key stakeholders, facilitating informed decision-making processes regarding risk management and ongoing improvement initiatives.
- Implemented multi-factor authentication systems for improved user access management in the cloud.
- Reduced vulnerabilities by conducting regular security audits and penetration testing for cloud infrastructure.
Skills
- Vulnerability & Risk Assessment
- Microsoft Sentinel (SIEM)
- Network Security
- Continuous Learning
- Security Architecture Design
- Cyber Risk Management
- Virtualization Security
- Time management
- Microsoft Defender for Cloud
- Endpoint Detection & Response (EDR)
- Nessus
- Attention to detail
- Dependable and responsible
- Teamwork and Collaboration
- Incident Response
Certification
- AZ-500 Microsoft Associate Azure Security Engineer
- SC-100 Microsoft Cloud Security Architect
Languages
English
Full Professional
Russian
Native or Bilingual
Timeline
Cloud Security Admin
T-Mobile
06.2020 - Current
Cloud Security Engineer
Groupon
03.2020 - 04.2023
Similar Profiles
DeShawn MurphyDeShawn Murphy
Account Expert at T-MobileAccount Expert at T-Mobile
Basem ShadadBasem Shadad
Mobile Expert at T-MobileMobile Expert at T-Mobile
Delinege KingDelinege King
SMB Major Account Executive at T-MobileSMB Major Account Executive at T-Mobile
Manal AbuirqiyehManal Abuirqiyeh
Retail Sales Associate at T-MobileRetail Sales Associate at T-Mobile
KRISTIN BRATTKRISTIN BRATT
Design and Sales Associate at Schoolhouse ElectricDesign and Sales Associate at Schoolhouse Electric