Hemanth Kambhampati
Bellevue,WA
Summary
Highly motivated and skilled Identity Access Management Engineer with experience in designing, developing and deploying highly available and scalable enterprise solutions for Access Management, Identity lifecycle and Enterprise Single-Sign On. In-depth knowledge of IAM modules like SOD, Certifications, SAML and Role Management. Pundit at multitasking, held several leadership positions(Senior Software Engineer, Technical lead) while securing academic awards at the undergraduate level. Have excellent problem-solving, communication and organizational skills.
Overview
5
5
years of professional experience
1
1
Certification
Work History
IAM Engineer
Microsoft
01.2024 - Current
- Designed and Implemented Zero Trust Architecture**, continuously verifying users, devices, and applications before granting access to enterprise resources.
- Configured and Managed Conditional Access Policies** to secure access to critical applications, enforcing Multi-Factor Authentication (MFA) and location-based access controls to mitigate unauthorized access risks.
- Deployed and Managed App Registrations** in Azure AD, securing enterprise applications with OAuth 2.0 and OpenID Connect, ensuring compliance and secure authentication.
- Managed and secured Hybrid and Entra Joined Devices, enabling seamless access to cloud and on-premises resources while enforcing strict device compliance.
- Configured Azure AD Application Proxy, providing secure remote access to on-premises web applications without relying on VPN, enhancing user experience and security.
- Monitored and analyzed Identity Protection Risk Events, enabling proactive threat detection and remediation to minimize identity-related security breaches.
- Implemented Role-Based Access Control (RBAC)models, ensuring least privilege access across enterprise systems, improving security and simplifying permission management.
System Administrator
Nationwide
01.2023 - 01.2024
- Configured and Deployed SSO Solutions using ADFS and OAuth, streamlining user access to internal and third-party applications while enhancing security.
- Developed and Enforced Conditional Access Policies** to restrict access based on user risk, device compliance, and geographic location, supporting a Zero Trust security model.
- Managed App Registrations for internal and multi-tenant applications, securing API permissions and integrating with external identity providers for Single Sign-On (SSO).
- Optimized Azure AD Connect Configurations** to ensure continuous identity synchronization between on-premises AD and Azure AD, improving user experience and security.
- Administered Role-Based Access Control (RBAC) for enterprise applications, enforcing least privilege access and adhering to security policies.
- Configured and Managed Network Policy Server (NPS) for VPN and wireless network access, ensuring secure authentication through RADIUS-based multi-factor authentication.
- Monitored NPS Logs for authentication patterns, security breaches, and policy violations, ensuring timely incident response and security enhancements.
Windows/ VMware Adminstrators
GGS Engineering Services
09.2019 - 08.2021
- Implemented Azure AD Connect to enable hybrid identity management, synchronizing on-premises Active Directory with Azure AD for seamless user access.
- Configured and Managed ADFS to provide Single Sign-On (SSO) for internal and external applications, improving user experience and reducing login complexity.
- Managed Network Policy Server (NPS) to secure remote access services, ensuring compliant devices could connect to the network through RADIUS-based authentication.
- Deployed and optimized Registered and Hybrid Joined Devices for secure access, ensuring device compliance and secure authentication across cloud and on-premises environments.
- Deployed Conditional Access Policies to restrict access based on user risk and device health, ensuring only compliant devices could access critical enterprise resources.
- Configured Multi-Factor Authentication (MFA) for high-privilege accounts, enhancing security for critical applications and reducing the risk of unauthorized access.
- Monitored and Audited ADFS Logs for potential security threats and performance optimization, ensuring authentication processes remained efficient and secure.
Education
Master of Science - IT, IT Infrastructure
University of Central Missouri
Warrensburg, MO01-2023
Bachelor of Science - Mechanical Engineering
RVR & JC College Of Engineering
Guntur, India04-2019
Skills
- User Management
- Microsoft Entra Ad connect
- Conditional access policy
- Identity protection
- App registration
- Enterprise application
- Network policy server
- Active Directory Federation services
- Single sign on
- Authentication Methods
- Device Identity
- Role based access control
- Hybrid Identity
- Application Integration
- Zero trust architecture
- Open ID connect
- Application proxy
Certification
L-100,AZ-900
Accomplishments
- Zero Trust Architecture Deployment :Designed and deployed a Zero Trust model, enhancing security by continuously authenticating and authorizing users and devices across all enterprise applications.
- Conditional Access Policy Implementation:Developed and enforced dynamic Conditional Access Policies, reducing unauthorized access incidents by 25% while improving overall security.
- ADFS Migration :Led the migration from legacy authentication systems to ADFS, enabling secure Single Sign-On (SSO) and improving user access across multiple applications.
- Azure AD Connect Optimization :Optimized identity synchronization rules, reducing unnecessary data replication and improving system performance and security.
Timeline
IAM Engineer
Microsoft
01.2024 - Current
System Administrator
Nationwide
01.2023 - 01.2024
Windows/ VMware Adminstrators
GGS Engineering Services
09.2019 - 08.2021
Master of Science - IT, IT Infrastructure
University of Central Missouri
Bachelor of Science - Mechanical Engineering
RVR & JC College Of Engineering
Similar Profiles
Shubham SinghShubham Singh
Software Developer II (Level 62) at MicrosoftSoftware Developer II (Level 62) at Microsoft
DIVJOT SINGHDIVJOT SINGH
Software Engineer II at MicrosoftSoftware Engineer II at Microsoft
Premlata KumariPremlata Kumari
Technical Program Manager at MicrosoftTechnical Program Manager at Microsoft
REAGAN M. HARKINREAGAN M. HARKIN
Customer Experience Program Mgr., Dragon Copilot at MicrosoftCustomer Experience Program Mgr., Dragon Copilot at Microsoft
Anthony ShawAnthony Shaw
Crisis Care Coordinator at Kitsap Mental Health ServicesCrisis Care Coordinator at Kitsap Mental Health Services