Mahdi Duale

• Performing real-time monitoring and analysis of
  security alerts and events using SIEM tools to
  identify and mitigate potential threats.
  • Conducting detailed analysis and correlation of
  logs and security events to identify patterns and
  anomalies in network traffic.
  • Conducting initial triage of security incidents,
  respond appropriately, and escalate according
  to severity and impact.
  • Contributing to continuous vulnerability
  management by monitoring systems and
  helping with remediation efforts.
  • Maintaining and updating incident response
  playbooks and documentation to improve the
  efficiency and effectiveness of SOC operations.
  • Assist in creating and delivering security
  awareness training to educate employees on
  cybersecurity risks and compliance.

• Administered user identities across hybrid
  environments by managing Microsoft Entra ID
  (formerly Azure AD) in conjunction with onpremises
  Active Directory.
  • Implemented and managed Microsoft Entra
  Connect to synchronize users, groups, and
  directory objects from Active Directory Domain
  Services (AD DS) to Microsoft Entra ID.
  • Configured and managed automated user
  provisioning and deprovisioning processes,
  ensuring efficient and secure identity lifecycle
  management.
  • Administered identity and access solutions
  using Microsoft Entra ID as the centralized
  identity platform for managing users, groups,
  and devices.
  • Enabled and managed Single Sign-On (SSO)
  across multiple applications, simplifying user
  authentication and enhancing security.
• Implemented and maintained Microsoft Entra ID
  Multi-Factor Authentication (MFA), adding an
  additional layer of security through multiple user
  verification methods.
  • Deployed Microsoft Entra Privileged Identity
  Management (PIM) to enforce Just-In-Time
  (JIT) access for administrative roles, minimizing
  standing privileges and strengthening
  governance.
  • Designed and enforced Conditional Access
  policies in Microsoft Entra ID based on user risk,
  device compliance, location, and application
  sensitivity to secure access and reduce threat
  exposure.
  • Audited and monitored privileged access using
  access review policies and Microsoft Entra ID
  logs to maintain compliance and proactively
  detect anomalies.
• Leveraged Microsoft 365 Defender to detect
  and remediate threats in real time by enabling
  self-healing for user accounts, endpoints, and
  mail systems.
  • Administer Microsoft Defender for Endpoint to
  manage and monitor corporate network
  devices, ensuring robust endpoint security and
  compliance.
  • Integrated identity and access management
  (IAM) policies with Microsoft Intune, Microsoft
  Defender, and third-party SIEM solutions to
  enable centralized security monitoring and
  policy enforcement.

Manage and maintain Windows Servers

across multiple environments (development,

staging, production), optimizing uptime,

performance, and infrastructure scalability.

• Provided Tier 2/3 support for Windows Server

incidents, applying ITIL best practices to

reduce resolution time through efficient

troubleshooting and escalation

• Managed Active Directory identities,

overseeing user provisioning, OU structure,

and Group Policy to ensure secure and

efficient access control.

• Automated bulk user provisioning, access

control, and log maintenance using

PowerShell scripts, reducing manual tasks and

streamlining administrative processes.

• Administered and monitored DNS and DHCP

services, ensuring optimal network

performance and swift resolution of name

resolution issues.

Managed patching schedules and WSUS

deployments to maintain system security,

stability, and compliance with organizational

policies.

• Implemented and managed antivirus

configurations and policies aligned with

institutional security standards to safeguard

systems against threats.

• Managed file and print server operations,

optimizing access control, resource sharing,

and storage allocation to support daily

business functions.

• Administered vCenter infrastructure, optimized

HA configurations, and executed vMotion

migrations to minimize downtime and enhance

resource utilization.

Maintained and troubleshooted Microsoft

Hyper-V infrastructure across development

and staging environments to support reliable

testing and deployment processes.

• Managed ServiceDesk Plus platform by

designing workflows, automations, and

dashboards that enhanced ITSM process

efficiency and user satisfaction

• Facilitate Change Advisory Board (CAB)

meetings, ensuring risk assessments and

approvals are properly documented.

• Monitor SLA compliance, generate

performance reports, and communicate KPIs

to senior management.