Vishal
Microsoft 365 Senior Security Consultant
12
+
Years of Exp.
Technical Skills
1. Microsoft Defender Advanced Threat Protection (ATP)
2. Azure Sentinel
3. Microsoft Cloud App Security (MCAS)
4. Azure Identity Protection
5. Microsoft Information Protection (MIP)
6. Azure Active Directory Privileged Identity Management (PIM)
7. Microsoft Security Compliance Toolkit
1. Azure Security Center
2. Microsoft Secure Score
3. Advanced Threat Analytics (ATA)
4. PowerShell Scripting for Security Automation
5. Threat Intelligence Platforms
6. Multi-Factor Authentication (MFA)
7. Data Loss Prevention (DLP)
8. Incident Response and Forensics Tools
Professional Summary
Responsibility
- 1. Designed and maintained disaster recovery plans for data breaches and incidents.
2. Worked with third-party security vendors to assess and integrate additional security solutions.
3. Stayed updated with the latest security threats and trends, adapting strategies accordingly.
4. Spearheaded the design and implementation of comprehensive security strategies leveraging Microsoft Defender Advanced Threat Protection (ATP).
5. Established and configured Azure Sentinel as a central security information and event management (SIEM) hub, ensuring real-time threat detection and response.
6. Orchestrated the deployment and configuration of Microsoft Cloud App Security (MCAS) to gain visibility and control over cloud applications and services.
7. Designed and implemented Azure Identity Protection policies to proactively mitigate identity-related security risks.
8. Demonstrated Microsoft Information Protection (MIP) expertise to classify, label, and protect sensitive data across Microsoft 365 services.
9. Managed and fine-tuned Azure Active Directory Privileged Identity Management (PIM) to control and monitor access to privileged roles.
10. Utilized Microsoft Security Compliance Toolkit to assess and enforce security baselines across Microsoft 365 environments.
11. Implemented and managed Azure Security Center for advanced threat protection, vulnerability management, and security posture assessment.
12. Improved security posture and risk management using Microsoft Secure Score assessments and recommendations.
13. Deployed and configured Advanced Threat Analytics (ATA) to detect and investigate suspicious activities within on-premises environments.
14. Leveraged PowerShell scripting for security automation, streamlining repetitive tasks and enhancing incident response capabilities.
15. Utilized threat intelligence platforms to gather, correlate, and analyze threat data for proactive threat hunting and mitigation.
16. Implemented and managed Multi-Factor Authentication (MFA) solutions to enhance user identity protection.
17. Deployed Data Loss Prevention (DLP) policies and controls to prevent unauthorized data exposure and leakage.
18. Led incident response and forensics efforts, coordinating with stakeholders to mitigate security incidents effectively.
19. Collaborated with clients to develop and document security policies, standards, and procedures.
20. Conducted security assessments, vulnerability scans, and penetration tests to identify and remediate vulnerabilities.
21. Stayed current with emerging security threats and trends, advising clients on proactive security measures.
22. Acted as a mentor and guided security team members, enhancing overall expertise.
23. Achieved measurable improvements in clients' security postures, reducing vulnerabilities and incidents while enhancing security awareness and compliance.
Projects
Comprehensive Microsoft 365 Security Enhancement
Azure Security Center Implementation
1. Conducted a comprehensive security assessment to identify vulnerabilities and risks within the existing Microsoft 365 environment.
2. Implemented advanced threat detection and prevention mechanisms using Microsoft Defender ATP, including endpoint detection and response (EDR) features.
3. Enhanced identity and access management through Azure Active Directory, configuring Conditional Access policies and multi-factor authentication (MFA) for critical resources.
4. Ensured security compliance and governance by defining security baselines, monitoring compliance scores, and addressing non-compliance issues.
5. Designed and deployed data loss prevention (DLP) policies to safeguard sensitive data across Microsoft 365 applications.
6. Integrated Microsoft Cloud App Security (MCAS) to gain visibility into cloud app usage, detect risky behaviour, and enforce app-specific policies.
7. Leveraged PowerShell for security automation, creating custom scripts to automate routine security tasks and reporting.
8. Implemented security information and event management (SIEM) integration, forwarding security logs and events to a centralized SIEM platform for advanced correlation and analysis.
9. Developed and documented an incident response plan for handling security incidents and breaches within Microsoft 365.
10. Conducted regular security training sessions for IT staff and end-users to enhance security awareness and best practices.
1. Planned and executed the deployment of Azure Security Center across multiple Azure subscriptions.
2. Configured security policies and baselines to ensure consistent security configurations and compliance.
3. Utilized Azure Defender to detect and respond to threats across Azure resources, including virtual machines, databases, and containers.
4. Conducted threat assessments and vulnerability scans, prioritizing and remediating security findings.
5. Integrated Azure Security Center with Microsoft Defender ATP to provide a unified view of security incidents and threats.
6. Implemented advanced threat analytics for real-time threat detection and monitoring.
7. Utilized PowerShell to automate security tasks, like resource hardening and incident response.
8. Collaborated with Azure administrators to ensure seamless security operations and incident response procedures.
9. Documented the implementation process and created guidelines for ongoing security management within Azure Security Center.
10. Rights Management and Data Protection
Data Protection and Security Project
1. Implemented Microsoft Information Protection (MIP) and Rights Management Services (RMS) to classify and protect sensitive data.
2. Defined data classification policies and labels to automatically classify documents and emails based on content.
3. Configured rights management templates to control access to sensitive documents and prevent unauthorized sharing.
4. Integrated Microsoft purview and Rights Management to extend data protection controls to external sharing scenarios.
5. Collaborated with business units to identify critical data assets and enforce protection policies accordingly.
6. Developed PowerShell scripts for automating data classification and protection tasks at scale.
7. Conducted regular security assessments and audits to ensure compliance with data protection policies.
8. Provided guidance and training to end-users on data classification and protection best practices.
9. Collaborated with legal and compliance teams to align data protection policies with regulatory requirements.
10. Continuously monitored and reported on data protection incidents, ensuring timely response and resolution.
Education
BCOM – Savitribai Phule Pune University
Certificate
1. Microsoft 365 Certified: Security Administrator Associate
2. SC-200
3. SC-400
4. MS-600
5. Certified Information Security Manager (CISM)