About
Azure Security Engineer with 3 years of hands-on experience in Microsoft Defender for Endpoint, Microsoft Sentinel (SIEM/SOAR), and Microsoft Intune. Proven expertise in SOC operations, threat detection, incident response, KQL-based threat hunting, and endpoint security management across enterprise environments. Holds 9 Microsoft certifications. Experienced in managing security for Windows, macOS, and Azure cloud environments including onboarding/offboarding, compliance policies, and automated remediation workflows.
Skills & Expertise (38)
Work Experience
Azure Security Engineer
e-Labs Infotech Pvt Ltd
Jun 2025 - Sep 2025
Troubleshot onboarding/offboarding issues, indicators, and web filtering in Microsoft Defender for Endpoint and Intune. Monitored and managed endpoint security configurations for Windows, macOS, and Android devices in Intune portal. Configured and tuned Attack Surface Reduction (ASR) rules and device control policies in Intune and MDE. Built and customized Sentinel analytic rules aligned with MITRE ATT&CK framework, reducing false positives. Developed incident response playbooks in Microsoft Sentinel using Logic Apps, automating phishing and malware triage workflows. Implemented Threat & Vulnerability Management (TVM) workflows in Defender ATP for proactive endpoint remediation. Conducted vulnerability assessments and tracked remediation progress via Sentinel dashboards. Analysed logs using KQL and extracting the data from the SQL Database, Wireshark, HAR analysis, and Lumberjack for deep troubleshooting. Managed Defender upgrades for macOS and Windows devices and resolved MP Engine/MS Sense update issues. Provided client-facing support on licensing, admin roles, and Defender configuration.
Software Engineer (Azure Security)
USNR Services
Feb 2023 - May 2025
Deployed and managed EPP/EDR solutions using Microsoft Defender for Endpoint across enterprise endpoints. Configured Sentinel data connectors including Azure services, M365, Defender, Syslog, CEF agents, firewalls, and SaaS apps. Implemented UEBA in Microsoft Sentinel to detect insider threats and anomalous user behaviour. Designed Sentinel watchlists for privileged accounts and high-value assets. Built scheduled and NRT (Near Real-Time) KQL queries for anomaly detection and privilege escalation identification. Managed enterprise-level Active Directory backup strategies, executing authoritative and non-authoritative restore procedures to ensure rapid recovery of domain services and minimize downtime during incidents. Contributed to business continuity planning for AD DS, developing recovery workflows and integrating disaster recovery measures that improved resilience and reduced service disruption risks across critical domain infrastructure. Created and maintained Logic Apps playbooks for automated incident response workflows. Configured Azure Virtual Network peering to optimize network performance and reduce latency for remote users. Configured Active Directory, DNS, IP addressing, subnets, and routing within the network.
Software Engineer (Azure Security)
iLink MultiTech Solutions Pvt Ltd
Dec 2022 - Jun 2025
Monitored and triaged security alerts and incidents daily via Microsoft Defender portal and SIEM tools. Managed onboarding/offboarding of Windows Server (2012R2–2022) and Windows 10/11 via local scripts, GPO, and MDM. Designed and administered enterprise Active Directory Domain Services (AD DS), optimizing Sites & Services, FSMO role placement, and DNS/DHCP integration to ensure high availability, secure replication, and seamless authentication across multi-site environments. Integrated Azure Virtual Desktop (AVD) with Azure Key Vault for secure credential and certificate management. Progressing and evaluating the syncing of TCP/IP network connections. While performing Wireshark. Applied Conditional Access policies to secure AVD logins and enforced compliance policies via Intune. Implemented and enforced Group Policy and OU structures to streamline configuration management, delegate administrative control, and strengthen compliance, resulting in reduced operational overhead and improved security posture. Reviewed Entra ID sign-in logs daily to detect and respond to suspicious login attempts. Monitored VM health dashboards including CPU utilization, memory, and disk space metrics. Maintained minimum global admin role assignments to reduce attack surface in production environments. Performed live response, device isolation, antivirus scans, and troubleshooting mode automation tasks. Resolved daily service tickets, change requests, and problem tickets within SLA.
Education
B Tech – Electrical & Electronics Engineering (EEE) - Sree Venkateswara College of Engineering
2018 - 2022 · Afghanistan
Certifications
Azure Solutions Architect Expert (AZ-305)
Microsoft · 2024
Azure DevOps Engineer Expert (AZ-400)
Microsoft · 2024
Azure Virtual Desktop Specialty (AZ-140)
Microsoft · 2024
Azure Administrator Associate (AZ-104)
Microsoft · 2023
Identity and Access Administrator Associate (SC-300)
Microsoft · 2023
Information Protection and Compliance Administrator Associate (SC-400)
Microsoft · 2023
Security, Compliance and Identity Fundamentals (SC-900)
Microsoft · 2023
Azure Fundamentals (AZ-900)
Microsoft · 2023
Microsoft 365 Fundamentals (MS-900)
Microsoft · 2023
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Open to Relocation
