Abou Conde

• Key Contributions:Strategic Planning: Conducted comprehensive planning sessions to align the Sentinel implementation with CNP's security strategy and operational goals.
  Microsoft Sentinel Setup: Led the deployment of Microsoft Sentinel, configuring it as the central SIEM platform to aggregate security data across CNP's digital estate.
  Data Connector Configuration: Configured and optimized data connectors for seamless ingestion of logs from various sources, ensuring a holistic view of security events.
  Integration with Splunk: Implemented a bi-directional integration between Microsoft Sentinel and Splunk, enabling enhanced analytics and data visualization capabilities across both platforms. This involved setting up data sharing and workflow automation to leverage Splunk's advanced data processing and Sentinel's AI-driven security insights.
  Defender XDR Integration: Integrated Microsoft Defender XDR with Sentinel, facilitating a unified threat detection, investigation, and response experience. Customized the integration to enable real-time threat intelligence sharing and automated response actions across endpoint, email, identity, and cloud workloads.
  Custom Detection Rule Development: Developed custom detection rules and analytics queries within Sentinel, leveraging KQL to identify sophisticated threats unique to CNP's environment.
  Automation and Orchestration: Created automated response playbooks in Microsoft Sentinel to accelerate incident response times. These playbooks leveraged integration points with Splunk and Defender XDR to orchestrate complex response workflows.
  Training and Documentation: Provided comprehensive training for CNP's security team on utilizing the integrated Sentinel, Splunk, and Defender XDR environment. Produced detailed documentation to ensure best practices in monitoring, incident handling, and ongoing system optimization.
  Continuous Improvement: Established a framework for continuous monitoring and improvement of the security posture, leveraging insights from the integrated Sentinel-Splunk-Defender XDR ecosystem to refine detection capabilities and response strategies over time.
  

This project highlights my capability to architect and lead sophisticated security integration projects, enhancing organizational resilience against cyber threats through strategic implementation and effective use of leading security technologies.

• Key Contributions: Conducted an initial assessment of Suez's cloud security posture to identify vulnerabilities and potential improvements.
  Clearly defined the scope of the POC to ensure targeted evaluation of Microsoft Defender for Cloud's capabilities against our most critical cloud workloads and data assets.
  Configured and deployed Microsoft Defender for Cloud, setting up comprehensive monitoring for selected Azure services and resources, demonstrating my technical acumen in cloud security solutions.
  Executed threat simulation tests to evaluate the detection and alerting mechanisms, providing valuable insights into the system's responsiveness and accuracy.
  Tested advanced features of Microsoft Defender for Cloud, including security score assessments, just-in-time VM access, and adaptive application controls, to explore all possible enhancements to our security posture.
  Analyzed and reported on the POC outcomes, highlighting how Microsoft Defender for Cloud could significantly bolster our cloud security framework. I prepared a detailed report with findings, showcasing the benefits and laying out a roadmap for full-scale deployment.
  

This project underscored my strategic approach to enhancing cloud security and demonstrated my capacity to lead complex security initiatives, from conception through to detailed evaluation and reporting.

During my tenure, I spearheaded a comprehensive security overhaul, integrating and managing a suite of Microsoft's cutting-edge security tools to fortify Carmignac's digital infrastructure. My responsibilities included:

• Microsoft Defender for Endpoint: Deployed and managed endpoint security solutions to protect against advanced threats, enhancing device safety across the organization.
• Microsoft Intune: Utilized Intune for centralized management of mobile devices and applications, ensuring compliance and secure mobile access to corporate resources.
• Microsoft Defender for Cloud Apps: Implemented cloud app security to gain visibility, control data travel, and detect cyber threats across all cloud services.
• Microsoft Defender for Identity: Protected against identity-based threats by monitoring and analyzing user activities and actions on Active Directory (AD).
• Microsoft Defender for Office: Secured email and collaboration tools against advanced threats like phishing and malware with Defender for Office.
• Microsoft Purview: Managed data governance and compliance, ensuring data protection and regulatory compliance across Microsoft 365 services.
• Microsoft Defender for Cloud: Enhanced security posture management and threat protection for cloud services, providing insights and automated security recommendations.
• Microsoft Sentinel: Orchestrated a cloud-native SIEM and SOAR solution, enabling proactive threat detection, response, and threat hunting across the enterprise.
• Identity Protection: Strengthened identity security using Defender for Identity alongside Azure Active Directory Identity Protection to safeguard against identity compromises and ensure secure access management.

This project highlighted my ability to architect and implement a holistic security strategy leveraging Microsoft's ecosystem, significantly enhancing Carmignac's resilience against cyber threats and aligning their security posture with best practices.

• Windows Servers Upgrade
• Directed the upgrade of Windows servers from Server 2008 and 2012 to Server 2016, ensuring enhanced system security and performance. This comprehensive upgrade process involved meticulous planning, execution, and validation phases to minimize downtime and ensure a seamless transition for all operational workloads.
• Networking Domain and DC Environment Hardening
• Implemented best practices for hardening network domains and Domain Controller (DC) environments to bolster security defenses. This included revising security policies, enhancing monitoring capabilities, and applying critical updates and patches to protect against emerging threats.
• SCCM and Intune Integration
• Orchestrated the integration of SCCM (System Center Configuration Manager) with Intune to streamline device and application management across the organization. This strategic initiative enabled a unified management approach, leveraging cloud capabilities for enhanced flexibility and control over device compliance, software deployment, and security settings.
• Enterprise-Class Networking in Azure
• Engineered a robust, enterprise-class network architecture within Azure, featuring a secure hub-and-spoke network design. Implemented Azure Firewall, network security groups, and application security groups, along with route table configurations to enhance security and connectivity. Facilitated hybrid connectivity by setting up jump box access and site-to-site VPN connections via ExpressRoute, ensuring seamless integration with on-premises environments.
• Security Baseline Implementation on Azure
• Successfully implemented a comprehensive security baseline using Microsoft Defender for Cloud and Microsoft Sentinel. This initiative significantly bolstered the security of Azure infrastructure (IaaS) and cloud-based applications (PaaS), focusing on securing Internet-exposed resources and disabling unnecessary access. Introduced a controlled environment for administrators to prevent the installation of untrusted software, enhancing overall cloud resource security.
• Microsoft Sentinel Workspace Configuration
• Spearheaded the planning, design, and configuration of a Microsoft Sentinel workspace to serve as the foundation for advanced security information and event management (SIEM). Responsibilities included configuring Sentinel roles, designing data storage strategies, and securing the Sentinel environment. Developed and implemented custom data connectors, threat intelligence feeds, and log management solutions for comprehensive security monitoring and incident response.

These projects highlight my ability to lead and execute complex IT infrastructure and security initiatives, showcasing expertise in system upgrades, network hardening, and the integration of management tools to enhance organizational efficiency and security posture.

- SERVICES INTEGRITY SAVINGS & LOANS LTD (SISL)

Enterprise Mobility + Security E5 Deployment and Configuration

Role : Solution Architect

Solutions : Azure and Microsoft 365

Description :

• Integrate an Active Directory forest with an Azure Active Directory tenant by creating an Azure Active Directory tenant.
• Activation of an Enterprise Mobility + Security E5,
• Creation and configuration of an Azure AD user,
• Purchase of a personalized domain name, assignment of a personalized domain name to the company's Azure AD tenant,
• Configuration of the DNS suffix in the company's Active Directory forest,
• Installation of Azure AD Connect, activate the Active Directory recycle bin,
• Configuration of filtering at the level of Azure AD Connect attributes,
• Launching and verifying directory synchronization, configuring Hybrid Azure AD Join and running Hybrid Azure AD Join from a Windows 10 device.
• Optimize authentication, authorization and access control for the company's Active Directory environment integrated with the Azure tenant enterprise AD by enabling Azure AD multi-factor authentication, Enabling Azure AD password writeback and self-service password reset, implementing Azure AD password protection , enabling identity protection Azure Active Directory,
• Enabling Intune auto-enrollment, as well as implementing Azure AD privileged identity management and Azure AD conditional access policies. Use Azure ARM templates to deploy the following environments:
• Azure IaaS: This environment consists of two virtual networks deployed in the primary and secondary site with an AD domain, IIS web servers and Microsoft SQL servers that I configure in a SQL Always On availability group.
• Azure PaaS: Deploy an Azure web application and Azure SQL Server in primary and secondary locations.
• Create and configure the services that will enable failover of on-premises and Azure IaaS environments. These include a recovery service vault used for Azure Site Recovery and an Azure Automation account.
• Create an Azure VM to use as a resource to monitor compliance based on the settings.
• Create a policy that will prevent further changes to the SKU for the VM.
• Create a budget definition alert to ensure that the cost stays within the limits you set.

- UMB Bank

Hybrid identity - Integrate an Active Directory forest with an Azure Active Directory tenant.

Role : Consultant

Solutions : Microsoft 365 and Microsoft Azure

Description :

• I integrated their on-premises Active Directory single domain forest named myumbbank.local with Azure AD and implemented all necessary prerequisites to enable them to benefit from Azure AD features such as single sign-on to cloud and on-premises applications, improved authentication.
• Secure with multi-factor authentication and Windows Hello for Business, Hybrid Azure AD Join, self-service password reset and password protection,
• Windows 10 device auto-enrollment in Microsoft Intune and Azure AD Privileged Identity Protection.
• They also wanted to provide secure access to their on-premises Windows Integrated Authentication-based applications from the Internet for organizational users and users who are members of partner organizations, although they also wanted to be able to relax restrictions when the access is from hybrid Azure.
• AD joined computers residing in their on-premises data centers. The same applications must also be made available to umbbank's business partners.

- HFC BANK GH

Migration from Zimbra Mail to Exchange Server 2016 on-premises

Role : Consultant

Solutions : BitTitan MigrationWiz, Zimbra Mail, Exchange 2016 and AD

Description :

• Prepare the source environmentPrepare o The destination environment
• 
  Migration of 5000 user mailboxes o Exchange Server post-installation tasks

- UNIBANK

Hyper-V 2016 High Availability Cluster

Role : Consultant

Solutions : Windows Server, Hyper-V

Description :

• Installing the Hyper-V role o Installing the failover clustering feature
• Configuring network settings
• Configuring shared storage
• Validating the configuration using the cluster validation wizard
• Creating a failover cluster
• Creating clustered roles to host cluster workloads
• Create a Hyper-V highly available virtual machine in the failover cluster
• Deployment of storage networks with failover clusters o Install the failover clustering feature on each server that will be added as a cluster node
  Create a failover cluster
• Configure a Cloud Witness for the cluster
• Configure Cloud Witness as a quorum witness for the cluster
• Deploy a four-node file server
• Run the cluster validation wizard to validate the configuration

- UMB Bank

Azure Site Recovery (Hyper-V to Azure)

Role : Azure Consultant

Solutions : Azure, Hyper-V, Fortigat

Description :

• Implementation of the architecture of the ASR solution.
• Creation of a site-to-site VPN.
• Enabling replication for production Vms from on-Prem to Azure.
• Validation of failover and fail back tests (from Hyper-V to Azure and vice versa)
• Drafting of the architectural document

- VOLTA RIVER AUTHORITY (VRA)

Active Directory and ADFS

Role : Solution Architect

Solutions : Hyper-V and SCOM, Active Directory and ADFS

Description :

• Execute change management and provide support for scheduled, planned maintenance
• Provide solutions to existing problems and migration paths for legacy systems
• Assist in expanding Windows Servers to hybrid cloud solutions including Hyper-V and SCOM deployment automation, and future cloud service integration
• Provide technical leadership for project based assignments
• Participate in researching and testing next generation technologies such as Windows Server 2016, Nano Server, Powershell, DSC and Chef Integration with Windows Server
• Manage one or more of the following technologies: Active Directory, Hyper-V Cluster, System Center Operations Manager (SCOM), System Center Configuration Manager (SCCM), SQL Server
• Working knowledge of Linux OS in enterprise
• SCCM administration, deployment, troubleshooting and maintenance
• Play a key role in the implementation and integration of an industry-standard IAM solution
• Provide guidance and recommendation around architecture, upgrades, optimization and security enhancements to Microsoft Active Directory and ADFS