April 2016 – Present
Exchange Server and Exchange Online:
• Implementing, Managing and Securing access of the 60,000+ mailbox in Exchange 2010 and Exchange Online hybrid environment.
• Plan, deploy and management of a site-resilient client access services solution of Email system
• Plan, deploy, and manage high availability solutions for mailbox databases
• Plan, deploy and manage a site-resilient Database Availability Group (DAG)
• Enabling BitLocker on Exchange servers to encrypt the Exchange Database
• Enable client connectivity to Office 365, plan firewall configuration for coexistence; plan and configure mail flow requirements
• Plan and manage hybrid deployment, plan and configure certificate and firewall requirements for Exchange Hybrid setup
• Plan, create, and audit federation trusts with Microsoft federation gateways; manage sharing policies; manage organization relationships; plan and create certificate and firewall requirements for federation; troubleshoot Exchange federation trust and organization relationships
• Plan and configure Information Rights Management (IRM) in Exchange, create an RMS template
• Plan and create transport protection rules, plan and create Outlook protection rules, plan and configure journal report decryption, plan and configure IRM for eDiscovery, troubleshoot failed IRM protection.
• Controlling access to the exchange and office 365 using (Role based access control) RBAC polices
• Plan and configure malware filtering; plan and configure connection filtering; plan and configure spam filtering; plan and configure recipient filtering; plan and configure Sender Policy Framework; plan and configure Spam Confidence Level (SCL) thresholds
E-Mail Gateway Security and Compliance:
• Managing complete email security system to protect against ransomware and other advanced email threats delivered through malicious attachments and URLs—including zero-day threats, polymorphic malware, weaponized documents, and phishing attacks
• Management configuration and administration of Cloud Backbone Security Services like Microsoft EOP, ProofPoint, Cisco Ironport, FireEye
• Managing Email Hygiene (Anti-Spam, Anti-Virus, Content Control Services)
• Setting up email encryption between the clients and business partners
• Plan a DLP solution to meet business requirements, plan and configure pre-built rules, plan and create custom rules, plan and configure custom DLP policies.
• Running EDiscovery search and putting data on Legal hold to prevent the permanent deletion of the email data.
• Search and Deletion of the identified malicious email from user mailboxes to prevent infection
Identity and Access Management:
• Implementation and Management of Azure AD Connect to sync the on premise Identity to Azure AD Cloud.
• Implementation and management of (Active Directory Federation Service) ADFS proxy and ADFS servers to secure login and access to office 365
• Implemented Azure AD conditional access device policies to secure and allow access to office365 applications within the client network only.
• Implementation and Management of (Azure Multi Factor authentication) MFA to secure the environmental access.
Mobile Device Management (MDM):
• Securing, Managing and maintaining 20000+ mobile device using MobileIron and AirWatch.
• Define, create and enforcement of enterprise polices in accordance to the current policies defined in the organization to secure corporate data on the company owned Mobile device and BYOD devices.
Audit and Reviews:
• Daily audit of user role group changes.
• Daily auditing of mailbox forwarding rules to external domains to prevent the data breach.
• Daily review of the Mailbox Accessed by Non-Owners report to detect any unauthorized access to mailbox.
• Daily review of Malware Detections report.
• Weekly review of account provisioning activity report.
• Daily review of non-global administrator role group assignments.
• Responsible for New change documentation and implementation, and for run book update.
• Responsible for handling P1, P2 Tickets.
• Automation of daily and weekly review/audit reports using PowerShell scripts.