Cloud Architekt Azure / Microsoft 365 Engineer

In the architecture of today's IT infrastructure, increasingly dynamic requirements must be taken into account and implemented. This is exactly where I have been able to gain experience in the past and would like to bring this experience to you. As a cloud architect, I not only helped design the solutions, I also implemented them myself. 
That means I don't design "castles in the air", but application-oriented and practical solutions. From automation and optimization to security and maintenance, I favor holistic conceptual solutions (which take into account future needs for adaptation and change).

My focus competence is clearly in the area of the Microsoft Azure or Microsoft 365 environment. However, in my previous work, I have also been able to manage interfaces to other hyperscalers or third-party SaaS/PaaS services time and again.

I am sure that I can support you to continue the success story with you and would be happy to answer the upcoming challenges with suitable IT solutions.
 

---

Teamlead Role:

• Disciplinary and technical responsibility of the team
• Continuing education of the team
• Development plans
• Building the team and expanding the team members
• Contract handling
• Service provider coordination
• Leadership of projects for Azure, Dynamics365 and Microsoft 365
 

---

Microsoft 365 Engineer/Architect:

• Azure Identity & Access Management
• Conditional Access
• Licensing of M365 Suite and Office Suite
• M365 Security and Compliance
• Defender for Office 365
• Defender for Endpoint P1/P2
• Defender for Identity
• MFA Rollout of 12000 Users
• File migration to SharePoint/Onedrive
• Access Control of devices and users
• Management of Exchange Online in hybrid infrastructure
• Cloud App Security Broker
• Migration of CSP to EA contract
• Integration and connection to RAPID7 (API / Connectors)
• Intune / Microsoft Endpoint Manager (Scope 8000 Users)
• Onboarding in Intune with hybrid join
• Policy-Set of Security Baselines and Configuration Policies
• ASR Deployment
• Defender AV Deployment
• EDR Feature Deployment
• Active Hunting (KQL)
• Bitlocker Rollout
• Compliance & Configuration Policies for special cases
 

---

Incident Response:

Lockbit
• AdHoc strategy for 500 clients
• Autopilot via App Registration and Onboarding Script
• MS Defender Rollout P2 and all Features like ASR, FW
• Devices Policies (very restrictive)
• Bitlocker
• Software Deployment
• Update Management via Update Cycles
 
Blackbyte
• Rebuild of infrastructure and azure ad
• Build up new processes
• Defender for Office 365
• Defender for Endpoint P2
• Update management via Intune with Update Cycles
• MS Defender Rollout P2 and all Features like ASR, FW
• Bitlocker
• Software Deployment
• Client Hardening
• Windows 11 Rollout and Support
• Hardening of Azure AD
 

---

Azure Architect / Azure Engineer:

Certificates

• AZ 500
• AZ900
• AZ 303 & AZ 304

• Architecture of the Azure Landing Zone with Hub & Spoke Design
• Creation of Azure Tenant
• Azure Tenant Reviews (Security & Governance & Compliance)
• Azure Policies
• Microsoft Defender for Cloud
• Azure Security and Compliance Center
• Azure Security Baseline
• Azure BluePrints
• Remediation tasks
• Azure Identity & Access Management
• Azure Entra
• Conditional Access
• Self Service Password Reset Features Deployment
• PIM Feature Deployment
• Risky User & Risky Sign-in Handling
• Azure AD as IdP for 3rd Party Apps (SAML, Oauth, OIDC)
• Azure AD Connect with Password Hash Sync
• Replacement of ADFS
• ExpressRoute Connection between Datacenter and Azure Datacenter
• Azure Networks
• User Default Routes
• Azure Private endpoints
• Azure Routing
• Azure Private DNS
• Azure Infrastructure (IaaS)
• Design and Concept
• Security Requirements
• Deployment with IaC (Terraform)
• Migration of onprem services and systems to azure
• Azure Monitoring and Insights
• Azure Files in a hybrid environment
• IaaS / PaaS / SaaS
• Azure Firewall in Hub & Spoke Architecture
• Azure Virtual Desktops (FSLogixm Golden Image)
• Azure Automation