Yasir Dalvi

Dynamic IT security professional with extensive expertise in deploying and implementing comprehensive M365 solutions, including Entra ID, Defender Suite, and Microsoft Information Protection. Proficient in cloud security, endpoint protection, and data protection, with hands-on experience in vulnerability management and network security. Demonstrated ability to implement multi-factor authentication (MFA), single sign-on (SSO), and identity management technologies, along with a robust understanding of both Windows and Linux operating systems. Skilled in conducting vulnerability assessments and penetration testing for web applications and network devices while managing security products such as log management systems and firewalls to enhance organizational security posture.

Microsoft Certification: Microsoft Certified Azure Security Engineer Associate AZ-500 Microsoft Certified Azure Fundamentals AZ-900 Microsoft Security Operations Analyst Associate SC-200 Microsoft 365 Certified Identity and Access Administrator (SC-300) Microsoft Information Protection (SC-400) Microsoft Certified Security, Compliance, and Identity Fundamentals SC-900 Microsoft 365 Certified: Enterprise Administrator Expert Microsoft 365 Certified Security Administrator Associate MS-500 Microsoft Certified 365 Fundamentals MS-900

• Reported 140+ vulnerabilities on Openbugbounty.org.
• Reported vulnerabilities on more than 10+ VIP web applications.
• Got recommended on Openbugbounty
• Certification of Achievements in MITRE ATT&CK DefenderTM (MAD) ATT&CK SOC Assessments
• Certification of Achievements in Foundations of Breach & Attack Simulation by ATT&CK IQ
• Certification of Achievements in Foundations of Operationalizing MITRE ATT&CK by ATT&CK IQ
• Certification of Achievements in Foundations of Purple Teaming by ATT&CK IQ
• Certification of Achievements in Introduction to FIN6 Emulation Plans by ATT&CK IQ

• Microsoft Azure Fundamentals AZ 900
• Azure Security Engineer Associate AZ-500
• Security, Compliance, and Identity Fundamentals (SC-900)
• Information Protection Administrator Associate (SC-400)
• Identity and Access Administrator (SC-300)
• Security Operations Analyst Associate (SC-200)
• 365 Fundamentals (MS-900)
• Security Administrator Associate (MS-500 Cisco Umbrella)
• Duo 2 Factor authentication
• Trend Micro
• Alien Vault
• Azure Security Center
• Nessus
• M365
• Qualys (VM, Policy Compliance, Cloud Agent, Scanning Strategies)
• Complete Linux Administration
• Web application penetration testing
• MITRE ATT&CK DefenderTM (MAD) ATT&CK SOC Assessments Certification Training
• Foundations of Breach & Attack Simulation
• Foundations of Operationalizing MITRE ATT&CK
• Foundations of Purple Teaming
• Introduction to FIN6 Emulation Plans
• AWS Certified Cloud Practitioner
• AWS Certified Solutions Architect - Associate
• AWS Cloud Practitioner Essentials Day

CLIENT

PROJECT

RESPONSIBILITIES

Government Authority

M365 and SCCM Implementation

• Managed AD synchronization with Entra ID, including user and group administration.
• Configured Intune for Windows and macOS onboarding, along with Defender for Endpoint.
• Fine-tuned GPOs and facilitated hybrid AD join for existing and new devices.
• Migrated user profile data to new environments.
• Developed and applied Microsoft DLP, and Intune policies.
• Developed Defender for Endpoint on Windows and MacOS and apply Defender policies.
• Deployed SCCM and configured Defender for Identity.
• Provided ongoing support.

IT Consulting & Digital Transformation Services

M365 Tenant to Tenant Migration

• Information gathering
• Migrating SharePoint Sites using ShareGate
• Migrating OneDrives using ShareGate
• Migrating Teams using ShareGate
• Migration Exchange (Mailbox) using ShareGate
• Tracking Migration by maintaining proper documentation

Investment

Operation

• Daily Operation
• Email Monitoring
• Security Incident and Alert Monitoring

Government Authority

Cloud Infrastructure

• Designed and deployed cloud infrastructure, including VNETs, subnets, VMs, and load balancers.
• Configured and managed FortiGate firewalls and F5 load balancers.
• Published web applications and ensured seamless traffic flow.
• Provided ongoing firewall and F5 management, along with technical support.

IT Consulting & Digital Transformation Services

M365 Assessment

• Gathering current environment details (AD, Exchange, SharePoint, Teams, OneDrive, etc.)
• Reviewing licensing, subscriptions, and service usage
• Assessing identity and access management configurations (AAD, MFA, SSO, Conditional Access)
• Evaluating collaboration tools SharePoint and OneDrive
• Checking security and compliance posture (Purview, Defender, DLP, eDiscovery, audit logs)
• Recommending improvements and best practices for M365 adoption
• Preparing a detailed assessment report with findings and recommendations

Aviation

Recovery Project

• Root Cause Evaluation (RCE) for incidents.
• Implemented best practices in Entra ID.
• Recreated user and group structures within Entra ID.
• Reconfigured Cisco Umbrella and Cisco Duo for seamless integration with Entra ID.
• Conducted multiple customer sessions on migrating legacy profiles to new profiles.

Government Authority

GPO Project

• Conducted fine-tuning and validation of Group Policy Objects (GPOs) with respective owners.
• Managed CRQ processes for GPO deletions and modifications on a weekly basis.
• Compiled a final GPO inventory, including ownership details.
• Deployed and configured a GPO management solution.
• Created HLD, LLD, and As-Built documentation.
• Presented project status internally and to customers.

Government Authority

Endace Project

• Installed and configured Endace appliances.
• Designed architecture and integrated Endace appliances with IXIA for traffic forwarding.
• Collaborated on third-party integrations.
• Developed HLD, LLD, As-Built, and Work Instruction documentation.
• Delivered project updates in internal meetings.
• Managed CRQs for change implementation and ensured smooth document handover.

Government Authority

IXIA Project

• Deployed and configured IXIA appliances, including TAP installations.
• Captured and analyzed network traffic through IXIA TAPs.
• Developed High-Level Design (HLD) and Low-Level Design (LLD) documentation.
• Created As-Built documentation and facilitated document handover.
• Provided regular project updates in internal meetings.
• Raised Change Requests (CRQ) for necessary modifications.

Government Authority

Cisco Umbrella

• Cisco Umbrella Solution planning.
• Policies Configuration
• Package ceration (Agent and Root certicate)
• Roaming Agent and certificate installation
• Finetuing of Policies

Shipping Company

Cloud & Infrastructure Security

• Recovery for Ransomware and recovery from backup
• Promotion of Domain controller and cleanup of Domain
• Installation of AD connect for hybrid identity
• Configuration review of Azure Cloud Infrastructure
• Configuration and implementation of Defender for identity on Domain Controller
• Implementation on DUO MFA for windows Servers for remote login and administrator task on servers.
• Implementation for Microsoft Defender for Endpoint and Servers
• Deployment of Cisco Umbrella DNS security for endpoints
• Configuration review of Sonicwall Firewall and fine-tuning security policies
• Day-to-Day Operation

Construction

M365

• Identity and access management using Azure Active Directory
• Custom domain adding
• Live mail migration from Gmail to M365
• Creating Configuration and Compliance policies in Intune.
• Creating SharePoint sites and Implement Policies for those sites and OneDrive (Meeting customer user access requirements i.e., Users should should not delete or download files)
• Configuration and Implementation of Azure Information Protection.
• Creating Conditional Access policies.
• Implementing policies for Defender for O365
• Configuration and Implementing Endpoint DLP
• Configuration and Implementing Microsoft Defender for Cloud Apps

IT Service Provider

M365

• Identity and access management using Azure active Directory
• Live migration from G Suite to M365 (Exchange).
• Devices enrollment and onboarding in Azure AD, Defender for business and Intune.
• Creating Configuration and Compliance policies in Intune.
• Creating SharePoint sites and Implement Policies for those sites and OneDrive
• Configuration and Implementation of Azure Information Protection.
• Creating Conditional Access policies.
• Implementing policies for Defender for O365.

Online trading and Clearance

M365

• To enroll devices in Azure AD, Defender for Endpoint and Intune.
• Creating Configuration and Compliance policies in Intune.
• Creating Anti-Virus, Attack Surface Reduction and Account Protection policies in Defender for Endpoint.
• Creating SharePoint sites and Implement Policies for those sites and OneDrive.
• Configuration and Implementation of Azure Information Protection.
• Implementing policies for Defender for O365.
• Creating Conditional Access policies.
• Implementing policies for Defender for O365.
• Implementation and Configuration of Cisco Umbrella SIG.
• User provisioning using Azure AD in Umbrella SIG.
• Umbrella agent installation on end user devices.
• Creating DNS and Web Policy in Umbrella.
• Implementation and Configuration of Cisco Duo.
• User provisioning using Azure AD in Duo.
• Configuring Admin SSO for Duo admin using AzureAD.
• Configuring AzureAD for Duo MFA.
• Duo agent installation on end user devices.
• Creating Globel Policy

Aviation

M365

• Identity and access management using Azure active Directory
• To perform Domain joining to all devices
• Implementation and Configuration of Cisco Umbrella SIG.
• User provisioning using Azure AD in Umbrella SIG.
• Umbrella agent installation on end user devices.
• Creating DNS and Web Policy in Umbrella.
• Implementation and Configuration of Cisco Duo.
• User provisioning using Azure AD in Duo.
• Configuring Admin SSO for Duo admin using Azure AD.
• Configuring Azure AD for Duo MFA.
• Duo agent installation on end user devices.
• Creating Global Policy.

IT Service Provider

SSO

• Sound Knowledge in configuration and administration of Azure Active Directory as a Identity provider for SSO.
• Configuration and management of Single Sign On with SAML 2.0 Authorization standard.
• SSO Implementation of 3rd party Applications like Dropbox for Buisness and SalesForce with Azure AD having Connectors available as Enterprise Applications.
• Configuring and Implementing SSO from scratch with Custom Applications like TrendMicro Workload Security without pre enabled connectors.
• Auto Provisioning of AD users and Groups for SSO.

CA Org

M365

• Identity and access management using Azure active Directory
• Live migration from G Suite to M365 (Exchange).
• Implementing policies for Defender for O365.

Manufacturing

M365

• Identity and access management using Azure active Directory
• Creating SharePoint sites and Implement Policies for those sites and OneDrive
• Configuration and Implementation of Azure Information Protection.
• Implementing policies for Defender for O365.

IT

Duo MFA

• Configuring Duo 2FA on accessing Windows, Linux endpoints and elevated Command Prompts.
• Synchronizing users for Active Directory with duo AD sync.
• Enabling Duo Plugins on WordPress Websites.
• Implementing CISCO Duo 2FA on Networking devices using Radius Server.
• Monitoring and reviewing logs for system performance and maintenance

Pharmaceutical

Web Application Testing

• To perform Vulnerability scan and Manual testing
• Perform manual testing for any false positive.
• Discovering several types of Vulnerabilities across the web application
• After completion of manual testing, Vulnerabilities found are reported with

E-Commerce

Web Application Testing

• To perform Vulnerability scan and Manual testing
• Perform manual testing for any false positive.
• Discovering several types of Vulnerabilities across the web application
• After completion of manual testing, Vulnerabilities found are reported with solution.

Educational

Web Application Testing

• To perform Manual testing
• Discovering several types of Vulnerabilities across the web application
• After completion of manual testing, Vulnerabilities found are reported with solution.

IT Solution

Web Application Testing

• To perform Vulnerability scan and Manual testing
• Perform manual testing for any false positive.
• Discovering several types of Vulnerabilities across the web application
• After completion of manual testing, Vulnerabilities found are reported with solution.

Web Application

Implementation of Web Application Firewall (WAF)

• Deploying WAF for multiple web applications
• Importing and configuring DNS entries
• Investigating proper implementation of the newly configured WAF.

IT Operator

Nipper Vulnerability Assessment

• Investigation Vulnerabilities arising from the configuration of the network appliances.
• Investigation Vulnerabilities arising from the chosen technology.
• Investigating Vulnerabilities arising from outdated software

IT Service Provider

Cloud Security DNS Based

• Configuring CISCO Umbrella Portal
• Assigning fixed DNS server address (Cisco DNS resolver) to all the machines in the network.
• Creating and Managing Policies for allowing or blocking traffic in reference to Content, Application, block Pages, Security and File inspection settings.

IT Operator

Qualys VMDR and Compliance

• Managing and coordinating the service for devices in three Geographical sites.
• Creating a high-level network overview with the help of host discovery to create asset inventory.
• Configuring and deploying the Qualys Virtual Appliance used for vulnerability scanning.
• Integration of Azure cloud network Qualys to secure cloud network and Assets.
• Deploying Cloud Agent on Roaming computers.
• Creating customized Policy Compliance and Security Configuration profiles depending on the requirement.
• Scheduling Vulnerability scans, compliance scans in a timely fashion and analyzing the reports generated.
• Leveraging multiple reporting and dashboard options provided to create customized reports and eliminating false positives and forwarding the findings to the Manager.
• Creating remediation policies and Assigning Users for remediation who will manage the tickets generated.