Skip to content
View suresh-1001's full-sized avatar

Block or report suresh-1001

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
suresh-1001/README.md

Hi, I'm Suresh Chand 👋

Director of IT · San Jose, CA
20+ years building, securing, and operating enterprise infrastructure — from fintech to SaaS to enterprise.

I'm hands-on across the full stack: identity, endpoints, Linux infrastructure, containers, monitoring, compliance, and automation. I don't just manage IT — I build it.

Suresh Chand Banner 📄 View my case studies · 💼 LinkedIn · 🌐 Linesight Digital

🔑 What I Work On

Area Tools & Technologies
Identity & Access Microsoft Entra ID · Conditional Access · MFA · Intune · Active Directory
Security & Compliance PCI DSS 4.0.1 · CIS Benchmarks · Kali Linux · Wazuh · Defender for Endpoint
Linux Infrastructure Ubuntu 22.04/24.04 · Fedora CoreOS · Docker · Podman · NGINX · FreeRADIUS
Monitoring & Observability Prometheus · Grafana · Alertmanager · Wazuh · Elasticsearch
Automation & Scripting PowerShell · Python · Microsoft Graph SDK · Butane/Ignition · systemd
Email Security DKIM · DMARC · SPF · OME · Exchange Online
Cloud & Networking Azure · OCI · Cloudflare · Technitium DNS
Virtualization VMware ESXi · vSphere · Hyper-V · Proxmox

🏆 Career Highlights

  • ✅ Led PCI DSS 4.0.1 certification end-to-end — gap analysis through audit completion — at a fintech company
  • ✅ Built automated evidence pipeline cutting audit prep time by ~60%
  • ✅ Designed Entra ID Conditional Access architecture balancing security and usability at scale
  • ✅ Resolved a company-wide email outage caused by sensitivity label encryption misconfiguration
  • ✅ Deployed Prometheus + Grafana + Alertmanager stack with Telegram alerting for real-time ops visibility
  • ✅ Built Fedora CoreOS + Podman infrastructure using Butane → Ignition automated provisioning
  • ✅ Implemented 1-click on/offboarding via PowerShell + Intune + Slack reducing provisioning from hours to minutes

📂 Featured Repos

Repo What It Does
case-studies Real-world IT wins — PCI DSS automation, on/offboarding, SOC visibility
pci-dss-certification-automation PowerShell/Python evidence collectors for PCI DSS 4.0.1
pci-dss-evidence-assistant AI-powered PCI DSS documentation workflow
linux-server-onboarding-baseline Bash script to harden and baseline fresh Linux servers
email-authentication-audit-toolkit SPF, DKIM, DMARC audit + DNS validation scripts
Enterprise-Infrastructure-Architecture On-prem infrastructure playbooks — AD, Veeam, Puppet, DR
m365-intune-device-management-baseline Intune device hardening and compliance baseline
it-ops-control-center FastAPI + Prometheus/Grafana unified IT ops dashboard

🧰 Current Stack

Microsoft: M365 · Entra ID · Intune · Exchange Online · SharePoint · Defender · PowerShell
Linux: Ubuntu · Fedora CoreOS · Docker · Podman · NGINX Proxy Manager · Portainer
Monitoring: Prometheus · Grafana · Alertmanager · Wazuh · Node Exporter
Compliance: PCI DSS 4.0.1 · CIS Benchmarks · DKIM/DMARC/SPF
Cloud: Azure · OCI · Cloudflare
Virtualization: VMware ESXi · Hyper-V · Proxmox · vSphere

💼 Open To

  • Director of IT / Cloud Infrastructure / DevSecOps roles — remote or hybrid, Bay Area preferred
  • Upwork consulting — Microsoft 365, Linux infrastructure, PCI DSS compliance, security hardening

📬 suresh@echand.com · linkedin.com/in/sureshchand01

Pinned Loading

  1. email-authentication-audit-toolkit email-authentication-audit-toolkit Public

    SPF, DKIM, and DMARC audit toolkit with AWS SES configuration guidance, DNS validation scripts, and email deliverability troubleshooting tools.

    PowerShell

  2. Enterprise-Infrastructure-Architecture Enterprise-Infrastructure-Architecture Public

    Enterprise-grade on-prem infrastructure architecture playbooks (AD, Veeam, Puppet, DR)

  3. it-ops-control-center it-ops-control-center Public

    FastAPI UI + Prometheus/Grafana to unify systems, security, and automation (SOC 2 friendly)

    Python

  4. m365-compliance-showcase m365-compliance-showcase Public

    Read-only M365 evidence exports & posture checks (NIST/CMMC) — demo module + CI

    PowerShell

  5. pci-dss-evidence-assistant pci-dss-evidence-assistant Public

    AI-powered, company-agnostic PCI DSS v4.0.1 documentation workflow (prompts + templates + tracker)

  6. Secure-Windows-Baseline-Framework Secure-Windows-Baseline-Framework Public

    PowerShell