The SEER Group
Senior IAM & Security Systems Engineer (2025 – Present)
At The SEER Group, I’ve served as the senior engineer leading enterprise-wide identity, security, and IT modernization efforts for a rapidly expanding multi-site organization. My work blends IAM architecture, cloud security engineering, and incident response leadership, ensuring that operations remain both scalable and compliant during aggressive growth and M&A activity.
I architected the company’s Azure Entra ID governance framework from the ground up — implementing RBAC models, Conditional Access policies, and multi-factor authentication to secure a hybrid environment spanning on-prem Active Directory and cloud-native workloads. I built automated identity lifecycle processes using Terraform and GitHub Actions, enabling seamless user provisioning/deprovisioning aligned with compliance frameworks including HIPAA and NIST 800-53.
Beyond identity, I drove the transition of Service Desk operations from an MSP to fully in-house support, developing ITIL-aligned processes for access reviews, entitlement audits, and incident escalation. I led incident response and forensic investigations, deploying and tuning Microsoft Sentinel as the organization’s SIEM and integrating log sources from endpoints, firewalls, and cloud services for unified threat detection and response.
Additional contributions include:
– Security hardening and monitoring across endpoints with ESET and Todyl SIEM.
– Designing hybrid network and security architectures to support geographically distributed business units.
– Acting as the primary security liaison to executive leadership, translating technical threats into business risk and driving remediation strategies.
– Mentoring junior engineers and leading audit readiness for internal and external compliance assessments.
– Overseeing cloud adoption and automation initiatives spanning Azure, AWS, and GCP environments to standardize deployments and reduce operational overhead.
These efforts collectively elevated the organization’s security posture, improved audit outcomes, and created a resilient, scalable IT foundation capable of supporting future acquisitions and enterprise growth.
I also led incident response and forensic analysis efforts, deploying and tuning Microsoft Sentinel for SIEM use and integrating logs from endpoints, firewalls, and cloud resources. This work provided actionable intelligence for both operational teams and executive leadership during security events.
InTech Consulting
System Administrator (2023 – 2025)
At InTech Consulting, I served as a system administrator and security engineer during a period of rapid organizational restructuring and modernization. My role spanned enterprise IAM architecture, security operations, and automation engineering, with a focus on transforming fragmented environments into cohesive, compliant, and highly automated ecosystems.
I led the design and deployment of service operations frameworks including CIPP (Cloud Identity Policy Planner) and Central O365, enabling consistent governance and policy enforcement across multiple tenants. I also owned the technical architecture for SIEM platforms, deploying and tuning Todyl and Microsoft Sentinel for comprehensive endpoint and cloud log aggregation, threat detection, and incident response.
A key initiative was the integration of advanced automation and RPA workflows using Rewst and ImmyBot, reducing manual provisioning, onboarding, and endpoint deployment tasks by up to 70%. These workflows streamlined IT operations across MSP-managed and internal environments while aligning with compliance frameworks like HIPAA, ITAR, and CMMC.
I also contributed to strategic security and compliance initiatives, including gap assessments, POA&M development, and audit readiness for regulated clients. Acting as a bridge between executive leadership, engineering teams, and auditors, I translated technical security measures into business risk language, driving faster remediation and more resilient infrastructure.
Additional contributions include:
– Designing and enforcing multi-factor authentication (MFA) and Conditional Access policies across client environments.
– Managing hybrid Active Directory integrations with Azure and Okta for secure, scalable identity services.
– Implementing endpoint protection and monitoring solutions (ESET, Todyl) across diverse client fleets.
– Mentoring junior staff and standardizing incident response playbooks for high-severity events.
– Supporting federal and commercial compliance efforts through policy alignment and evidence collection.
This work positioned InTech to deliver enterprise-grade IAM and security solutions to its clients, reduced operational overhead, and improved response times to emerging threats across varied regulatory environments.
Mount Carmel School
Systems & Security Administrator (2021 – 2023)
At Mount Carmel School, I served as the sole IT administrator responsible for end-to-end infrastructure design, deployment, and support for over 1,000 students and 2,000 managed devices. This role required deep expertise in network architecture, identity management, and compliance-driven IT modernization.
I spearheaded a complete infrastructure overhaul valued at over $340,000, funded through the FCC’s E-Rate program. This included redesigning the school’s wired and wireless networks, deploying mobile device management (MDM) solutions, and modernizing security frameworks to meet stringent compliance standards such as HIPAA, FERPA, CIPA, and COPPA.
A cornerstone of this transformation was the implementation of centralized identity infrastructure using LDAP and Google Workspace for Education. I built an automated student onboarding portal leveraging Google Forms and cloud-based scripting, dramatically reducing manual account provisioning and aligning with best practices for lifecycle management.
Additional key initiatives included:
– Deploying MDM policies for over 2,000 Chromebooks and iPads, including enrollment workflows and security baselines.
– Conducting security audits and remediations to ensure continued eligibility for federal funding.
– Negotiating broadband contracts and optimizing network performance, achieving annual cost savings of over $60,000.
– Implementing multi-factor authentication (MFA) and password management protocols to secure student and faculty accounts.
– Leading the design and deployment of datacenter refreshes and endpoint upgrades for classrooms and labs.
Through this work, I transformed Mount Carmel’s IT environment from fragmented and reactive to modern, secure, and highly automated — enabling the school to scale technology initiatives while maintaining compliance and fiscal responsibility.
Winning With Rehab
IT Administrator (2018 – 2021)
As the sole IT administrator for a remote healthcare startup, I built and managed a secure infrastructure supporting HIPAA and PHI compliance. My work encompassed Microsoft 365 administration, identity and access control, and endpoint security for a distributed team.
I implemented multi-factor authentication, role-based access policies, and mobile device management solutions to ensure data security. I also designed network and endpoint configurations, enforced patching schedules, and supported end-user needs in a fully remote setting.
Tech Connection Inc.
Junior Technician (2018 – 2019)
At Tech Connection, I began my career supporting ISP/MSP operations, assisting senior engineers with network installations, cabling, and desktop support. This role provided foundational experience in client communication, troubleshooting, and infrastructure deployment.
I gained exposure to designing copper and fiber network infrastructure specifications, installing and configuring firewalls, and assisting with Windows-based desktop rollouts and support tickets.
Overview
I am a senior IT and security engineer with over seven years of experience designing, implementing, and securing hybrid infrastructures across cloud and on-prem environments. My career has centered on identity and access management (IAM), security operations, and DevSecOps practices, enabling organizations to modernize their technology stacks while maintaining compliance with frameworks like HIPAA, ITAR, and NIST 800-53.
I have delivered end-to-end projects that combine secure architecture with automation — from building Terraform-based multi-cloud deployments and CI/CD pipelines in GitHub Actions, to enforcing RBAC and Conditional Access in Azure Entra ID and monitoring them via Microsoft Sentinel. My work spans Okta-supported SSO environments, Google Directory integration, and comprehensive lifecycle automation for user provisioning and access reviews.
Beyond identity, I’ve architected network and endpoint security solutions leveraging FortiGate, SonicWall, and Unifi firewalls, as well as enterprise endpoint protection platforms like ESET and Todyl. This breadth allows me to bridge infrastructure, security, and compliance needs seamlessly, and to guide organizations through both day-to-day operations and large-scale modernization initiatives.
My approach blends technical depth with process discipline, drawing on ITIL-aligned service management practices and a DevSecOps mindset to deliver secure, resilient, and scalable systems that align with business priorities.
Cloud / DevOps
In my Cloud and DevOps work, I’ve architected fully automated deployment pipelines using GitHub Actions, integrating continuous integration and continuous delivery (CI/CD) across multi-cloud environments (GCP, Azure, AWS). These pipelines validate code, execute infrastructure tests, and deploy to production targets such as Firebase Hosting — incorporating advanced features like conditional retries, dynamic directory detection, and usage‑based triggers tied to budget alerts and Pub/Sub events for automatic infrastructure teardown when cost thresholds are exceeded.
I’ve designed secure authentication flows between CI/CD pipelines and cloud APIs, leveraging secret management (e.g., base64‑encoded service account keys, Google Secret Manager) and least‑privilege IAM roles scoped to each deployment stage. This ensures deployments are both reproducible and compliant with security frameworks such as HIPAA and NIST 800‑53.
Beyond pipeline engineering, I’ve implemented infrastructure‑as‑code (IaC) solutions using Terraform to provision and manage cloud resources across environments. My configurations are modular and portable, designed to support multi‑tenant architectures and cross‑project deployments with minimal overhead. I’ve also integrated IaC with monitoring and alerting solutions, enabling real‑time observability of deployment health and cost metrics.
This combination of automation, security‑first design, and cross‑cloud expertise provides a strong DevSecOps foundation — enabling rapid iteration, safe deployments, and predictable cost control at scale.
Security
I’ve led incident response operations and forensic investigations across hybrid enterprise environments, coordinating with technical and executive teams during high-severity security events. My experience includes architecting Microsoft Sentinel SIEM deployments from the ground up, implementing custom analytics rules, data connectors, and response playbooks to detect, contain, and remediate threats.
In my roles, I’ve enforced strong access control measures through Azure RBAC (role-based access control) and Conditional Access policies, ensuring least-privilege principles and risk-aware authentication models are embedded across cloud and hybrid systems. I’ve also deployed and managed endpoint protection tools such as Todyl and ESET, conducted log correlation, and integrated SIEM outputs with governance workflows.
My work has spanned multiple regulated environments where I’ve applied and mapped security controls to compliance standards such as HIPAA, ITAR, and NIST 800-53. I’ve contributed to POA&Ms, SSPs, audit readiness documentation, and supported the design of compliant infrastructure from policy through technical implementation.
Identity & Access Management (IAM)
I’ve led the design and deployment of IAM architectures in environments using Azure Entra ID (Azure AD), Active Directory, LDAP, and Google Directory. This includes building hybrid identity environments, integrating cloud and on-prem directories, and enforcing security through group-based access, attribute-level controls, and Conditional Access policies.
I’ve worked extensively with Microsoft Sentinel to monitor identity-related events, enforce policy compliance, and automate alerts and remediation. I’ve designed and implemented robust RBAC models, mapped to organizational roles and compliance frameworks, ensuring users and services have only the minimum access required.
In regulated client environments, I’ve aligned IAM practices to standards such as HIPAA, NIST 800-53, and ITAR — performing access reviews, contributing to governance documentation, and supporting security audits. My IAM expertise blends operational execution with long-term security strategy.
Automation / Monitoring
I’ve built automation solutions that eliminate repetitive tasks and accelerate IT operations, leveraging tools like Rewst for robotic process automation (RPA) and ImmyBot for automated workstation deployment and lifecycle management. These workflows reduce manual overhead, enforce consistency across endpoints, and integrate directly into service desk and identity ecosystems.
For security monitoring, I’ve deployed and tuned Microsoft Sentinel and Todyl SIEM platforms, correlating logs across cloud and on-prem environments to detect anomalies and trigger incident response playbooks. This includes creating custom analytics rules, integrating endpoint telemetry, and aligning detection logic to frameworks like MITRE ATT&CK.
I also have extensive experience configuring monitoring and alerting across infrastructure components — from syslog and Auditd on Linux systems to network telemetry on firewalls and VPNs. These monitoring pipelines feed into both automated response workflows and compliance reporting, supporting audits for frameworks like HIPAA, ITAR, and NIST 800-53.
By combining automation and monitoring, I’ve established closed-loop feedback systems that not only detect and respond to incidents but also continuously improve policy enforcement and operational reliability across diverse IT environments.
Networking / Endpoint
I’ve designed, deployed, and maintained network infrastructures spanning firewalls, VPNs, and VLAN-segmented environments using platforms such as FortiGate, SonicWall, and Unifi. My work includes configuring routing, DNS, DHCP, and implementing network security policies that align with least-privilege and zero-trust principles.
On the endpoint side, I’ve managed large-scale fleets of devices through mobile device management (MDM) platforms and enterprise endpoint protection suites, including ESET and Todyl’s endpoint monitoring tools. This covers configuration enforcement, automated patching, compliance baselining, and rapid incident response for compromised or misconfigured devices.
I’ve also integrated endpoint telemetry into SIEM pipelines (e.g., Microsoft Sentinel) and RMM platforms (Kaseya, ConnectWise) to unify monitoring and alerting across Windows, Linux, and hybrid environments. These integrations enable real-time visibility into device health, security posture, and compliance status across thousands of endpoints.
By combining network architecture expertise with endpoint lifecycle management, I ensure secure and reliable connectivity from the infrastructure layer through to individual user devices — supporting regulated environments under HIPAA, ITAR, and NIST 800-53 frameworks.
Education
Bachelor of Science in Cybersecurity
Western Governors University — Expected 2025
I'm currently completing my Bachelor of Science in Cybersecurity at Western Governors University, with an expected graduation in 2025. This program is competency-based, allowing me to accelerate through subjects where I bring real-world experience — including identity and access management (IAM), network security, incident response, and regulatory compliance (HIPAA, NIST, ITAR, etc.).
My coursework and projects reflect the work I’ve done professionally: designing secure infrastructure, implementing automation, and aligning security operations with governance and risk management objectives. This academic foundation reinforces my hands-on experience and supports my path toward senior-level security engineering and DevSecOps roles.
Certifications
CompTIA Security+
Awarded by CompTIA, this certification validates foundational knowledge in security architecture, network defense, identity and access management, and incident response. It serves as a recognized benchmark across government and industry sectors, particularly in roles requiring strong security posture and risk mitigation.
CompTIA Network+
This certification demonstrates proficiency in managing and troubleshooting wired and wireless networks. It covers essential networking concepts such as protocols, subnetting, routing, and network infrastructure — forming a solid base for my work in secure infrastructure and cloud networking.
ITIL 4 Foundations
This certification demonstrates an understanding of modern IT service management, emphasizing a value-driven, lifecycle-based approach to IT operations. It reflects my ability to align technical processes with business goals through standardized service delivery, continual improvement, and cross-functional coordination.
Certified Information Systems Security Professional (CISSP) – In Progress
Actively pursuing CISSP certification to further formalize my experience in security operations, risk management, IAM architecture, and systems hardening. This globally respected certification represents the next stage of my journey into senior cybersecurity leadership and complex enterprise design.