IT Security Engineer

• Successfully integrated Microsoft Modern Authentication solutions within the organisation, including Multifactor Authentication (MFA), conditional access for Azure AD, and Single Sign-on, significantly enhancing the organisation's security posture.
• Conducted regular vulnerability assessments and penetration tests to proactively identify and address security issues before they could be exploited by attackers.
• Deployed and secured cloud applications hosted as SAAS and federated on-premises, reducing security vulnerabilities and improving system reliability.
• Conducted thorough vulnerability assessments and security reviews for applications and identities, identifying and mitigating risks before they could be exploited by malicious actors.
• Collaborated with neighbouring departments like HR and Legal to compile the organisation's official security review procedures for 3rd party vendors, ensuring all vendors meet the organisation's strict security requirements.
• Conducted regular security awareness training for internal users, reducing the likelihood of security breaches due to human error.
• Configured Microsoft DLP for Microsoft 365 services, such as Exchange Online and SharePoint Online, to accurately identify and classify sensitive data, including personally identifiable information (PII), financial data, and intellectual property, preventing unauthorised access and data leakage.
• Conducted reviews of the organisation's log sources within the SolarWinds environment.

‍

System Security Engineer

• Led the development and implementation of secure information systems for storing government data, including system, network, database, and security technologies.
• Championed the successful deployment of Microsoft Modern Authentication across the entire state of Colorado, enhancing security measures and streamlining access management processes.
• Reviewed and fine-tuned parsing rules specific to the organisation's environment and log sources, ensuring accurate and efficient parsing of log data.
• Chosen to participate in the Change Advisory Board, contributing to discussions on technical changes, policies, and security that affect the overall network and system enclaved.
• Configured and optimised McAfee DLP policies and rules to align with the organisation's data security requirements, minimising false positives and ensuring accurate detection and prevention of data breaches.
• Developed and implemented an email security policy, including SPF and DKIM validation, to prevent phishing attacks and ensure secure email communications.
• Assisted in the decommissioning process of outdated or redundant Splunk instances.
• Created and updated technical documentation relating to system changes and configurations, ensuring accurate and up-to-date information for future reference.
• Developed and executed patch management processes to ensure all systems were up-to-date and protected from potential exploits.
• Configured LogRhythm within the organisation's infrastructure to centralise and analyse security logs from various sources.
• Collaborated with the development team to design and implement an application security pipeline using Kubernetes and AKS, which resulted in a streamlined and automated process for identifying and addressing security issues.

‍

Identity and Access Management Analyst

• Successfully resolved numerous issues related to access management and provisioning workflows, ensuring seamless operations for the client.
• Conducted comprehensive Identity and Access Management (IAM) activities, including user provisioning, access review, and role-based access control, to enhance security and improve efficiency.
• Managed operations within the IAM environment at the client, including proactive application patching and upgrades, thorough certificate management, and diligent monitoring of access logs to mitigate risks.
• Efficiently executed various security-related activities, including User ID management, significantly enhancing the overall security posture of the organisation.
• Utilised advanced Access Management tools such as Privilege Access Management (PAM), Active Directory, and other related solutions to effectively manage access to client systems.