IAM Engineer · Identity & Access Specialist
5 years designing and implementing secure identity solutions across Microsoft Entra ID, Okta, and Active Directory. I translate complex IAM challenges into clean, automated, auditable outcomes.
I'm an IAM Engineer based in Fayetteville, NC, focused on building identity infrastructure that scales securely. My background spans hybrid AD environments, cloud-native identity platforms, and the automation that ties them together.
Beyond my day-to-day work, I document real production scenarios in my homelab — not how-to guides, but case studies structured around actual business problems, constraints, and measurable outcomes. This site is where that work lives publicly.
I built ID Sentinel Solutions as a professional brand to house my labs, writing, and eventually consulting work as my career grows in the identity space.
Real-world IAM problems simulated in a homelab — each structured as a production case study with business context, solution design, scripts, and documented outcomes. Not how-to guides.
Legacy protocols bypassing MFA controls org-wide. Blocked using Conditional Access sign-in risk policies.
M&A integration required migrating subsidiary apps off Entra SSO to Okta within 60 days. SAML Tracer validation, break/fix lab, and controlled cutover with rollback preserved.
Audit revealed stale users retaining access post-offboarding. Remediated with Graph API + PowerShell automation.
Executive mandate to implement Zero Trust for a 1,000-person org. Deployed CA policies, PIM, and Terraform.
Acquired workforce in Okta had no automated access lifecycle. Three Workflows deployed covering joiners, movers, and leavers — with audit log table and SOC 2 evidence.
Built automated identity risk reporting pipeline using Graph API with OAuth2 client credentials flow.
Standardized P1/P2 response procedures for Identity Protection alerts, mapped to NIST IR and SOC 2.
Built secure, branded customer login with social federation, MFA, and JWT-protected API endpoints.
Overprivileged AWS roles increasing lateral movement risk. Remediated with least-privilege policy, STS role assumption, ExternalId trust boundary, and CloudTrail audit trail.
No SOC visibility into identity threats. Built an Entra ID → Splunk pipeline with four MITRE-mapped detections: MFA fatigue, impossible travel, after-hours PIM, and legacy auth spikes.
188-member privileged group unreviewed since provisioning — SOC 2 finding. Quarterly access review deployed with manager approval, auto-enforcement, and full audit trail.
AWS console access via long-lived IAM keys violated Zero Trust. Federated all access through Entra ID via SAML 2.0 — zero static credentials, three break/fix scenarios documented.
Manual AWS access provisioning caused 24–72hr delays and 14 confirmed orphaned accounts. SCIM pipeline automated Joiner, Mover, and Leaver events end-to-end.
Static client secrets in Azure workloads had no expiration enforcement and no workload binding. VM pulls Key Vault secrets via system-assigned managed identity — IMDS bearer token, RBAC least privilege, 403→200 break/fix evidence, full audit trail via Log Analytics.
Internal AI agent ran on a broad admin token with no audit trail and no decommission path — indistinguishable from a compromised service account. Re-architected as a governed Entra principal: scoped OAuth2 permissions, JWT validation, Splunk audit pipeline, and a fully validated decommission sequence.
Structured learning environments covering IAM fundamentals and Microsoft 365 security — the foundation behind the production scenarios above.
Hands-on modules covering Microsoft Entra ID, Okta, on-prem Active Directory, and federation protocols including SAML, SCIM, OAuth 2.0, and OIDC.
Hands-on labs covering Microsoft Purview, Defender for Cloud Apps, and Intune — focused on identity protection, data governance, and device management.
Whether you're hiring for an IAM role, want to talk identity architecture, or just want to connect — I'm always open to a conversation.