Download PDF

Work experience

Varo Bank

2020-10present

Security Engineer

  • Partnered with OKTA to test and release their beta IGA product for access certifications and access requests and configured it for varo's needs.
  • Managed and completed project to decouple AD and replace with OKTA for directory services, transitioning more than 30 dependencies.
  • Created over 100 SAML integrations in OKTA for the purposes of secure authentication and improved UX.
  • Managed project to audit app functionality and ownership for all 200+ applications in our tech stack.
  • Automated provisioning for 50+ applications via SCIM or JIT and another 15 through custom API calls.
  • Went live with Bamboo to OKTA integration to automatically onboard and offboard users in OKTA.
  • Created more than a 150 workflows to create a seamless onboarding and offboarding process that meets PWC requirements using systems like RBAC, Certifications, and timed access controls.
  • Created automation for role based access control that adds and removes access based on role requirements. (Was super cool, ask me about this)

DISQO

2020-032020-10

Systems Administrator

  • Built IT infrastructure. Everything from their asset management to their ticketing tools.
  • Created Fresh Service workflows for automatic approvals on ticketing.
  • Created asset management systems and audit trails.
  • Created all documentation on internal tooling and systems.
  • Managed JAMF, Crowdstrike and Jira.

Opus Interactive

2018-022020-02

Systems Administrator

  • Build and maintained KB system.
  • Managed hundreds of virtual machines on Windows, CentOS and Ubuntu.
  • Managed and debugged issues with pfsense firewalls, load balancers and local routing
  • Patched and maintained servers.
  • Maintained colocation space, running fiber optics and doing various maintenance tasks.
  • Deployed websites via IIS or Directadmin and debugged common issues with compression, syntax or file types.

Various HelpDesk Work

2012-072018-02

IT Service and Support

Nike (Through Vendor)
Apple (Through Vendor)
TVG (Through Vendor):

  • Solved technical problems on MacOS 10.6 and up, Windows on all versions, and occasionally Ubuntu.
  • Provide access management and general end user support. I've worked at a tech bar, deskside and phone based support.
  • Used Service Now, Fresh Service and WHMCS for ticketing.
  • Provisioned devices using airwatch or imaging sticks.
  • Managed my own tech bar at Nike, was promoted 3 times at applecare and was offered the full time position which I declined at TVG.
  • SCCM, Citrix Receiver, Any connect, global protect, Jamf. General help desk work.

Education

Certifications

Certifications

  • OKTA Certified Professional
  • OKTA Certified Administrator

Skills

Leadership

Board Communication, Team Management, Long Term Project Management. A two year vision manifested into nearly 30 consecutive projects meeting an objective that seemed impossible. 

OKTA Identity Engine

OKTA is an amazing IDP and a cornerstone for a strong infrastructure.  I've done every single thing possible in this application, and its possible of a lot. I've configured SCIM, OIDC and JIT provisioning, downstream integrations, authentication policies, group rules,  and security alerting.

Network Investigation

Identifying and resolving a root cause of issues between VMs, Load Balancers, and firewalls.

Most of our clients had at least two redundant DBs, two web servers, at least one firewall and a load balancer. Communications between these devices is no small thing, and investigating the root cause of an issue was an adventure all of its own. 

REST API

Integrating third party SAAS products with OKTA workflows and python scripts to pull data, create users and change roles in the systems with identity components.

Physical Server and Network maintenance

Colocation, Fiber Optics and Standard Ethernet, HPE Servers. Racks and Stacks in a cold room.

We handled our own servers, and also servers for cloudflare and palo alto. I've run fiber optics across data centers, replaced server infrastructure and replaced a lot of drives.

OKTA workflows

OKTA workflows is a complex no-code tool. Its incredibly powerful but is dependent on the users living in OKTA as a primary source of record.

Built a Role Based Access Control system in OKTA workflows capable of adding and removing access for a user when a role change happened. Added to this automation to tie hundreds of actions to happen based on attributes sourcing from an HR system.

Followed that up with automation to meet over 50 other varo uses cases, streamlining IT's job as much as possible and automating access controls wherever I can.

Virtual Infrastructure, Cloud

Vmware Vsphere and AWS. Most expertise in Vmware. Handled thousands of Virtual machines, spun up new ones, closed out old ones. Connected network rules and remote managed servers via salt, and IIS.

OKTA Identity Governance

This product allows meeting of fedramp, OCC, SOC2 and other intensive regulatory requirements and connects directly into OKTA for ease of use. I partnered with OKTA in its Beta and have been part of its development almost since day 1. 

ITIL and asset management

Running an IT Help Desk and building and asset management system.

Nothing special here. A fleet of computers needed an MDM, and an IT team needed a home. Created ticketing, tracking, and hardware management systems.

Audit and Compliance

Auditors have questions, and answering those questions is a large part of being an IAM expert. Auditors need to see a story about how a user gets access, who says its ok, when its changed and how it was removed when it was no longer required. 

I translate regulatory requirements into action, and translate actions into something regulators, board members and security leadership can make heads or tails on.

System Architecture and design

Built an entire infrastructure. MDM, Ticketing, Governance tools, DLP, workflow automation, the works. Rebuilt it for another. I know how all the pieces work together and can make sure new systems are designed to scale.

MDM Management

JAMF, Kandji, Airwatch and Tanium expertise. Most in Kandji and Airwatch. MDMs a core piece of every IT infrastructure.

Qualifications

I've rebuilt the entire company infrastructure for Varo Bank to accommodate complex IAM requirements. We took OCC direction and I converted it into a gameplan. We rebuilt our directory, our IDP, our ticketing systems, and our virtual IAM policies. We created policies and process. We collected data on shadow IT, filling in gaps in knowledge. We built complex RBAC systems, access expiration automation, and certification processes and automation to support it all. This process took almost two years and was awesome. Please ask me how I can do it for you.

In previous roles I've led service desks teams, and built out IT teams, setting up an entire fleet of Mac computers in JAMF. I've maintained thousands of virtual machines, networks, servers, and always left on my own terms in a place that was still happy to have me. 

Its really impossible to tell these stories on a resume. Ask me about it. 

Languages

English