About
United States Army Veteran and a seasoned Azure Engineer with over 20 years of comprehensive IT experience, including a decade of specialized expertise in Microsoft technologies such as M365, Azure, Sentinel, Active Directory, IAM, and Exchange. I have a robust background in security, Purview Compliance, Data Loss Prevention, e-discovery, and data classification. I excel in leading the development and governance of Microsoft Cloud architectures, ensuring alignment with both business and IT strategies. My track record includes delivering high-quality technical solutions, spearheading complex projects, and providing 24/7 support for critical systems. With exceptional communication skills and a customer-centric approach to problem-solving, I consistently ensure high levels of customer satisfaction and trust.
Education
Certifications
Cloud Security Alliance
CompTIA
Google Cybersecurity Google IT Automation w/ Python Google IT Support
Google Project ManagementHashiCorp
ISC2
Certified Information Systems Security Practitioner (CISSP) Certified Cloud Security Professional (CCSP) Systems Security Certified Practitioner (SSCP) Certified in Cybersecurity (CC)
Microsoft | Azure
Azure Solutions Architect Expert (AZ-305) Azure Cybersecurity Architect Expert (SC-100) Azure Administrator (AZ-104) Azure Security Engineer (AZ-500) Azure Network Engineer (AZ-700) Azure Support Engineer for Connectivity Specialty (AZ-720) Azure Foundations (AZ-900) Security, Compliance, and Identiy (SC-900) Identity & Access Admin Associate (SC-300)
Skills
- Bash | Powershell | Azure CLI | Python | ARM | BICEP
- VMware | Docker | Kubernetes | Terraform
- Splunk | Azure Defender | Azure Sentinal | Endpoint Manager | Wireshark
- Windows Server | Linux | SQL | COSMO DB | NoSQL
- HTML5 | CSS3 | Javascript | PHP
Experience
Senior Azure Cloud Engineer | USAID w/ Joint Strategic Technologies | November 2023 - Present
❖ Integrated and delivered solutions using DevOps practices and Azure Resource Manager Templates (ARM) Infrastructure as Code (IaC), Terraform, resulting in a streamlined and automated process that enhanced the Agency's environment and reduced delivery time by 25%.
❖ Architected RBAC solutions within Azure Cloud, using Azure PIM solutions to manage permissions, resulting in an 80% reduction in security breaches and a 40% increase in compliance with regulatory standards.
❖ Established logging capabilities within Azure, utilizing Log Analytic Workspaces to enable real-time monitoring and analysis of Azure resources, reducing downtime by 60% and improving issue resolution time by 35%.
❖ Led the Exchange Office 365 Online Design and Management engineering for enterprise, resulting in a seamless migration to a cloud-based infrastructure with 99% uptime and a 23% reduction in maintenance costs.
❖ Managed and deployed MS Teams rollout for pilot and production enterprise, ensuring security and platform adoption, resulting in a 100% increase in collaboration and a 54% reduction in communication errors.
❖ Conducted extensive research and documentation for the Azure Government environment, leading to the identification of cost-effective solutions that met project requirements and ensured compliance with all regulatory standards.
Cloud Security Engineer | Fort Bliss U.S.Army | October 2017 – August 2021
❖ Developed and enforced security policies using Microsoft Defender for Cloud, ensuring compliance and a robust security posture across the organization. Implemented custom JSON policies for preventive measures and automated correction of non-compliant resources.
❖ Integrated Azure Sentinel for real-time threat detection and response, creating detailed action plans for data breaches. Developed custom alerts using KQL, significantly reducing incident response time and improving threat visibility.
❖ Developed and enforced security policies using Microsoft Defender for Cloud and Azure Policy, including custom JSON policies for preventive measures and automated correction of non-compliant resources.
❖ Implemented Azure AD Conditional Access policies to enforce multi-factor authentication (MFA), device compliance, and location-based access controls, ensuring secure and conditional access to cloud resources.
❖ Developed and enforced Data Loss Prevention (DLP) policies within Microsoft 365 Purview to protect sensitive information in the O365 environment and ensure regulatory compliance.
❖ Configured Azure Key Vault for secure management of secrets, keys, and certificates, and implemented PKI for secure communications and user/device authentication, ensuring regulatory compliance.
❖ Implemented disk encryption using Azure Disk Encryption, Disk Encryption Sets, and BitLocker, safeguarding sensitive data on virtual machines and physical devices.
Security Engineering Manager | Fort Hood U.S. Army | October 2017 – August 2021
❖ Designed and implemented robust security architectures for Azure environments, ensuring comprehensive protection for data, applications, and infrastructure. Utilized Azure security services like Azure Security Center, Azure Sentinel, and Azure Policy to enforce security best practices.
❖ Oversaw the configuration and management of Azure Active Directory (AAD) to implement advanced IAM solutions. Enforced Multi-Factor Authentication (MFA), Conditional Access policies, and Privileged Identity Management (PIM) to secure user and administrative access.
❖ Developed and managed secure network architectures using Azure Virtual Network (VNet), Network Security Groups (NSGs), Azure Firewall, and Application Gateway. Implemented Virtual Private Network (VPN) solutions and Azure ExpressRoute to ensure secure connectivity between on-premises and Azure resources.
❖ Implemented data protection strategies, including Azure Key Vault for managing cryptographic keys, secrets, and certificates. Utilized Azure Disk Encryption, Azure SQL Database Transparent Data Encryption (TDE), and Azure Storage Service Encryption to protect sensitive data at rest and in transit.
❖ Integrated security into the Azure DevOps and Azure Pipelines. Implemented automated security testing, vulnerability scanning, and code analysis tools to identify and remediate security issues during the development lifecycle. Promoted a culture of security awareness among development teams.
Cloud Engineer Azure/AWS | Ft Hood U.S. Army | October 2015 - September 2017
❖ Deployed Infrastructure as Code (IaC) using Terraform to manage and scale Azure resources effectively.
❖ Built and managed Azure Web Apps, integrating Azure App Service and Azure Functions for scalable and resilient web applications.
❖ Configured Azure SQL Database for secure and reliable data storage, supporting investigative reports and law enforcement activities.
❖ Managed Azure Virtual Networks, Subnets, and Network Security Groups to ensure secure and efficient network infrastructure.
❖ Integrated custom connectors for third-party apps into Sentinel, enabling real-time monitoring and analysis of multiple data sources. This resulted in a 32% improvement in data accuracy and a reduction in data loss.
Information Systems Technician | OCONUS U.S. Army | Oct 2002 – September 2015
❖ Upgraded networks, systems, and applications by conferring with vendors and internal procurement; developing, testing, evaluating, and installing enhancements.
❖ Created new accounts, reset passwords, and configured access to servers for users.
❖ Troubleshoot software/hardware issues on-site and via remote access application RDP.
❖ Built/repaired desktops, servers, tablets, mobile devices, and laptops.
❖ Handled in-bound desktop support calls for managed clients.