RONNIE BAILEY

• Implemented and managed IAM solutions using One Identity, ADManager Plus, and Microsoft 365, ensuring secure identity governance and streamlined user lifecycle management.
• Conducted forensic security investigations using Secureworks Taegis and Sophos MDR, identifying threat vectors and mitigating security breaches.
• Developed and enforced access control policies, reducing unauthorized access incidents and improving overall security posture.
• Led cloud security initiatives across AWS, Azure, and GCP, aligning security frameworks with NIST 800-53, CIS, and HIPAA compliance standards.
• Designed and managed Microsoft 365 & Exchange Online security policies, leveraging DLP and Abnormal Security to prevent phishing and account takeovers.
• Utilized Python and PowerShell for security automation, streamlining IAM provisioning, auditing, and policy enforcement.
• Integrated One Identity Starling for privileged access management, reducing manual administrative efforts and increasing operational efficiency.
• Performed risk assessments and third-party security evaluations using Bitsight and DRATA to enhance vendor risk management strategies.
• Managed security infrastructure using Palo Alto, Checkpoint Identity Security, and Microsoft Defender for endpoint protection.
• Led incident response efforts, leveraging forensic analysis and security monitoring tools to detect, contain, and remediate cybersecurity threats.

Skills: IAM Solutions · One Identity · ADManager Plus · Microsoft 365 · Forensic Security · Secureworks Taegis · Sophos MDR · Cloud Security · AWS/Azure/GCP · NIST Standards · Compliance (HIPAA, CIS) · PowerShell · Python · Incident Response

• Threat Detection Integration: Engineered solutions using CrowdStrike Falcon, Microsoft Defender, Palo Alto, and Checkpoint Identity Security, correlating telemetry across platforms to reduce incident response time by 90%.
• Zero Trust Implementation: Constructed framework with Just-In-Time provisioning and risk-based authentication, reducing standing privileges by 60% while implementing continuous authentication monitoring aligned with NIST 800-207.
• Privileged Access Management: Utilized One Identity Safeguard, Secureworks Taegis, and Sophos MDR in tandem to monitor privileged sessions, detect anomalous behavior, and respond to threats across 500+ hybrid systems.
• IAM Modernization: Migrated legacy platforms to Microsoft Identity Platform and Okta, enabling FIDO2/WebAuthn passwordless authentication, adaptive MFA, and lifecycle automation using PowerShell and Python for 15,000+ users.
• Federated Authentication Integration: Integrated Auth0 into enterprise IAM stack to enable OAuth2/OpenID Connect-based SSO across internal apps, supporting FedRAMP and NIST 800-53-compliant authentication workflows.
• Digital Forensics: Designed and executed forensic response plans using Secureworks Taegis and The Sleuth Kit, implementing NIST 800-86-aligned chain-of-custody workflows to preserve evidence integrity.
• Cloud Security: Led Azure security blueprint development, integrating NIST 800-53, CIS, and HIPAA frameworks, while automating compliance validation and reporting workflows across Microsoft 365.
• Multi-Cloud Security: Implemented consistent security controls and policy enforcement across AWS, Azure, and GCP environments with centralized CSPM integration and automated misconfiguration detection.
• Identity Governance: Unified fragmented IAM tools into enterprise-wide architecture using One Identity, ADManager Plus, and Microsoft Entra ID with AI-driven identity analytics and policy-based provisioning.
• Microsoft 365 Security: Overhauled Exchange Online with DLP, data classification, and conditional access policies to mitigate insider threats and enforce Zero Trust access principles.

Skills: Entra ID · Active Directory · Azure Active Directory · RSA · Crowdstrike · SSO/MFA · Zero Trust Architecture · PowerShell · Python · Bash · Windows/Linux Servers · PKI · NIST/ISO Standards · Technical Documentation

• Privileged Access Security: Implemented OneIdentity Safeguard/TPAM, aligning workflows with NIST 800-53 within 6 months and incorporating just-in-time privilege elevation.
• Endpoint Protection: Deployed CrowdStrike Falcon, reducing malware incidents by 45% across 2,000+ endpoints.
• Cloud Identity Management: Engineered security modernization using Entra ID/Azure AD for 12,000+ hybrid users with Kubernetes service identity integration.
• Virtualization Strategy: Standardized infrastructure using VMware vSphere across production and test environments, improving system uptime and reducing operational costs through centralized VM lifecycle management.
• Container Security: Designed pod identity solution for Azure Kubernetes Service (AKS), eliminating the need for static credentials in containerized applications.
• Authentication Modernization: Integrated Okta SSO/MFA across 40+ apps, implementing risk-based authentication, and reducing password-reset tickets.
• Access Control: Streamlined Active Directory with RBAC/conditional access, cutting unauthorized access by 30%.
• Account Lifecycle Management: Automated processes ensuring HIPAA compliance for 20,000+ accounts.
• Global Identity Provisioning: Led implementation for 32,000+ users across US/UK teams, cutting onboarding time by 55%.
• Data Governance: Enhanced security with Varonis, improving audit readiness for SOX/GDPR compliance.

Skills: Microsoft Azure AD/Entra ID · OneIdentity Safeguard · TPAM · CrowdStrike · Active Directory · Okta · SSO/MFA · Varonis · PowerShell · Account Lifecycle Management · Technical Debt Management · Global Team Collaboration

• Privileged Access Management: Streamlined CyberArk's PAM workflows, achieving 100% compliance with NIST 800-53.
• Network Security: Deployed Fortinet FortiGate firewalls and micro-segmentation, achieving full CISA Zero Trust compliance.
• Enterprise IAM Strategy: Positioned IAM as the cornerstone of DHS security, integrating Active Directory, OAuth 2.0, and SAML 2.0 for 100+ legacy systems.
• Serverless Security: Implemented secure identity practices for serverless functions in GCP, enabling principle of least privilege with function-level permissions.
• Risk-Based Access Control: Mapped 75+ systems to business-criticality tiers, reducing high-risk privileged accounts by 35%.
• Cloud Migration Security: Orchestrated GCP migration for 50+ on-premises systems, enabling FedRAMP Moderate authorization with comprehensive SIEM integration.
• Identity Governance: Enforced granular access policies via Saviynt across 15,000+ user accounts.
• Security Certification: Spearheaded ISO 27001 certification for DHS's Information Security Management System.
• Agile Development: Utilized Agile, SCRUM, and scripting languages (PowerShell, Python, Java) to enhance system resilience and efficiency in alignment with FISMA compliance and security standards.

Skills: CyberArk · Google Cloud Platform (GCP) · FISMA Compliance · PowerShell · Python · Java · Active Directory · OAuth · SAML · Fortinet · Zero Trust Architecture · FedRAMP · ISO 27001 · Saviynt · Qualys

• Single Sign-On Implementation: Deployed PingFederate and Citrix NetScaler with 99.9% uptime for healthcare applications.
• Privileged Access Security: Spearheaded CyberArk implementation with NIST 800-53-aligned credential vaulting.
• Threat Detection: Engineered Microsoft Defender for Identity integration, reducing unauthorized access incidents by 75%.
• Cloud-Native Security: Implemented identity-aware proxies and service meshes for securing microservices architecture in AWS.
• Identity Architecture: Designed framework integrating Azure AD and PingFederate for 5,000+ hybrid identities.
• Behavioral Authentication: Implemented user and entity behavior analytics (UEBA) to detect compromised credentials and insider threats.
• Secure Communications: Modernized SSL/TLS protocols for 150+ domains, maintaining 100% compliance.
• Risk Management: Led vulnerability assessments aligned with NIST 800-53 and HIPAA standards.
• Compliance Automation: Implemented reporting via PingFederate logs for SOX, GDPR, and HIPAA audits.

Skills: HIPAA/NIST Compliance · Vulnerability Assessment · Healthcare IT · Microsoft Defender · MFA Implementation · SSL/TLS Management · EHR/PACS Systems · Auth0 · CyberArk · Regulatory Compliance (SOX, GDPR)

• Privileged Account Security: Deployed BeyondTrust PAM, securing 1,200+ privileged accounts with SOX-compliant audit controls.
• Conditional Access: Architected role-based, location-based, and device-compliance policies in Microsoft Entra ID.
• Cloud Security: Designed GCP security framework using Google IAM and Security Command Center for real-time threat detection.
• SSO & MFA Integration: Integrated Azure AD/Entra ID to enhance user verification and streamline access management.
• Data Protection: Implemented BitLocker encryption and backup policies to safeguard ePHI across all endpoints.
• Continuous Authentication: Implemented risk-based authentication with context-aware access policies to dynamically adjust security requirements.
• Infrastructure-as-Code Security: Integrated security guardrails into Terraform deployments, ensuring compliance from deployment to runtime.
• Identity Lifecycle Management: Engineered SailPoint provisioning/deprovisioning workflows for 500+ employees.
• Identity Governance: Led SailPoint IdentityNow implementation, enabling centralized governance for distributed workforce.
• Least Privilege Implementation: Mapped 200+ job functions to least-privilege roles, eliminating segregation-of-duties conflicts.
• Mobile Device Security: Designed IAM solutions using Microsoft Intune for secure mobile device management and remote access enforcement.
• Endpoint Protection: Maintained Carbon Black for threat hunting, policy enforcement, and incident response.

Skills: Microsoft Azure AD/Entra ID · SSO/MFA · BitLocker · Microsoft Intune · Active Directory · Linux Administration · SailPoint IdentityNow · Google Cloud Platform (GCP) · BeyondTrust · Carbon Black · PowerShell · Python

• Zero Trust Architecture: Designed the bank's first Zero Trust-aligned IAM framework, reducing policy exceptions by 35%.
• Security Automation: Leveraged Microsoft Defender's auto-remediation capabilities, cutting manual SOC tasks by 30%.
• Customer Authentication: Engineered progressive profiling workflows using ADFS with 99.9% portal uptime.
• Multi-Cloud Security Governance: Implemented consistent identity controls across AWS and Azure environments.
• Regulatory Compliance: Enforced FFIEC and GLBA requirements via SCCM and Office 365 access controls.
• Identity Management: Maintained 12,000+ user accounts across hybrid environments through automated lifecycle workflows.
• Security Training: Conducted staff education on best practices, reducing phishing incident response time.

Skills: IAM Compliance · Agile/Waterfall Methodologies · Active Directory · Office 365 · SCCM · VMware · Microsoft Defender · Splunk · COBOL · Security Awareness Training

• IAM Transformation: Led migration to ForgeRock Identity Management, standardizing identity lifecycle workflows for hybrid environments.
• Access Control: Architected conditional access policies using Microsoft Defender for privileged account management.
• Security Monitoring: Integrated Splunk with IAM tools, achieving ISO/IEC 27001 and NIST 800-53 compliance.
• API Security: Implemented OAuth 2.0 and OpenID Connect protocols for securing cloud-native application APIs.
• Cloud Identity Security: Built AWS IAM roles and encryption protocols across multi-cloud environments.
• Secure Access Solutions: Designed Citrix-based security for financial services clients' mission-critical applications.
• Customer Authentication: Spearheaded Auth0 integration for client-facing portals, balancing security with user experience.
• Security Automation: Partnered with DevOps teams to streamline log analysis and incident response.

Skills: ForgeRock IDM · Splunk · ISO/IEC 27001 · NIST Standards · Ping Identity · Citrix · VMware · VirtualBox · Hyper-V · PowerShell · AWS · Auth0 · Identity Lifecycle Management

• Threat Response: Neutralized multi-vector DDoS attacks targeting financial sector clients with 99.99% uptime.
• Identity Integration: Pioneered Azure AD patterns for hybrid environments, adopted by Microsoft partner network.
• Digital Forensics: Led investigation recovering stolen intellectual property, establishing cloud evidence handling protocols.
• Cloud Workload Protection: Implemented comprehensive security for IaaS, PaaS, and serverless deployments across AWS environments.
• Compliance Management: Developed NIST 800-53 and ISO 27001-aligned policies with 100% audit success.
• Vulnerability Management: Scaled Nessus-based assessments to 15,000+ assets in AWS/Azure infrastructure.
• Authentication Unification: Integrated Ping Identity with Okta across SaaS platforms, reducing helpdesk requests.
• Security Training: Educated analysts in Kali Linux penetration testing methodologies for cloud environments.

Skills: Policy Development · Kali Linux · Penetration Testing · Ping Identity · Active Directory · Azure AD/Entra ID · DDoS Mitigation · Nessus · Digital Forensics · The Sleuth Kit · Incident Response

• Technical Support: Delivered first-level support for hardware, software, and network issues via phone, email, and in-person.
• Incident Management: Assessed and prioritized tickets based on impact and urgency to meet SLA targets.
• Customer Service: Maintained high satisfaction through timely support and detailed documentation of service desk activities.

Skills: Governance, Risk Management, and Compliance (GRC) · Strategy and Leadership · Technical Proficiency and Innovation · Technical Support · Hardware/Software Troubleshooting · SLA Management

• Technical Support: Provided troubleshooting for computer and electronic products, resolving hardware and software issues.
• Product Setup: Assisted customers with initial configuration, software installations, and feature explanations.
• Hardware Repair: Conducted basic repairs or coordinated with authorized service providers.
• Inventory Management: Maintained stock of computer accessories and ensured product availability.
• Customer Engagement: Collaborated with sales team to align technology solutions with customer needs.
• Product Knowledge: Stayed current on technology trends and updated demo areas to reflect latest offerings.

Skills: Governance, Risk Management, and Compliance (GRC) · Strategy and Leadership · Technical Proficiency and Innovation · Customer Support · Product Knowledge · Hardware Repair · Inventory Management

• Event Planning: Organized technology-focused events including webinars, workshops, and networking meetups to foster community engagement.
• Stakeholder Coordination: Collaborated with tech speakers, sponsors, and volunteers to ensure seamless event execution.
• Event Promotion: Managed outreach through social media and marketing channels to maximize attendance and participation.
• Logistics Management: Handled event logistics such as venue selection, scheduling, and registration processes.
• Continuous Improvement: Collected and analyzed attendee feedback to enhance the quality and impact of future events.
• Content Creation: Produced post-event content including summaries, interviews, and blog posts to highlight community insights and outcomes.

Skills: Event Planning · Tech Community Engagement · Public Speaking · Content Creation · Social Media Marketing · Networking · Leadership