Ronnie Bailey
15 years shaping how enterprise organizations secure, govern, and scale identity. Across Fortune 500 firms, federal agencies, and critical infrastructure, the work has always been the same at its core: make identity the thing that holds when everything else is under pressure.
Perspective
The hardest problems in identity are rarely technical. The technical problems have answers. The hard problems are organizational: nobody owns the policy, the accountability structure was never defined, the exception became the rule, and by the time someone notices the debt is structural.
My value is in knowing how to walk into an environment where identity was built by ten different people over ten years and make it coherent, defensible, and owned.
Zero Trust is often used as a buzzword. In practice it is a posture you earn incrementally by making every access decision explicit and every privilege temporary. That is the difference between an organization that knows its exposure and one that finds out during an incident.
The most important work I do is translate. Technology decisions that are not understood by the people who fund them get defunded when priorities shift. Risk that is not legible to a CISO or a board does not get mitigated and usually ends up inherited by the next team. I own these programs end to end: governance, Zero Trust architecture, privileged access, federation, lifecycle management, and the CISO conversation that ties it all together. I can design the framework and I can also open a sign-in log and find what is breaking before it becomes an incident.
Professional Experience
iHeartMedia is the largest audio company in America, with a portfolio spanning Katz Media Group, Triton Digital, Premiere Networks, and subsidiary brands across broadcast, ad-tech, syndication, and national advertising sales. I served as the senior identity authority across that portfolio, owning core components of the enterprise IAM program across a 30,000-user hybrid environment.
The most consequential work was organizational before it was technical. Security, IT, and HR had no shared framework connecting identity decisions across the business. I built the ownership model, the RACI structure, and the escalation paths that gave those teams a consistent foundation. That structure reduced cross-team escalations and gave the Conditional Access program the accountability it needed to hold under scrutiny.
I directed a 60-policy Conditional Access estate covering biometric authentication, geofencing, device compliance, and risk-based access decisions. The governance model I put in place reduced authentication incidents and policy violations across the application portfolio. I inherited the privileged access posture in a degraded state and rebuilt it around BeyondTrust and Entra ID PIM, designing the approval workflows and audit structure that turned a platform into a governed program.
I reported to the CISO every week, translating technical exposure into business decisions with named owners and defined outcomes. That reporting relationship kept identity on the leadership agenda and gave the program the organizational weight it needed to move forward.
- Own core identity security components across the enterprise IAM program for a hybrid workforce of more than 30,000 users spanning iHeartMedia, Katz Media Group, Triton Digital, Premiere Networks, and subsidiary brands across broadcast, ad-tech, syndication, and media representation.
- Aligned security, IT, HR, and business stakeholders across a multi-subsidiary portfolio to drive identity maturity and risk reduction, establishing structured cross-functional communication between identity, SOC, and GRC teams that had historically operated in silos with limited coordination between them.
- Defined and maintained the IAM ownership model and RACI framework, assigning policy ownership, formalizing escalation paths, and creating cross-functional accountability across security, engineering, and business teams that had previously managed identity-related responsibilities independently.
- Directed Conditional Access strategy and enforcement across a 60-policy estate aligned to Zero Trust, governing controls that spanned biometric authentication, geofencing, device compliance, MFA enforcement, and risk-based access decisions across a workforce spanning broadcast operations, podcast production, digital ad-tech, and national advertising sales.
- Managed Mobile Application Management and Microsoft Defender Cloud Security policies across the enterprise, extending identity-aware access controls and security enforcement beyond traditional perimeter boundaries across the full corporate portfolio.
- Identified a persistent pattern of onboarding failures tied to gaps in conditional evaluation logic, including delayed start dates, mismatched HR status in Workday, and incomplete downstream system readiness. Designed and implemented decisioning and alerting logic in Azure Logic Apps that eliminated manual provisioning delays and brought the onboarding process into alignment with actual business workflows.
- Re-established enterprise identity governance and lifecycle controls across HRIS-integrated systems after persistent data integrity failures were traced to UPN normalization conflicts between Workday attributes and downstream system expectations. The root cause had been producing silent provisioning breakdowns, dynamic group membership failures, and access control gaps across the environment. Resolved the conflicts and restored provisioning integrity and access governance across Entra ID and connected enterprise systems.
- Defined and drove enterprise authentication and federation standards across critical business platforms including Workday, Genea, and GCP-integrated systems, resolving authentication failures involving claims mapping mismatches, token misconfiguration, certificate trust issues, and identity normalization conflicts that had been causing outages across subsidiary identity boundaries.
- Own the federation certificate lifecycle across all enterprise trust relationships, implementing proactive rotation processes that eliminated emergency renewals and prevented authentication outages tied to expired signing certificates across business-critical applications.
- Inherited a degraded privileged access posture and restructured the enterprise PAM strategy using BeyondTrust and Entra ID PIM, eliminating standing privilege and enforcing just-in-time access and credential governance across all administrative tiers.
- Designed approval workflows, session monitoring, and auditability processes that significantly improved organizational visibility into privileged activity and closed gaps left by the previous access control posture.
- Govern secrets and credential management across BeyondTrust Secrets Safe, Password Safe, and Azure Key Vault, enforcing rotation policies, access controls, and auditability for privileged and non-human identities across a multi-subsidiary environment where service account sprawl had accumulated without governance.
- Administered physical access governance through Genea, ensuring badge provisioning, access entitlements, and user lifecycle remained aligned with identity records across the enterprise.
- Governs cross-boundary identity and access for international business partners and third-party collaborators across Triton Digital's global operations spanning more than 50 countries, managing federation trust, entitlement scoping, and access lifecycle across non-employee identity populations.
- Managed identity governance for sensitive and high-profile personnel categories requiring elevated privacy controls, restricted administrative access, and non-standard lifecycle handling across the enterprise directory.
- Investigated and resolved service account misuse tied to operational systems, enforcing separation between interactive and non-interactive access patterns and closing privileged access risks that had accumulated under the previous ownership.
- Serve as the senior technical escalation authority for IAM incidents across a workforce of more than 30,000 users, resolving AADSTS errors, Conditional Access misconfigurations, federation trust breakdowns, and access outages when standard support paths and resolution workflows cannot close the incident.
- Deliver weekly identity risk reporting directly to the CISO, translating technical exposure into prioritized business decisions with clear ownership, accountability, and measurable risk reduction.
This engagement ran across two distinct environments. LexisNexis is a global legal information and analytics company serving customers in more than 150 countries. The United States Patent and Trademark Office operates under Public Trust Clearance where compliance expectations are institutional and the architecture decisions I made had direct federal implications.
My work centered on Zero Trust design aligned to NIST 800-207, making foundational decisions about how trust gets established, under what conditions it gets revoked, and how behavioral signals feed into access decisions in real time. That architecture extended across Azure, AWS, and GCP with centralized CSPM integration and Infrastructure-as-Code policy enforcement that removed manual validation from the compliance lifecycle.
I rebuilt the One Identity Safeguard platform from scratch, fully offboarding and re-onboarding privileged assets, realigning session recording, and rewriting access policies against the actual security posture. I engineered threat correlation across CrowdStrike Falcon, Microsoft Defender, Palo Alto, and Checkpoint that improved detection quality and reduced response time through intelligent triage. I designed forensic response processes using Secureworks Taegis aligned to NIST 800-86 and translated technical findings into executive-level risk assessments that informed security investment decisions across both organizations.
- Designed Zero Trust architecture aligned to NIST 800-207 with JIT provisioning and continuous authentication monitoring, adjusting access decisions in real time based on behavioral risk signals.
- Built behavioral risk evaluation models adjusting access decisions dynamically based on user activity and contextual identity signals.
- Led Azure security architecture aligned to NIST 800-53 and CIS standards, authoring Infrastructure-as-Code security policies that enforce baseline configurations and surface configuration drift in real time.
- Standardized identity and security controls across AWS, Azure, and GCP with centralized CSPM integration, delivering unified dashboards aggregating risk signals across all three platforms for executive visibility.
- Redesigned One Identity Safeguard deployment for enterprise-wide privileged access control, executing a full offboarding and re-onboarding of privileged assets and realigning session recording, account rotation, and access policies from the ground up.
- Integrated Auth0 to deliver OAuth2 and OIDC-based SSO across enterprise applications, supporting FedRAMP and NIST 800-53-compliant authentication workflows with certificate rotation and trust validation.
- Engineered threat correlation across CrowdStrike Falcon, Microsoft Defender, Palo Alto, and Checkpoint, improving detection quality and reducing response time through intelligent alert triage and deduplication.
- Designed forensic response processes using Secureworks Taegis aligned to NIST 800-86, ensuring defensible evidence handling and investigation integrity.
- Translated complex architecture and security findings into business impact for executive stakeholders, enabling informed decision-making on risk and remediation priorities.