Securing enterprise identity infrastructure for the Department of Veterans Affairs. Specializing in IAM, IGA, and Zero Trust architecture within high-security federal environments.
I'm a DevOps & Identity Engineer with hands-on experience managing user access and identity infrastructure for the Department of Veterans Affairs, operating within a high-security federal environment where compliance and reliability are mission critical.
I specialize in provisioning and governing user access across VA enterprise systems, enforcing least privilege principles, and managing the full identity lifecycle in regulated environments.
On the security side, I ensure access decisions align with federal compliance requirements and operate within NIST and Zero Trust frameworks. On the systems side, I support backend processes, monitor event pipelines, and resolve access-related issues impacting enterprise systems.
Academic honors include the President's List, National Scholars Award, and Dean's List at the University of Central Florida.
Monitored DevOps and identity infrastructure, investigating alerts and maintaining system reliability for enterprise authentication services supporting the U.S. Department of Veterans Affairs. Performed back-end configuration updates, tuned queue processing parameters, and analyzed system logs to troubleshoot authentication and infrastructure issues.
Managed identity governance operations using Saviynt, Microsoft Azure, and Entra ID — supporting user lifecycle management and secure authentication in the VA environment. Investigated identity-related incidents through ServiceNow, assisted with identity integrations and migration efforts, and validated access workflows across connected applications.
Completed a short-term contract supporting end users via ConnectWise with hardware and software troubleshooting, password resets, and account lockouts via Active Directory. Assisted in implementing security protocols and conducted vulnerability assessments to identify and mitigate potential risks.
Python automation tool that ingests identity export data (CSV), calculates account inactivity, and flags dormant or orphaned accounts exceeding a configurable threshold — generating a structured audit report to support access review and deprovisioning workflows.
View on GitHubSTRIDE threat model and LaTeX report analyzing a smart home IoT ecosystem — router, hub, camera, lock, and cloud backend — identifying attack surfaces and mapping mitigations across the connected device stack.
View on GitHubPython tool that parses authentication logs and flags "impossible travel" logins — consecutive sign-ins from different cities within an implausibly short window — while filtering out trusted VPN IP ranges, and generates a timestamped audit report.
View on GitHubPython tool that enforces Role-Based Access Control policy by checking user role assignments against a configurable Separation of Duties ruleset, flagging dangerous role combinations and generating an audit report of violations and clean users.
View on GitHubReusable GitHub Actions security pipeline (bash + Docker) that scans repos for hardcoded secrets and vulnerable dependencies on every push, and is wired into Orphaned Account Detector and RBAC Policy Checker with live passing/failing status badges.
View on GitHubOpen to new opportunities in IAM, Identity Security, and DevOps engineering. Feel free to reach out.