About Me
My official title has been System Administrator, but over the past several years my work has become increasingly focused on security. Much of my day is spent securing Microsoft environments through identity management, endpoint protection, security monitoring, and incident response while making sure the systems people depend on remain reliable.
I came into security from infrastructure, not the other way around. Years of managing Microsoft 365, Active Directory, Microsoft Entra ID, Windows Server, and enterprise endpoints taught me that good security has to work in production. It needs to support the business, not get in its way.
That perspective shapes how I approach every project. I’m interested in practical security controls that reduce risk without adding unnecessary complexity. Whether it’s designing Conditional Access policies, implementing least-privilege access, automating routine tasks with PowerShell, or investigating suspicious sign-in activity, my goal is to build security that people can actually operate and maintain.
This website is where I share what I’m learning, building, and improving. Most articles are based on things I’ve implemented, researched, or tested in my lab. If something helped me solve a problem or better understand Microsoft identity security, there’s a good chance I’ll write about it here.
What I Work On
Identity Security
- Microsoft Entra ID
- Conditional Access
- Role-Based Access Control (RBAC)
- Identity Governance
- MFA and authentication security
- User lifecycle management
Security Operations
- Identity monitoring and investigation
- Microsoft Defender for Endpoint
- Microsoft Sentinel
- Incident response and alert triage
- Security hardening
Microsoft Infrastructure
- Microsoft 365 administration
- Windows Server
- Active Directory
- PowerShell automation
- Patch management
- NIST and CIS security baselines
Certifications
I currently hold the following certifications:
- (ISC)² SSCP
- CompTIA CySA+
- CompTIA Security+
- CompTIA Network+
I’m also working toward the Microsoft SC-300: Identity and Access Administrator certification as I continue to deepen my focus on Microsoft identity security.
If you’re interested in Microsoft Entra ID, identity-first security, or practical ways to secure Windows and Microsoft cloud environments, I hope you’ll find something useful here.
