Active Directory | Microsoft Entra ID | PowerShell | Zero Trust | Automation
I build enterprise-style identity and security projects that simulate real-world infrastructure, governance workflows, and security operations using Microsoft Entra ID, Active Directory, PowerShell, and Azure.
My portfolio is the OmniVerse Enterprise Engineering Program: a structured set of identity, infrastructure, security, and automation projects aligned with IAM Engineer, Security Engineer, and cleared cybersecurity roles.
Start here if you want the fastest view of my strongest work.
| Project | What It Shows |
|---|---|
| SEC-001 Enterprise SOC Engineering | Microsoft Sentinel deployment, KQL detection engineering, MITRE mapping, and incident investigation |
| SEC-002 Enterprise Vulnerability Management | Nmap discovery, Greenbone/Nessus scanning, CVE/CVSS analysis, remediation, and validation |
| IAM-006 Identity Operations and Risk Analytics | Enterprise risk scoring, executive dashboards, posture assessment, and remediation reporting |
| IAM-007 Enterprise Hybrid Identity Migration | Hybrid migration case study with 61 users aligned from Active Directory to Microsoft Entra ID |
| IAM-002 Enterprise Application Onboarding and SSO | SAML, OIDC, OAuth, SCIM, and Keycloak identity federation |
SSO applications documented: Cisco Duo, GitHub Enterprise, Grafana, Jira, Keycloak, Salesforce, WordPress, and SCIM Provisioning.
| Project | Focus | Stack |
|---|---|---|
| SEC-001 Enterprise SOC Engineering | Microsoft Sentinel SOC deployment, KQL analytics rule, MITRE ATT&CK mapping, and incident investigation | Sentinel KQL MITRE Entra ID |
| SEC-002 Enterprise Vulnerability Management | Asset discovery, vulnerability scanning, CVE/CVSS analysis, remediation, and validation scanning | Nessus Nmap Greenbone CVSS PowerShell |
| INFRA-001 Enterprise Active Directory | Enterprise AD foundation with DNS, DHCP, OUs, GPOs, AGDLP, service accounts, privileged accounts, and 2,000 users | AD DS DNS DHCP GPO PowerShell |
| IAM-001 Hybrid Identity Engineering | Hybrid identity with Active Directory, Entra ID, Entra Connect, synchronization, and troubleshooting | Entra ID Entra Connect AD PowerShell |
| IAM-002 Enterprise Application Onboarding and SSO | Enterprise application onboarding and identity federation | SAML OIDC OAuth SCIM Keycloak |
| IAM-003 Identity Lifecycle Automation | Joiner, Mover, Leaver automation with reporting and RBAC | PowerShell Graph API JML RBAC |
| IAM-004 Conditional Access and Zero Trust | Zero Trust access control baseline | Conditional Access MFA Entra ID Zero Trust |
| IAM-005 Identity Governance | Governance with PIM, entitlement management, and access reviews | PIM Access Reviews Entitlement Management |
| IAM-006 Identity Operations and Risk Analytics | Identity posture assessment, risk analytics, executive reporting, and remediation planning | PowerShell Graph API Risk Scoring HTML Reports |
| IAM-007 Enterprise Hybrid Identity Migration | Hybrid identity migration and hard-match validation | Entra Connect ImmutableID Graph API PowerShell |
| Domain | Technologies |
|---|---|
| Identity and Directory | Active Directory, Microsoft Entra ID, Entra Connect, Okta, SAML, OIDC, SCIM |
| Infrastructure | Windows Server, DNS, DHCP, Group Policy, VMware, VirtualBox, Ubuntu |
| Security | Zero Trust, Conditional Access, Microsoft Defender, Microsoft Sentinel, Tenable, Splunk, Wireshark |
| Automation | PowerShell, Microsoft Graph API, Bash, Python |
| Cloud | Microsoft Azure, Microsoft 365 |
| Governance | PIM, access reviews, RBAC, audit logging, NIST 800-53, RMF concepts |
| Certification | Issuer | Status |
|---|---|---|
| CompTIA Security+ SY0-701 | CompTIA | Earned |
| Microsoft Identity and Access Administrator SC-300 | Microsoft | Earned |
| SecurityX | CompTIA | In Progress |
| Azure Security Engineer AZ-500 | Microsoft | Planned |
| Security Operations Analyst SC-200 | Microsoft | Planned |
| Project | Focus | Status |
|---|---|---|
| SEC-001 Enterprise SOC Engineering | Microsoft Sentinel, KQL detection, analytics rules, MITRE mapping, and incident investigation | Complete |
| SEC-002 Enterprise Vulnerability Management | Nmap discovery, Greenbone/Nessus scanning, CVE/CVSS analysis, remediation, and validation | Complete |
| SEC-003 Web Attack Detection and Investigation | SQL injection, Apache log analysis, IoCs, timeline reconstruction, and reporting | Next |
| SEC-004 Web Shell Incident Response | File upload exploitation, reverse shell investigation, Apache logs, kern.log, and response timeline | Planned |
| SEC-005 SOAR Playbook Automation | SIEM/SOAR playbook workflow, rogue process triage, and automated response | Planned |
| SEC-006 Threat Intelligence Automation | IP blocking, DNS blocking, malware hash checks, Bash, cron, and threat feeds | Planned |
| SEC-007 Enterprise Hardening Baseline | Firewall rules, Linux permissions, STIG readiness, CIS concepts, and baseline validation | Planned |
| AZURE-001 Enterprise Azure Infrastructure | VNets, Key Vault, Bastion, managed identities, and secure Azure landing zone design | Planned |
| GRC-001 Governance Risk and Compliance | NIST 800-53, CMMC, RMF, control mapping, and ATO-style documentation | Planned |
| TF-001 Infrastructure as Code | Terraform, Azure, GitHub Actions, and CI/CD deployment workflows | Planned |