Mississauga, Ontario, Canada
IT security professional with 5+ years of experience across identity and access management, endpoint security, and enterprise IT operations. I specialize in Okta SSO — managing SAML/LDAP/SCIM integrations, identity lifecycle automation, device trust, and conditional access for global remote-first workforces. I also bring deep macOS endpoint management experience with Jamf Pro, zero-touch provisioning, and fleet-wide EDR deployment (CrowdStrike Falcon, SentinelOne, Carbon Black). I write Bash and Python to automate IAM and endpoint workflows via Okta, Jamf, and CrowdStrike APIs — eliminating manual effort at scale. I've administered Active Directory, enforced least-privilege access, and integrated identity platforms with Google Workspace and Microsoft 365. I've worked cross-functionally with Security, Engineering, and IT Support teams to enforce policies and resolve complex escalations. Certified Ethical Hacker (CEH) | GIAC GPEN in progress | Open to IAM Engineer, Client Platform Engineer, and Security Engineer roles.
Administered Okta SSO enterprise-wide — managing application onboarding, SAML/LDAP/SCIM integrations, MFA policies, and device trust settings for a global remote-first workforce. Automated identity lifecycle workflows via Python and Bash integrated with Okta API — covering user provisioning, role assignment, access reviews, and de-provisioning aligned with HR and offboarding events. Managed user accounts and access controls across Carbon Black, CrowdStrike, SentinelOne, Sumologic, and Tenable; enforced least-privilege principles and maintained compliance with audit requirements. Integrated endpoints with Okta SSO and Google Workspace — configuring identity federation, device trust, and conditional access to enforce Zero Trust principles across macOS and Windows. Administered Active Directory accounts, security groups, group policies, and OU structures; managed RBAC for enterprise applications and enforced access policies per security standards. Coordinated provisioning and de-provisioning workflows for onboarding/offboarding across security platforms, ensuring zero standing privilege and timely access revocation. Conducted access audits and compliance reviews; generated entitlement and privileged access reports to support internal audit and security governance programs. Collaborated with Security, Engineering, and IT Support to enforce IAM policies, resolve access escalations, and onboard applications to Okta SSO; served as primary escalation resource for complex identity issues.
Served as team lead for the CAP 2 receiving and inventory department, directing daily operations and supporting associate development in a fast-paced, high-volume retail environment. Led and delegated daily workload across the CAP 2 team, setting priorities, assigning tasks, and providing real-time coaching and feedback to drive team performance and accountability. Managed end-to-end receiving operations — coordinating truck unloading, merchandise sorting, and inventory processing to maintain efficient inbound freight flow. Directed backroom-to-salesfloor inventory execution, ensuring stock was pulled, binned, and merchandised accurately and on schedule. Maintained safety compliance across the receiving area — completed safety logs, enforced protocols, and upheld a clean, audit-ready environment. Ensured salesfloor was consistently zoned, fully stocked, and customer-ready at all times.
Administered Windows Active Directory environment — managing user account lifecycle (creation, modification, deactivation), security group memberships, group policy objects, and role-based access control for business applications. Managed access provisioning and de-provisioning for employee onboarding and offboarding, maintaining accurate user entitlements and enforcing least-privilege access across business systems and trading platforms. Diagnosed and resolved authentication, access, and identity issues across Windows endpoints; documented resolutions and built internal runbooks for recurring access management patterns. Monitored user authentication and back-office data integrity; reported unauthorized access attempts and software vulnerabilities to senior stakeholders and escalated where required. Collaborated with third-party vendors for software access management and system maintenance; coordinated access reviews and ensured timely revocation of vendor access post-engagement.