Recent work

End-to-end identity program for a biotechnology firm on a Google Workspace nonprofit-tier environment. Conducted a full Entra audit, implemented MFA enforcement through GWS, and performed the SAML wiring to configure SSO across the organization's SaaS stack. Built a complete access review checklist and JML checklist designed for non-technical operators to run independently post-handoff.

Dual-entity organization (nonprofit + commercial consultancy) with a broad platform landscape and outsourced IT. Conducted end-to-end IAM access review including discovery questionnaire, platform inventory, risk assessment, and phased remediation plan. Surfaced over-provisioned Super Admin accounts and unmanaged shared credentials, then translated findings into a plain-language remediation roadmap the client's operations lead could execute without security expertise.

Full access audit and JML checklist for an advocacy organization handling highly sensitive personal data, including protected addresses for at-risk individuals. The unique scope of this engagement: developing a repeatable access-governance playbook the client can hand to the partner organizations they support, so improvements in data handling compound beyond the initial engagement. Materials authored for non-technical staff at partner orgs to execute without consulting support.

Gap analysis for a mission-driven organization facing routine threat activity tied to the nature of its work. Presented findings directly to the board and built the case for prioritizing MFA enforcement and eliminating shared accounts. Delivered a phased MFA rollout plan, a shared-email consolidation strategy, and IdP consolidation guidance, all framed in plain language so non-technical leadership could own the rollout.