Overview
Led a comprehensive identity and access management program for a distributed organization operating across the U.S., India, and Brazil. The initiative consolidated access onto Microsoft Entra ID, automated lifecycle operations, and tightened the tenant’s overall security posture.
What Was Done
- Expanded SSO across core platforms and implemented SCIM-based automated provisioning
- Enforced company-wide MFA and deployed identity threat detection and response (ITDR)
- Tightened Conditional Access for risk-based sign-in, offshore operations, and traveling users
- Applied tenant policy to restrict high-risk third-party and AI applications
- Aligned account lifecycle with HR events to streamline onboarding and offboarding
- Investigated and retired a legacy MSP-installed security tool that was disrupting account state outside Conditional Access
Outcome
Significantly reduced manual access overhead, minimized lifecycle errors, and strengthened organizational security posture across all regions. A number of component workstreams (functional mailboxes, dynamic distribution automation, Entra attribute standardization) are tracked as individual accomplishments.
Stack
Microsoft Entra ID · M365 · SCIM · SSO · Conditional Access · Microsoft Intune