Résumé

BAM Mutual — New York, NY

Previously: Technology Associate (2021–2023), Technology Analyst (2017–2020)

macOS Platform Engineering

• Built the company's Mac endpoint management platform from scratch, growing from manual processes to a fully automated, compliance-driven system managing ~110 macOS endpoints via Jamf Pro and Apple Business Manager.
• Designed zero-touch deployment workflow integrating Jamf Connect with cloud IdP (OneLogin), reducing new device provisioning from hours of manual setup to automated enrollment.
• Standardized and secured macOS endpoints using Jamf Protect EDR, FileVault encryption, CIS benchmark compliance, custom scripting, and open source tools like Nudge.
• Implemented and enforced a multi-year hardware lifecycle policy, systematically phasing out aging models and managing device reallocation across the fleet.

Automation & AI

• Automated processes using PowerShell, Python, Bash, and Microsoft Power Automate, including a company-wide email domain migration, onboarding/offboarding workflows, and DocuSign form digitization.
• Adopted AI-assisted scripting tools to prototype and validate automation scripts, introducing AI tools to the team.
• Built sustained documentation and training programs, including monthly Tech Bulletins (7+ years continuous), annual cybersecurity training, and a centralized SharePoint IT Support Hub.

Identity & Access Management

• Administered OneLogin SSO and Duo MFA for the entire organization, managing SAML/SCIM integrations, role-based access controls, and MFA policies across all SaaS platforms.
• Managed the full identity lifecycle — provisioning, access changes, and deprovisioning — for 100+ employees.

Security & Compliance

• Engineered SIEM monitoring in Sumo Logic with custom queries, dashboards, and automated alerting — including high-risk login detection and RDP access notifications via Slack.
• Ensured compliance with NYDFS Cybersecurity Regulation (23 NYCRR 500), including MFA, encryption, security audits, incident response, and vulnerability assessments.
• Implemented DMARC email authentication and managed phishing defense through KnowBe4 and Microsoft ATP.

Systems Administration & Cloud Infrastructure

• Managed multi-region AWS infrastructure including EC2, S3, Route 53, VPC networking, and CloudWatch alarms. Managed hybrid Windows/Linux environment with cross-region Active Directory.
• Deployed and managed 20+ SaaS applications (Slack, Zoom, DocuSign, 1Password, Atlassian) including evaluation, rollout, SSO integration, and user training.
• Managed network infrastructure across four office locations, including buildouts for San Francisco, Santa Monica, and Austin.

IT Operations & Cross-Functional Collaboration

• Served as primary point of contact for technical support across 100+ employees, managing endpoints, BYOD devices, and A/V equipment.
• Mentored and trained junior IT staff, preparing training plans and providing ongoing technical guidance.
• Partnered with HR, developers, and management to integrate IT processes across departments.

Technical Education Research Centers — Cambridge, MA

• Provided technical support for 105 users across computers, printers, phones, and mobile devices.
• Implemented Jamf Pro to automate and secure end-user device management — first hands-on experience with the platform that became a career specialty.

Hampshire College — Amherst, MA