Cybersecurity Professional
Spencer Spivey
Identity & Access Management specialist building enterprise-scale Zero Trust architecture — from cloud migrations to system hardening, at the intersection of security and user experience. I help organizations improve their security posture through both strategic architecture and active monitoring. Let's work together to meet the challenges of today's technology landscape.
Experience
Performed security monitoring duties on day shift in a 24/7 SOC. Leveraged SIEM (Devo, RSA NetWitness), EDR (SentinelOne), Wireshark, RSA Archer GRC, and OSINT tools (VirusTotal, AbuseIPDB, Spur) for daily detection and incident triage. Provided feedback to senior analysts to tune alert logic and improve incident response time. Collaborated with Texas state agency analysts and stakeholders to protect government assets.
Assessed clients' security posture against DoD standards to discover vulnerabilities and create roadmaps for remediation. Analyzed large datasets to create a wave schedule for migrating 45K+ users to a greenfield Active Directory environment. Led internal initiatives to create a sandbox for ForgeRock IAM tools in an effort to expand service offerings.
Led identity and access management initiatives across hybrid cloud environments. Architected and executed a full Okta-to-Azure AD migration covering 50+ application integrations. Deployed Conditional Access policies at enterprise scale, implementing Zero Trust principles across the organization's identity perimeter. Active in cloud security operations, change management, and business app integration.
Projects
Identity Platform Migration - Okta to Azure AD
- End-to-end re-platforming of Manhattan Associates' identity infrastructure from Okta to Microsoft Entra ID / Azure Active Directory.
- Designed the migration architecture and managed application re-integration at scale.
- Led a Zero Trust Conditional Access deployment serving the full enterprise user base.
- Delivered with zero authentication downtime and full policy parity.
- Reclaimed $600K in annual identity licensing costs.
Microsoft Identity & Endpoint Management Lab
- Stood up a Microsoft identity and endpoint management lab on a Microsoft 365 / Entra ID tenant, provisioning physical Windows 11 devices through both Windows Autopilot and Autopilot device preparation.
- Built out the enrollment, compliance, and configuration stack.
- Used Conditional Access to restrict access based on device compliance, and delivered applications and policy via Intune MDM.
- Worked through the full provisioning chain hands-on, from Windows Pro/Enterprise licensing and hardware-hash capture to BitLocker recovery and clean-install rebuilds.
- Documented the process as a reusable runbook.
Designed and deployed enterprise-wide Conditional Access policies across all cloud applications, enforcing MFA, device compliance, and risk-based authentication signals at scale.
Built and maintained SSO integrations for 50+ enterprise applications using modern identity protocols. Developed SCIM automation for lifecycle provisioning and deprovisioning workflows.
Migrated roles and groups from classic AWS IAM Console to modern iteration. Enabled automatic user provisioning to GCP to streamline onboarding.
Conducted log monitoring, incident triage, and response operations in a production SOC environment. Collaborated with senior analysts to tune alert logic and improve response time.
Core Competencies
Credentials & Roadmap
Let's Build
Something
Secure.
Open to IAM Engineer/SOC Analyst opportunities, consulting engagements, and conversations about Zero Trust, Non-Human Identity, and the future of cloud security. Based in USA — available remotely or in-person.