Cybersecurity Professional

Spencer Spivey

Identity & Access Management specialist building enterprise-scale Zero Trust architecture — from cloud migrations to system hardening, at the intersection of security and user experience. I help organizations improve their security posture through both strategic architecture and active monitoring. Let's work together to meet the challenges of today's technology landscape.

Experience

OCT 2023 — AUG 2025
AT&T Cybersecurity
Dallas, TX (Remote)
SOC Analyst II

Performed security monitoring duties on day shift in a 24/7 SOC. Leveraged SIEM (Devo, RSA NetWitness), EDR (SentinelOne), Wireshark, RSA Archer GRC, and OSINT tools (VirusTotal, AbuseIPDB, Spur) for daily detection and incident triage. Provided feedback to senior analysts to tune alert logic and improve incident response time. Collaborated with Texas state agency analysts and stakeholders to protect government assets.

SIEM Incident Response Threat Mitigation Packet Analysis EDR
MAR 2022 — JUN 2023
Collective Insights
Atlanta, GA
Technical Specialist

Assessed clients' security posture against DoD standards to discover vulnerabilities and create roadmaps for remediation. Analyzed large datasets to create a wave schedule for migrating 45K+ users to a greenfield Active Directory environment. Led internal initiatives to create a sandbox for ForgeRock IAM tools in an effort to expand service offerings.

Security Hardening Vulnerability Management NIST Framework Risk Assessment Customer Success Management
JAN 2019 — OCT 2022
Manhattan Associates
Atlanta, GA
Systems Engineer

Led identity and access management initiatives across hybrid cloud environments. Architected and executed a full Okta-to-Azure AD migration covering 50+ application integrations. Deployed Conditional Access policies at enterprise scale, implementing Zero Trust principles across the organization's identity perimeter. Active in cloud security operations, change management, and business app integration.

Entra ID (Azure AD) Okta Conditional Access SCIM SAML / OIDC Zero Trust

Projects

Cloud Identity Migration

Identity Platform Migration - Okta to Azure AD

  • End-to-end re-platforming of Manhattan Associates' identity infrastructure from Okta to Microsoft Entra ID / Azure Active Directory.
  • Designed the migration architecture and managed application re-integration at scale.
  • Led a Zero Trust Conditional Access deployment serving the full enterprise user base.
  • Delivered with zero authentication downtime and full policy parity.
  • Reclaimed $600K in annual identity licensing costs.
Azure AD / Entra ID Okta Conditional Access SAML 2.0 OIDC SCIM Provisioning Zero Trust
Identity & Endpoint Management Lab

Microsoft Identity & Endpoint Management Lab

  • Stood up a Microsoft identity and endpoint management lab on a Microsoft 365 / Entra ID tenant, provisioning physical Windows 11 devices through both Windows Autopilot and Autopilot device preparation.
  • Built out the enrollment, compliance, and configuration stack.
  • Used Conditional Access to restrict access based on device compliance, and delivered applications and policy via Intune MDM.
  • Worked through the full provisioning chain hands-on, from Windows Pro/Enterprise licensing and hardware-hash capture to BitLocker recovery and clean-install rebuilds.
  • Documented the process as a reusable runbook.
Microsoft Intune Microsoft Entra ID Conditional Access Windows Autopilot MDM Microsoft Defender PowerShell Zero Trust
IAM Architecture
Zero Trust Conditional Access Framework

Designed and deployed enterprise-wide Conditional Access policies across all cloud applications, enforcing MFA, device compliance, and risk-based authentication signals at scale.

Identity Protocols
SAML / OIDC / SCIM Integration Suite

Built and maintained SSO integrations for 50+ enterprise applications using modern identity protocols. Developed SCIM automation for lifecycle provisioning and deprovisioning workflows.

Cloud Security
AWS / GCP Identity Management

Migrated roles and groups from classic AWS IAM Console to modern iteration. Enabled automatic user provisioning to GCP to streamline onboarding.

Security Operations
SOC Threat Detection & Response

Conducted log monitoring, incident triage, and response operations in a production SOC environment. Collaborated with senior analysts to tune alert logic and improve response time.

Core Competencies

Identity Platforms
Microsoft Entra ID / Azure AD
Okta Workforce Identity
Active Directory (on-prem)
ADFS / Hybrid Identity
Privileged Identity Management (PIM)
Identity Protocols
SAML 2.0
OpenID Connect (OIDC)
OAuth 2.0
SCIM 2.0
Cloud & Security
Microsoft Azure
Zero Trust Architecture
Conditional Access
MFA / Passwordless Auth
Security Operations
SIEM (Devo, RSA NetWitness)
GRC (RSA Archer)
Incident Response
Log Analysis & Monitoring
Open-Source Intelligence
Packet Analysis

Credentials & Roadmap

✓ Earned
SC-300
Microsoft — Identity & Access Administrator
In Progress
SY0-701
CompTIA Security+
Next Target
AZ-500
Microsoft Azure Security Engineer
Roadmap
CISSP / CCSP
(ISC)² — Senior Security Professional

Let's Build
Something
Secure.

Open to IAM Engineer/SOC Analyst opportunities, consulting engagements, and conversations about Zero Trust, Non-Human Identity, and the future of cloud security. Based in USA — available remotely or in-person.

© 2026 Spencer Spivey. All rights reserved. USA