Profiles search
Joshua Delbert
Corporate Information Security Engineer at Square
Arnold, MO, United States
Details
Experience:
2021 : Present
Square
Corporate Information Security Engineer
Architects the Boeing domain structure and assists with directory integration. Delivers directory standards to support the enterprise. Provides solutions for tier 3 escalations. Automates legacy processes to increase enterprise efficiency and task accuracy. Embraces Agile methodologies for faster improvements to all supporting systems and tools using ADO.
● Architects and maintains 9 Active Directory domains containing ~180,000 computer objects, ~500,000 security
groups and ~150,000 user objects.
● Product Owner and Architect for elevated privilege automation for enterprise tool UPEP.
● Primary Focal of Active Directory and UPEP for Information Security and Global Trade Controls inquiries.
● Project lead for directory consolidation efforts from 9 domains to 1 domain.
● Automated migration efforts using developed tool to eliminate hands on efforts.
● Drives centralization of directory management from site support of all domains to enterprise support.
● Deploys risk mitigation for the directories by enforcing least privilege model to all sites.
● Architects and supports external directory for non-trusted physical and cloud devices.
● Maintains directory Group Policy Objects for all workstations at 200 site locations across the world.
● Supports DFARS compliance for devices and sites throughout the United States.
● Develops tools / scripts to enable easier management of the domain and policy restrictions (USB, RDP, Migration).
● Scrum master leading agile team during sprint and retro efforts.
● Developer for team’s internal website for policy and process information.
● Assists with Workspace One implementation for the enterprise.
● Assists with GSEP asset manager and directory synchronization.
● Assists with CyberArk support for local admin credentials for the enterprise.
2018 : 2021
Boeing
Systems Design & Integration Specialist 3
Guides Information Security on Identity and Access Management processes. Reduces risk by ensuring Boeing identity systems meet global compliance standards. Drives second century initiatives for identity and access management.
• Performs data analysis on directory systems to improve processes and reduce risk.
• Designs processes improvements for identity consumption from authoritative sources.
• Ensures identity collection procedures meet global compliance requirements related to National Institute of Standards and Technology (NIST) and General Data Protection Regulation (GDPR).
• Drives product integration of identity and authentication systems to reduce complexity and increase efficiency.
• Responsible for process alignment to 110 Information Security policy statements.
• Provides administrative support for reverse proxy accounts through BART.
2016 : 2018
Boeing
Systems Design & Integration Specialist 2
Designs and maintains authentication methods and user provisioning using Microsoft Identity Manager, Powershell, ADFS, LDAPS, and CAS. Assists application integration with multiple directory services including ADLDS and Active Directory. Provides tier 3 support for Identity and Access Management. Maintains daily file server operations and reporting services. Integrates multifactor authentication and Single Sign On for campus applications.
•Designed automated provisioning of over 100,000 Google email accounts using FIM, GADs, GAM, and Powershell.
•Maintains and improves Active Directory containing over 60,000 accounts, the Forever Directory (ADLDS) containing over 450,000 accounts, and Google provisioning directory containing over 100,000 accounts.
•Architected user provisioning and workflows for new Federal Information Security Management Act (FISMA) environment using Powershell and Microsoft Identity Manager (MIM).
•Integrates Forefront Identity Manager (FIM) and provisioning workflow for automation throughout the environment such as criteria based AD security groups.
•Implemented Active Directory Federation Services (ADFS) for use with CAS and the SPS Virtual Computer Lab.
•Engineered SecureAuth environment for Single Sign On and two factor authentication for campus applications.
• Supports and develops the unstructured data file server, quotas, and quota reporting created from scratch using Powershell and SQL Reporting Services. These reports include a daily storage quota email sent to all department IT staff and trend reporting such as monthly storage increases used for future storage purchasing justification.
•Led the development of Office 365 POC resulting in the move to O365 for email using FIM and AAD Connect.
•Assisted the migration to new file servers and transfer of ownership for quota and reporting management of over 45TBs of data.
•Maintains the Group Policy for Internet Explorer 11 and the Enterprise Mode list for over 7,000 workstations.
2015 : 2016
Saint Louis University
Integration Specialist (Identity Management and SSO)
Provides tier 3 support for a wide array of applications relating to the core operations of the University, most importantly Active Directory, DHCP, DNS, Forefront Identity Manager, and the unstructured data store.
•Designed Forefront Identity Manager (FIM), automating the management of over 60,000 active accounts and 450,000 Forever Directory (ADLDS) accounts.
•Decommissioned Novell eDirectory and the first Active Directory Domain Services of the University.
•Automated AD computer object cleanup by removing inactive objects from the directory using Powershell.
•Automated users’ personal directory provisioning within FIM using Powershell.
•Developed operational standards for Security Group creation in Active Directory in order to audit and remove depreciated groups from the Novell migration.
•Architected DirSync for Office 365 downloadable software for students and licensing through FIM and Powershell.
•Implemented automatic local administrator password changes on servers and workstations.
•Enhanced Group Policy Objects for workstations by consolidating policies for easier management and support.
•Improved Symantec Endpoint Protection for servers and workstations by consolidating policies and settings.
•Assisted with the Windows 7 migration of 7,000 workstations providing boots on the ground and immediate customer support for departments.
•Retired Novell iPrint and implemented Printer Properties Pro (PPP), successfully migrating over 700 printers.
2013 : 2015
Saint Louis University
System Administrator (Core Services)
Square
Corporate Information Security Engineer
Architects the Boeing domain structure and assists with directory integration. Delivers directory standards to support the enterprise. Provides solutions for tier 3 escalations. Automates legacy processes to increase enterprise efficiency and task accuracy. Embraces Agile methodologies for faster improvements to all supporting systems and tools using ADO.
● Architects and maintains 9 Active Directory domains containing ~180,000 computer objects, ~500,000 security
groups and ~150,000 user objects.
● Product Owner and Architect for elevated privilege automation for enterprise tool UPEP.
● Primary Focal of Active Directory and UPEP for Information Security and Global Trade Controls inquiries.
● Project lead for directory consolidation efforts from 9 domains to 1 domain.
● Automated migration efforts using developed tool to eliminate hands on efforts.
● Drives centralization of directory management from site support of all domains to enterprise support.
● Deploys risk mitigation for the directories by enforcing least privilege model to all sites.
● Architects and supports external directory for non-trusted physical and cloud devices.
● Maintains directory Group Policy Objects for all workstations at 200 site locations across the world.
● Supports DFARS compliance for devices and sites throughout the United States.
● Develops tools / scripts to enable easier management of the domain and policy restrictions (USB, RDP, Migration).
● Scrum master leading agile team during sprint and retro efforts.
● Developer for team’s internal website for policy and process information.
● Assists with Workspace One implementation for the enterprise.
● Assists with GSEP asset manager and directory synchronization.
● Assists with CyberArk support for local admin credentials for the enterprise.
2018 : 2021
Boeing
Systems Design & Integration Specialist 3
Guides Information Security on Identity and Access Management processes. Reduces risk by ensuring Boeing identity systems meet global compliance standards. Drives second century initiatives for identity and access management.
• Performs data analysis on directory systems to improve processes and reduce risk.
• Designs processes improvements for identity consumption from authoritative sources.
• Ensures identity collection procedures meet global compliance requirements related to National Institute of Standards and Technology (NIST) and General Data Protection Regulation (GDPR).
• Drives product integration of identity and authentication systems to reduce complexity and increase efficiency.
• Responsible for process alignment to 110 Information Security policy statements.
• Provides administrative support for reverse proxy accounts through BART.
2016 : 2018
Boeing
Systems Design & Integration Specialist 2
Designs and maintains authentication methods and user provisioning using Microsoft Identity Manager, Powershell, ADFS, LDAPS, and CAS. Assists application integration with multiple directory services including ADLDS and Active Directory. Provides tier 3 support for Identity and Access Management. Maintains daily file server operations and reporting services. Integrates multifactor authentication and Single Sign On for campus applications.
•Designed automated provisioning of over 100,000 Google email accounts using FIM, GADs, GAM, and Powershell.
•Maintains and improves Active Directory containing over 60,000 accounts, the Forever Directory (ADLDS) containing over 450,000 accounts, and Google provisioning directory containing over 100,000 accounts.
•Architected user provisioning and workflows for new Federal Information Security Management Act (FISMA) environment using Powershell and Microsoft Identity Manager (MIM).
•Integrates Forefront Identity Manager (FIM) and provisioning workflow for automation throughout the environment such as criteria based AD security groups.
•Implemented Active Directory Federation Services (ADFS) for use with CAS and the SPS Virtual Computer Lab.
•Engineered SecureAuth environment for Single Sign On and two factor authentication for campus applications.
• Supports and develops the unstructured data file server, quotas, and quota reporting created from scratch using Powershell and SQL Reporting Services. These reports include a daily storage quota email sent to all department IT staff and trend reporting such as monthly storage increases used for future storage purchasing justification.
•Led the development of Office 365 POC resulting in the move to O365 for email using FIM and AAD Connect.
•Assisted the migration to new file servers and transfer of ownership for quota and reporting management of over 45TBs of data.
•Maintains the Group Policy for Internet Explorer 11 and the Enterprise Mode list for over 7,000 workstations.
2015 : 2016
Saint Louis University
Integration Specialist (Identity Management and SSO)
Provides tier 3 support for a wide array of applications relating to the core operations of the University, most importantly Active Directory, DHCP, DNS, Forefront Identity Manager, and the unstructured data store.
•Designed Forefront Identity Manager (FIM), automating the management of over 60,000 active accounts and 450,000 Forever Directory (ADLDS) accounts.
•Decommissioned Novell eDirectory and the first Active Directory Domain Services of the University.
•Automated AD computer object cleanup by removing inactive objects from the directory using Powershell.
•Automated users’ personal directory provisioning within FIM using Powershell.
•Developed operational standards for Security Group creation in Active Directory in order to audit and remove depreciated groups from the Novell migration.
•Architected DirSync for Office 365 downloadable software for students and licensing through FIM and Powershell.
•Implemented automatic local administrator password changes on servers and workstations.
•Enhanced Group Policy Objects for workstations by consolidating policies for easier management and support.
•Improved Symantec Endpoint Protection for servers and workstations by consolidating policies and settings.
•Assisted with the Windows 7 migration of 7,000 workstations providing boots on the ground and immediate customer support for departments.
•Retired Novell iPrint and implemented Printer Properties Pro (PPP), successfully migrating over 700 printers.
2013 : 2015
Saint Louis University
System Administrator (Core Services)
Company:
Square
Spoken Language:
English
Profile Photo
