Senior Microsoft Solutions Architect - M365 & Identity Security
Resume:
DAMON J. GARRISON
415-***-**** **************@*****.***
Microsoft Solutions Architect M365 Azure AD / Entra ID Intune / Endpoint Manager Identity & Security
PROFESSIONAL SUMMARY
Senior Microsoft Solutions Architect with 20+ years of enterprise IT experience, specializing in Microsoft 365, Azure AD/Entra ID, Intune/Endpoint Manager, Teams, and identity & security architecture. Proven track record designing and delivering Digital Workplace solutions for organizations with 1,000–60,000 users across healthcare, government, finance, education, and manufacturing. Expertise spans the full Microsoft product stack—from cloud-only migrations and tenant consolidations to on-premises Active Directory design and Certificate Services. Experienced consultant and team lead with strong client-facing communication skills and a history of mentoring junior engineers and driving best-practice adoption.
CORE COMPETENCIES & TECHNICAL SKILLS
M365 / Digital Workplace
Exchange Online, Teams, SharePoint, OneDrive, Copilot for M365, Microsoft Purview (Compliance & DLP)
Identity & Security
Azure AD / Entra ID, Conditional Access, MFA, ADCS, AD FS, Okta, OneLogin, Rights Management (AD RMS/Azure RMS)
Endpoint Management
Intune/Endpoint Manager, Autopilot, SCCM/ConfigMgr, MDM (AirWatch/Workspace ONE, JAMF), Windows 365 / Cloud PC
Cloud Platforms
Microsoft Azure (Gov & Comm), AWS (Gov & Comm), Google Cloud, OpenStack, Rackspace
On-Premises Microsoft
Active Directory DS (design, migration, multi-forest), Group Policy, Exchange 2003–2019, ADCS, WINS/DNS/DHCP
Migration Tools
Quest Migration Manager, FastTrack, BitTitan (ShareGate ecosystem), ShareGate
Scripting & Automation
PowerShell, Okta Workflows
Virtualization
VMware vSphere/vCenter (3.5–7.x), Hyper-V, Citrix XenDesktop/XenServer, Nutanix, KVM, Xen
Security Frameworks
NIST Security Baselines, MS ATP, BitLocker, FileVault, Proxy/Email Security
CERTIFICATIONS & EDUCATION
Education: State University of New York at Buffalo — Computer Engineering (1994–1998)
Certifications: Microsoft certifications across Azure, M365, Endpoint, Security & Compliance (details available upon request)
PROFESSIONAL EXPERIENCE
Senior Identity Engineer / Microsoft Consultant Fortive Inc. (Contract)
8/2024 – Present
•Designing and implementing cloud-only identity strategy for 15,000-user migration from AD-primary to Azure AD/Entra ID
•Leading Intune-Only conversion strategy for 12,500 hybrid-joined endpoints, replacing legacy Hybrid Intune co-management
•Developing Autopilot deployment strategy for streamlined zero-touch provisioning across global endpoints
•Performing tenant-to-tenant migrations, consolidating 30 operating-company tenants into a single corporate M365 tenant
•Creating SOPs for integrating subsidiary Active Directory environments into parent corporate AD
Senior Security Engineer (Team Lead) Lands' End Inc.
5/2021 – Present
•Deployed Windows 365 Cloud PC to 1,500 global users in conjunction with CloudOps team, enabling secure anywhere-access
•Designed and implemented Conditional Access policies for cloud and on-premises resources based on location, device compliance, and risk signals
•Deployed Azure MFA and led migration planning from AD to Azure AD (Entra ID) for internal resources
•Customized Windows 10 hardening using NIST security baselines across managed endpoints
•Led IAM/Access Control as team lead within SecOps; drove standardization of SOPs and automation using PowerShell and Okta Workflows
•Coordinated program to migrate from PingOne to Okta for customer identity
Senior Consultant (Contract) St. Louis College of Pharmacy
5/2022 – 7/2023
●Migrated Office 365 tenant and Active Directory domain for 12,000 users using Quest Migration Manager, including full email domain cutover
●Re-designed Active Directory topology to support modernized environment
●Migrated and deployed new ADCS server (2003 to 2019), maintaining PKI continuity during transition
●Performed Active Directory remediation and cleanup to ensure a clean, well-structured directory post-migration
Senior Consultant (Contract) General Dynamics Mission Systems
10/2021 – 3/2022
•Migrated Office 365 tenant and Active Directory domain for 12,000 users using Quest Migration Manager, including full email domain cutover
•Re-designed Active Directory topology and performed remediation/cleanup across 25 individual AD domains consolidated into new corporate domain
•Migrated and deployed new ADCS server (2003 to 2019) maintaining PKI continuity
Senior Consultant (Contract) Marquette University
3/2020 – 2/2021
•Created and deployed Windows 10 in-place upgrade task sequence for 18,000 users via SCCM (planning, execution, and training)
•Deployed SCCM Cloud Management Gateway on Azure and integrated Upgrade Analytics for data-driven endpoint planning
•Customized Windows 10 with NIST security baselines; performed JAMF MDM remediation and cleanup
•Automated BIOS update logic within task sequences to ensure consistent, policy-compliant imaging
Senior Consultant (Contract) Tri-Health Inc.
4/2019 – 9/2019
•Deployed Windows 10 in-place upgrade to 38,000 healthcare users using SCCM from greenfield infrastructure deployment
•Deployed SCCM Cloud Management Gateway on Azure and Upgrade Analytics to streamline endpoint lifecycle management
•Applied NIST security baselines to Windows 10 endpoints; performed AD and SCCM health check and cleanup
Senior Consultant (Contract) Baylor Scott & White Healthcare System
12/2017 – 3/2019
•Led Windows 10 in-place upgrade deployment for 58,000 users using SCCM (one of the largest healthcare endpoint projects in the region)
•Deployed SCCM Cloud Management Gateway on Azure; upgraded SCCM infrastructure to current build
•Conducted POC of AirWatch/Workspace ONE for Kiosk, BYOD, and macOS deployments
•Applied NIST security baselines and developed automated BIOS update task sequence logic
Senior Consultant (Contract) San Francisco Municipal Transportation Agency
2/2016 – 12/2017
•Deployed Windows 10 image to 6,500 users using SCCM; migrated servers and workloads to Azure Government
•Deployed and configured MBAM (BitLocker) and Windows Hello for Business
•Upgraded Citrix XenApp 6.7 to 7.12 for 2,500 users and configured VEEAM Backup & Recovery for VMware
•Administered O365 email environment and performed Active Directory remediation and cleanup
Senior Consultant Convergent Computing
9/2016 – 12/2018
•Consulted across Azure AD, Office 365, Identity Management (Okta, AAD, OneLogin, AD), Windows Desktop, and MDM (Intune, AirWatch)
•Migrated 3,000 users from AirWatch to Intune and 7,500 users from Novell GroupWise to Office 365 Government
•Re-architected Citrix XenApp 7.12 environment for 1,500 users; deployed AirWatch MDM/Workspace ONE for macOS endpoints
Senior Consultant / Managing Partner Inforeality LLC
1/2010 – 9/2016
•Delivered end-to-end Microsoft consulting engagements: Active Directory design, Exchange migrations, Office 365 deployments, and cloud transitions
•Migrated Exchange 2007 (300 users) to Office 365 E3; implemented hybrid Exchange 2012/O365 increasing productivity and reducing support load
•Implemented AD RMS and Azure RMS rights management solutions; built Windows 2012 AD domains with full services for 500-user environments
•Managed infrastructure refresh replacing 200 geographically dispersed servers and 600 endpoints
Senior Consultant / Sr. Network Engineer Various Companies (Contracts)
2001 – 2009
•Designed and deployed VMware ESX hypervisor platforms in HA colocation environments, saving clients $150K+ in infrastructure costs
•Managed network infrastructure of 130 servers, 625+ hosts across 5 regional and 21 branch offices spanning two AD forests
•Designed multi-forest Active Directory topologies, inter-forest trusts, and oversaw AD functional-level upgrades
•Trained and mentored junior staff; oversaw Exchange, SQL, and mission-critical service administration
Contact this candidate