Post Job Free
Sign in

IT Support Specialist with Cyber Response

Location:
Middle River, MD
Posted:
July 04, 2026

Contact this candidate

Resume:

JOSEPH CROUSE

Security Analyst

Havre de Grace, Maryland 21078

Email: *********@*****.*** Phone: 443-***-****

SUMMARY

Securityfocused IT professional with extensive experience supporting regulated financial and federal environments. Proven success leading incident response workflows, enforcing security compliance (SOC 2, NIST 80053/171, HIPAA, PCIDSS), and hardening endpoint configurations using Defender, Carbon Black, and CrowdStrikeadjacent AV tools. Skilled in ITSM system management, encryption protocol deployment, IAM lifecycle enforcement, and vulnerability remediation. Consistently recognized for crossfunctional leadership, postevent recovery execution, and queue ownership in highvolume support environments. Strong DoDadjacent experience supporting NOAA mission systems, enclaveseparated environments, and identityrestricted access workflows.

SECURITY HIGHLIGHTS

Endpoint protection engineering using Microsoft Defender, Carbon Black, CheckPoint, BitLocker, and CrowdStrikeadjacent toolsets.

Vulnerability management using Rapid7, Nessusstyle scanning, patch compliance workflows (SCCM, WSUS, AutoMox), and CISRTaligned containment.

IAM lifecycle enforcement across Azure AD / Entra ID and onprem AD, including RBAC, Conditional Access (Zero Trust), MFA (PIV/CAC, RSA, YubiKey), and privileged access workflows.

Zero Trust operational experience supporting NOAA multienclave systems (JPSS, GOESNEON, PPZ/SOZ), enforcing strict identity boundaries and credential hygiene.

Securityaligned endpoint management using SCCM, Intune, AutoMox, Altiris, Absolute, and Axonius.

Scripting and automation using PowerShell and Bash for provisioning, certificate renewal, imaging tasks, and inventory queries.

Cloud security exposure through Azure AD / Entra ID identity governance, Conditional Access enforcement, and Intune compliance controls.

CORE COMPETENCIES & TECHNICAL SKILLS

Endpoint Security: Defender, BitLocker, Carbon Black, Checkpoint, CrowdStrikeadjacent toolsets; MFA via RSA, YubiKey, PIV/CAC

Vulnerability Response: Rapid7 scan analysis, SOC 2/NIST 80053 remediation, CISRTaligned event triage and containment

Incident Response Lifecycle: Containment, eradication, infrastructure rebuilds, RCA documentation across financial and federal sectors

IAM Administration: Azure AD / Entra ID, AD GPOs/OUs, Conditional Access Policy management; rolebased access enforcement

Compliance Frameworks: SOC 2, HIPAA, PCIDSS, NIST 80053/171; digital hold execution and evidence preservation

Imaging & Device Provisioning: SCCM, AutoMox, Altiris, Clonezilla, BartPE; endpoint recovery and hybrid support optimization

ITSM Ticketing Systems: ServiceNow (SAM/HAM), SysAid, FootPrints, Remedy, Heat, Cherwell; Jira tested Maximo, Rational Clear Case

Remote Access & VPN: Cisco AnyConnect, GlobalProtect, Juniper, Citrix

Scripting & Automation: PowerShell and Bash

Agile Process Exposure: Daily Team standups Weekly Federal involved standups, MultiSecurity Specific Standups sprint reviews, process optimization

AV/Teleconference Support: Crestron, Polycom, Microsoft Teams Room, Zoom Room

Training & Mentorship: Led onboarding at SSA; created SOPs, KBs, and microtrainings

PROFESSIONAL EXPERIENCE

Desktop Support Lead – Security & IAM Operations

Earth Resources Technology (ERT) – NOAA OSPO/NSOF – Suitland, MD

2026 – Present

Provide Tier II support across multienclave NOAA environments (Mission Support LAN, Mission Support Services, JPSS, GOESNEON, PPZ/SOZ), resolving identity, credentialing, workstation, and enclavespecific access issues.

Administer JPSSspecific Active Directory workflows including account provisioning, OU placement, group membership updates, and privileged access troubleshooting.

Administer Maximo ticketing workflows for PPZ and SOZ ground control systems access, ensuring proper entitlement validation and auditready documentation.

Supported enclaverestricted vulnerability management workflows using Nessusbased scanning outputs and coordinated remediation with engineering teams.

Enforced NOAA’s strict Zero Trust posture across all enclaves, ensuring identityrestricted access and compliance with enclavespecific security controls.

Enforced IAM lifecycle controls including MFA (PIV/CAC), RBAC, Conditional Access alignment, and identity hygiene.

Supported vulnerability management and patch compliance using SCCM, WSUS, and NOAAapproved baselines.

Developed SOPs, KBs, and enclavespecific documentation to eliminate tribal knowledge and standardize workflows.

Provided VIP/executive support requiring discretion, rapid response, and precise communication.

Led daily standups, coordinated escalations, and maintained operational clarity across fragmented, DoDadjacent enclave systems.

End User Support Specialist

Open Technology Solutions – Linthicum, MD

May 2021 – October 2024

Delivered highperformance endpoint support and auditaligned IT operations for a 3,000+ user financial consortium.

Maintained 99% SLA and 98% customer satisfaction while resolving 3,500+ tickets; firsttouch resolution exceeded 95%.

Supported postcyberattack infrastructure rebuild across Teller Center systems.

Enforced patch compliance and threat response using Rapid7, Defender, and CISRT protocols.

Led Active Directory administration (OUs, users, GPOs), Conditional Access alignment, and MFA provisioning.

Utilized Absolute and Axonius for asset verification, compliance validation, and secure lifecycle tracking across distributed endpoints.

Tuned and supported Carbon Black policies to harden endpoints and remediate threats.

Supported Zero Trust–aligned access enforcement through Conditional Access tuning and RBAC controls.

Provided cloudsecurity support through Azure AD / Entra ID identity governance, Conditional Access refinement, and Intune compliance enforcement.

Championed Windows 11 rollout and reduced dependency on ESU licensing.

Delivered VPN support (GlobalProtect, Juniper), credential recovery, Intune provisioning, and Teams/Zoom continuity.

Authored SOPs, migrated documentation to TechConnect, and reduced escalations via microtrainings.

Desktop Support Technician / Lead Technical Trainer

Evolver Inc. – Woodlawn, MD

June 2016 – March 2021

Provided endpoint and VIP support for SSA’s 66,000user enterprise under STAC subcontract; operated within NIST 800171 and HIPAAaligned environments.

Resolved 5,200+ tickets with 99% SLA and 98% customer satisfaction; achieved 98% firsttouch resolution.

Diagnosed SSA’s 2018 DNS outage and led remediation escalation.

Promoted to Lead Technical Trainer; shortened onboarding cycle from 3–4 months to ~2.

Executed largescale VPN client upgrades (AnyConnect) with AAA/MFA enforcement.

Supported Deep Freeze–protected DMZ machines, AD credential management, and agencywide credential hygiene.

Administered PIV/CACbased MFA and rolebased access enforcement in restricted environments.

ADDITIONAL EXPERIENCE

Desktop Support Specialist – GP Strategies – Columbia, MD – Oct 2015 to Mar 2016

Desktop Support Analyst – Smiths Detection – Edgewood, MD – May 2015 to Oct 2015

Desktop Support Technician – CompuCom/Nielsen – Columbia, MD – Mar 2015 to May 2015

Desktop Support Technician – HewlettPackard/CitiFinancial – Baltimore, MD – May 2012 to Mar 2015

Desktop Support Technician – Dell Technologies/CitiFinancial – Baltimore, MD – Jun 2009 to May 2012

SECURITY PROJECTS & INCIDENT RESPONSE

Security Operations & Incident Response

Dell & HP: CISRT response roles—triaging threats, executing malware remediation, coauthoring afteraction reports.

Smiths Detection: Supported incident triage in a DoDrestricted environment.

OTS: Deployed secure controls to stabilize SOC 2 findings.

OTS: Lead responder during major hacking incident; isolation, remediation, lessonslearned, “war table” participation.

OTS: QA validation for SECU branch network upgrades.

Disaster Recovery & Infrastructure Rebuild

OTS: Led EUC response after cyberattack disabled Teller Center systems; rebuilt endpoint infrastructure and supported ATM recovery.

Endpoint Encryption & Data Security

Dell & HP: Directed largescale Pointsec/CheckPoint encryption rollouts; remediated failed installs (~600 endpoints).

GP Strategies: Delivered BitLocker recovery support.

HP: Executed digital hold protocols during litigation.

OTS: Enforced encryption compliance using Carbon Black, Automox, Altiris, and Absolute.

EDUCATION

Chesapeake High School – Baltimore, MD – High School Diploma

University of Maryland at College Park – Coursework completed

Community College of Baltimore County – Essex, MD – Coursework completed

CERTIFICATIONS

CompTIA A+

CompTIA Security+ CE

HDI Desktop Advanced Service Technician

ITIL V4 Foundation

HP2896 Certified Professional

Public Trust Cleared 2016 and 2025

Dell Soft Skills

Dell Wireless Networking Basics

2300 TrueMobile Wireless Certification

IBM Service Excellence

Udemy Training for CompTIA Network+ (N10007)

In Progress: CompTIA Project+, CySA+, Microsoft AZ900, Server+



Contact this candidate