JOSEPH CROUSE
Security Analyst
Havre de Grace, Maryland 21078
Email: *********@*****.*** Phone: 443-***-****
SUMMARY
Securityfocused IT professional with extensive experience supporting regulated financial and federal environments. Proven success leading incident response workflows, enforcing security compliance (SOC 2, NIST 80053/171, HIPAA, PCIDSS), and hardening endpoint configurations using Defender, Carbon Black, and CrowdStrikeadjacent AV tools. Skilled in ITSM system management, encryption protocol deployment, IAM lifecycle enforcement, and vulnerability remediation. Consistently recognized for crossfunctional leadership, postevent recovery execution, and queue ownership in highvolume support environments. Strong DoDadjacent experience supporting NOAA mission systems, enclaveseparated environments, and identityrestricted access workflows.
SECURITY HIGHLIGHTS
Endpoint protection engineering using Microsoft Defender, Carbon Black, CheckPoint, BitLocker, and CrowdStrikeadjacent toolsets.
Vulnerability management using Rapid7, Nessusstyle scanning, patch compliance workflows (SCCM, WSUS, AutoMox), and CISRTaligned containment.
IAM lifecycle enforcement across Azure AD / Entra ID and onprem AD, including RBAC, Conditional Access (Zero Trust), MFA (PIV/CAC, RSA, YubiKey), and privileged access workflows.
Zero Trust operational experience supporting NOAA multienclave systems (JPSS, GOESNEON, PPZ/SOZ), enforcing strict identity boundaries and credential hygiene.
Securityaligned endpoint management using SCCM, Intune, AutoMox, Altiris, Absolute, and Axonius.
Scripting and automation using PowerShell and Bash for provisioning, certificate renewal, imaging tasks, and inventory queries.
Cloud security exposure through Azure AD / Entra ID identity governance, Conditional Access enforcement, and Intune compliance controls.
CORE COMPETENCIES & TECHNICAL SKILLS
Endpoint Security: Defender, BitLocker, Carbon Black, Checkpoint, CrowdStrikeadjacent toolsets; MFA via RSA, YubiKey, PIV/CAC
Vulnerability Response: Rapid7 scan analysis, SOC 2/NIST 80053 remediation, CISRTaligned event triage and containment
Incident Response Lifecycle: Containment, eradication, infrastructure rebuilds, RCA documentation across financial and federal sectors
IAM Administration: Azure AD / Entra ID, AD GPOs/OUs, Conditional Access Policy management; rolebased access enforcement
Compliance Frameworks: SOC 2, HIPAA, PCIDSS, NIST 80053/171; digital hold execution and evidence preservation
Imaging & Device Provisioning: SCCM, AutoMox, Altiris, Clonezilla, BartPE; endpoint recovery and hybrid support optimization
ITSM Ticketing Systems: ServiceNow (SAM/HAM), SysAid, FootPrints, Remedy, Heat, Cherwell; Jira tested Maximo, Rational Clear Case
Remote Access & VPN: Cisco AnyConnect, GlobalProtect, Juniper, Citrix
Scripting & Automation: PowerShell and Bash
Agile Process Exposure: Daily Team standups Weekly Federal involved standups, MultiSecurity Specific Standups sprint reviews, process optimization
AV/Teleconference Support: Crestron, Polycom, Microsoft Teams Room, Zoom Room
Training & Mentorship: Led onboarding at SSA; created SOPs, KBs, and microtrainings
PROFESSIONAL EXPERIENCE
Desktop Support Lead – Security & IAM Operations
Earth Resources Technology (ERT) – NOAA OSPO/NSOF – Suitland, MD
2026 – Present
Provide Tier II support across multienclave NOAA environments (Mission Support LAN, Mission Support Services, JPSS, GOESNEON, PPZ/SOZ), resolving identity, credentialing, workstation, and enclavespecific access issues.
Administer JPSSspecific Active Directory workflows including account provisioning, OU placement, group membership updates, and privileged access troubleshooting.
Administer Maximo ticketing workflows for PPZ and SOZ ground control systems access, ensuring proper entitlement validation and auditready documentation.
Supported enclaverestricted vulnerability management workflows using Nessusbased scanning outputs and coordinated remediation with engineering teams.
Enforced NOAA’s strict Zero Trust posture across all enclaves, ensuring identityrestricted access and compliance with enclavespecific security controls.
Enforced IAM lifecycle controls including MFA (PIV/CAC), RBAC, Conditional Access alignment, and identity hygiene.
Supported vulnerability management and patch compliance using SCCM, WSUS, and NOAAapproved baselines.
Developed SOPs, KBs, and enclavespecific documentation to eliminate tribal knowledge and standardize workflows.
Provided VIP/executive support requiring discretion, rapid response, and precise communication.
Led daily standups, coordinated escalations, and maintained operational clarity across fragmented, DoDadjacent enclave systems.
End User Support Specialist
Open Technology Solutions – Linthicum, MD
May 2021 – October 2024
Delivered highperformance endpoint support and auditaligned IT operations for a 3,000+ user financial consortium.
Maintained 99% SLA and 98% customer satisfaction while resolving 3,500+ tickets; firsttouch resolution exceeded 95%.
Supported postcyberattack infrastructure rebuild across Teller Center systems.
Enforced patch compliance and threat response using Rapid7, Defender, and CISRT protocols.
Led Active Directory administration (OUs, users, GPOs), Conditional Access alignment, and MFA provisioning.
Utilized Absolute and Axonius for asset verification, compliance validation, and secure lifecycle tracking across distributed endpoints.
Tuned and supported Carbon Black policies to harden endpoints and remediate threats.
Supported Zero Trust–aligned access enforcement through Conditional Access tuning and RBAC controls.
Provided cloudsecurity support through Azure AD / Entra ID identity governance, Conditional Access refinement, and Intune compliance enforcement.
Championed Windows 11 rollout and reduced dependency on ESU licensing.
Delivered VPN support (GlobalProtect, Juniper), credential recovery, Intune provisioning, and Teams/Zoom continuity.
Authored SOPs, migrated documentation to TechConnect, and reduced escalations via microtrainings.
Desktop Support Technician / Lead Technical Trainer
Evolver Inc. – Woodlawn, MD
June 2016 – March 2021
Provided endpoint and VIP support for SSA’s 66,000user enterprise under STAC subcontract; operated within NIST 800171 and HIPAAaligned environments.
Resolved 5,200+ tickets with 99% SLA and 98% customer satisfaction; achieved 98% firsttouch resolution.
Diagnosed SSA’s 2018 DNS outage and led remediation escalation.
Promoted to Lead Technical Trainer; shortened onboarding cycle from 3–4 months to ~2.
Executed largescale VPN client upgrades (AnyConnect) with AAA/MFA enforcement.
Supported Deep Freeze–protected DMZ machines, AD credential management, and agencywide credential hygiene.
Administered PIV/CACbased MFA and rolebased access enforcement in restricted environments.
ADDITIONAL EXPERIENCE
Desktop Support Specialist – GP Strategies – Columbia, MD – Oct 2015 to Mar 2016
Desktop Support Analyst – Smiths Detection – Edgewood, MD – May 2015 to Oct 2015
Desktop Support Technician – CompuCom/Nielsen – Columbia, MD – Mar 2015 to May 2015
Desktop Support Technician – HewlettPackard/CitiFinancial – Baltimore, MD – May 2012 to Mar 2015
Desktop Support Technician – Dell Technologies/CitiFinancial – Baltimore, MD – Jun 2009 to May 2012
SECURITY PROJECTS & INCIDENT RESPONSE
Security Operations & Incident Response
Dell & HP: CISRT response roles—triaging threats, executing malware remediation, coauthoring afteraction reports.
Smiths Detection: Supported incident triage in a DoDrestricted environment.
OTS: Deployed secure controls to stabilize SOC 2 findings.
OTS: Lead responder during major hacking incident; isolation, remediation, lessonslearned, “war table” participation.
OTS: QA validation for SECU branch network upgrades.
Disaster Recovery & Infrastructure Rebuild
OTS: Led EUC response after cyberattack disabled Teller Center systems; rebuilt endpoint infrastructure and supported ATM recovery.
Endpoint Encryption & Data Security
Dell & HP: Directed largescale Pointsec/CheckPoint encryption rollouts; remediated failed installs (~600 endpoints).
GP Strategies: Delivered BitLocker recovery support.
HP: Executed digital hold protocols during litigation.
OTS: Enforced encryption compliance using Carbon Black, Automox, Altiris, and Absolute.
EDUCATION
Chesapeake High School – Baltimore, MD – High School Diploma
University of Maryland at College Park – Coursework completed
Community College of Baltimore County – Essex, MD – Coursework completed
CERTIFICATIONS
CompTIA A+
CompTIA Security+ CE
HDI Desktop Advanced Service Technician
ITIL V4 Foundation
HP2896 Certified Professional
Public Trust Cleared 2016 and 2025
Dell Soft Skills
Dell Wireless Networking Basics
2300 TrueMobile Wireless Certification
IBM Service Excellence
Udemy Training for CompTIA Network+ (N10007)
In Progress: CompTIA Project+, CySA+, Microsoft AZ900, Server+