cww@security:~/portfolio
// SENIOR SECURITY ENGINEER · LEAD IAM SPECIALIST · CISSP

Chandler W.
Williams.

Treating identity as the control plane for everything else.

auth_architect() · token_tamer() · zero_trust_pragmatist() 📍 DMV [email protected]
8+
years in security
100+
SAML / OIDC / SCIM integrations
100%
automated joiner / leaver via Okta Workflows
CISSP
ISC2 certified
// impact.log
01
IAM Modernization
Challenge

Scattered identity systems across the SaaS estate with no unified source of truth — nothing solid to anchor a zero-trust posture on.

What I did

Consolidated SSO and SCIM under Okta + Entra ID, anchored to Workday (HRaaS) as the lifecycle source of truth — 100+ integrations across the estate. Rolled out passwordless policies across both IdPs, paired with Okta Desktop MFA and Windows Hello for Business as the desktop strong-auth layer. Operate CATO SASE alongside Palo Alto (Panorama) for zero-trust network access.

Outcome

100% automated joiner/leaver flows sourced from HRaaS, attribute-based application assignment, and just-in-time access — at firm scale.

02
Vulnerability Management
Challenge

Patching cadence ad-hoc; vulnerability data spread across tools with no executive view.

What I did

Built and ran an automated vulnerability management program — gathering data across tools, curating critical/high lists routed to the responsible patch teams, and surfacing KPI tracking for leadership.

Outcome

Weekly executive summaries shipped on a fixed cadence; remediation prioritized against severity, not vibes.

03
Detection & Response
Challenge

Scattered detection tooling and ongoing tuning sprawl across XDR and SIEM platforms — too much noise, not enough signal, and a phishing queue eating analyst hours.

What I did

Led multiple endpoint XDR and SIEM platform transitions, owning detection tuning, integration work, and post-migration cleanup.

Separately, drove phishing-response automation across the email security stack — AI-augmented triage, auto-isolation, and clean analyst hand-offs for the cases that still needed eyes on them.

Outcome

Lower mean-time-to-detect/respond and a phishing-response path that scales beyond headcount.

// experience
Dec 2022 — Present
Senior Cybersecurity Engineer
Aprio LLP · promoted to Senior in 2024
  • IAM SME — 100+ SAML/OIDC/SCIM integrations across Okta + Entra ID, sourced from Workday (HRaaS).
  • 100% automated Okta Workflows for the full identity lifecycle — zero-touch onboarding/termination and JIT access.
  • Passwordless policies across both IdPs — Okta Desktop MFA for desktop step-up auth, Windows Hello for Business for passwordless sign-in.
  • Hands-on with CATO SASE and Palo Alto (Panorama-managed) for zero-trust network access.
  • Led multiple endpoint XDR and SIEM platform transitions; owned detection tuning and integration work.
  • Drove phishing-response automation across the email security stack.
  • Built an automated vulnerability management program — data gathering, curated critical/high lists to patch teams, and KPI reporting for leadership.
  • Deployed Keeper Password Manager firm-wide; ran adoption office hours.
  • Partnered with GRC on SOC2 / NIST CSF mappings and POA&Ms.
  • Reviewed resumes via Lever, conducted interviews, mentored offshore team members.
Sep 2018 — Dec 2022
Cybersecurity Analyst
Aronson LLC
  • Implemented Okta MFA / SSO (SAML, SWA) across applications.
  • Designed 802.1x secure wireless networks.
  • Managed vulnerability remediation by severity and user access reviews.
  • Drove CMMC Level 3 compliance via POA&Ms.
  • Automated provisioning and reporting in PowerShell on Windows Server.
Nov 2016 — Sep 2018
IT Helpdesk Specialist
Morgan Keller, Inc.
  • Engineered high-availability Hyper-V environments and server migrations.
  • Tier 1/2 support and technical documentation.
// stack
Identity & Access
Okta (Workforce Identity · Workflows · Lifecycle Mgmt · Universal Directory · Desktop MFA)·Microsoft Entra ID·Conditional Access·Privileged Identity Mgmt·Identity Protection·Workday (HRaaS)·SAML 2.0·OIDC·OAuth 2.0·SCIM·SWA·JIT provisioning·RBAC / ABAC
Strong Auth & Zero Trust
Passwordless·FIDO2 / WebAuthn·Passkeys·YubiKey·Windows Hello for Business·Okta Desktop MFA·CATO SASE·Palo Alto (Panorama)·ZTNA
Detection & Response
Microsoft Defender XDR (Endpoint · Identity · Cloud Apps · Office 365)·SentinelOne XDR / MDR·Microsoft Sentinel SIEM·Defender for Outlook·Abnormal AI·CrowdStrike Falcon·Sysmon·Threat hunting (KQL)·Incident response playbooks
Vulnerability & Endpoint
OpenVAS·Tenable Nessus·CVE / CVSS triage·CISA KEV catalog·Patch cadence ownership·Microsoft Intune (MDM)·BitLocker·Keeper Password Manager
Automation & Scripting
Python·PowerShell·KQL·Bash·REST APIs·Postman·Git / GitHub·Azure DevOps·JSON / YAML
Compliance & GRC
SOC 2 (Type I / II)·NIST CSF·NIST 800-53 / 800-171·CMMC Level 3·POA&Ms·Vendor security reviews·User access reviews·KnowBe4 (security awareness)
Networking
802.1x (PEAP / EAP-TLS)·RADIUS / NPS·IPsec / SSL VPN·Site-to-site VPN·VLAN segmentation·Cloudflare (DNS · Pages · Access)·Wireshark / packet analysis
Platforms
Microsoft 365 / Azure·Active Directory·Windows Server·Hyper-V·VMware·macOS / Windows endpoint fleets

Education

B.S. Computer Networks & Cybersecurity
Univ. of Maryland Global Campus · 2025
A.S. Cybersecurity
Hagerstown Community College · 2016

Certifications

CISSP
ISC2 · active
// contact
email[email protected] linkedin/in/chandler-w-williams resumeRESUME-CWW-PUB.pdf