- Project Lead Chase Olson
- Client Celestica
- Date Nov 2024 - Jan 2025
- Coffee Consumed 185 Cups
Led the implementation of a secure Windows endpoint management strategy using Microsoft Intune, Windows AutoPilot, and Azure Active Directory to ensure FedRAMP High and CMMC 2.0 Level 2 compliance.
- Strategy and Requirements Development: Designed and developed a Windows endpoint security strategy aligned with FedRAMP High and CMMC 2.0 Level 2 standards, incorporating Zero Trust principles and secure device lifecycle management.
- Compliance Configuration: Configured compliance policies to enforce encryption (BitLocker), secure boot, password complexity, and multifactor authentication. Established Conditional Access policies to dynamically restrict access to corporate resources based on compliance status and risk level.
- Windows AutoPilot Deployment:
Streamlined the deployment of corporate-owned Windows devices using Windows AutoPilot for zero-touch provisioning. Pre-configured devices with security baselines, required applications, and FedRAMP-compliant software to ensure out-of-the-box compliance. - Endpoint Privilege Management:
Implemented Endpoint Privilege Management to dynamically elevate administrative privileges only when necessary, reducing the risk of privilege abuse and ensuring adherence to least privilege principles. - Application Management:
Deployed and managed critical applications, including Microsoft 365, using Intune app protection policies. Configured app-specific restrictions to prevent unauthorized sharing, data leakage, and use of unmanaged apps. - Zero Trust Integration:
Integrated Zero Trust principles by enforcing identity verification, device compliance, and secure access to resources. Leveraged Azure AD Conditional Access to enable real-time risk-based access control. - Monitoring and Reporting:
Developed dashboards in Microsoft Endpoint Manager to monitor device compliance, security posture, and patch management status. Automated alerts and remediation workflows for non-compliance and detected threats, enabling rapid response. - User Training and Support:
Provided training for IT teams and end-users on device enrollment, compliance adherence, and secure usage of managed applications. Created step-by-step guides to ensure smooth adoption and alignment with security policies. - Enhanced Security Posture:
Achieved a secure Windows environment by enforcing encryption, advanced malware protection, and compliance policies. Strengthened overall security by aligning endpoint management with FedRAMP High and CMMC 2.0 Level 2 requirements, reducing risks of unauthorized access and data breaches.