Initializing Security Framework...

Anthony Harwelik

Principal Microsoft 365 Security Engineer & Azure Security Architect
Active Secret Clearance
908.868.1674 aharwelik@gmail.com LinkedIn
St. Petersburg, FL & Remote

Education & Professional Development

Education

Advanced Networking Degree
Computer Education Institute of New Jersey

Continuous Professional Development

  • • Microsoft Azure & Security Specialization Training
  • • Advanced Sentinel & Defender XDR Workshops
  • • Zero-Trust Architecture Certification Programs
  • • NIST Cybersecurity Framework Training

Key Projects & Innovation

Security Architecture Projects

  • Zero-Trust Implementation: Comprehensive architecture for Fortune 500 with device compliance, identity verification, and network segmentation
  • Multi-Cloud Security: Architected controls across Azure, M365, and third-party SaaS for global financial services
  • AI/ML Security Framework: Developed governance for Azure OpenAI integration ensuring secure enterprise data handling

Automation & Innovation

  • Advanced Intune Automation Library: 500+ PowerShell modules for complex device management, application deployment, and compliance remediation across multi-tenant MSP environments
  • SCCM/MECM Enterprise Framework: Comprehensive task sequence library with embedded security controls for zero-touch deployment across Fortune 500 environments
  • Advanced Co-Management Toolkit: Custom solutions bridging SCCM/MECM and Intune with sophisticated policy inheritance and conflict resolution
  • Mobile Device Management Innovation: Next-generation MAM policies with conditional launch, app protection without enrollment, and advanced threat protection integration

Professional Associations & Community

Microsoft Community

Microsoft Security Community
Active contributor to Sentinel and Defender XDR technical forums
Industry Speaker
Regular presenter at Microsoft security conferences and user groups

Professional Organizations

(ISC)² Associate Member
Pursuing CISSP certification to complement Microsoft security expertise

Geographic Preferences & Availability

Primary Location

St. Petersburg, Florida 33756

Preferred Opportunities

Denver, Colorado area opportunities
Remote work with occasional travel capabilities

Security Clearance

Active Secret Security Clearance

Professional Summary

Principal Microsoft 365 Security Engineer with 18+ years designing, implementing, and managing enterprise-scale Microsoft cloud security environments. Expert in Microsoft 365 security assessment, enhancement, and implementation including Azure AD/Entra ID, Microsoft Defender suite, Purview Information Protection, and advanced Intune management. Proven track record conducting comprehensive security posture assessments, implementing Zero-Trust frameworks, and ensuring compliance with NIST, ISO 27001, and CIS Controls. Specialized in Azure NSG, Azure Firewall, micro-segmentation, CSPM (Cloud Security Posture Management), and advanced threat protection across hybrid environments.

Core Technical Expertise

Microsoft 365 Security

Azure AD/Entra ID Conditional Access PIM Defender Suite Purview DLP Sentinel XDR

Advanced Device Management

Microsoft Intune SCCM/MECM Autopilot Co-Management MAM/MDM Win32 Apps PowerShell DSC

Cloud Security Architecture

Azure NSG Azure Firewall Micro-segmentation CSPM Zero-Trust Hybrid Identity

Automation & DevSecOps

PowerShell Python KQL Terraform ARM/Bicep Logic Apps Graph API

Certifications & Expertise

Microsoft 365 Endpoint Administrator
✓ Certified
Security Operations Analyst
✓ Certified
Identity & Access Administrator
✓ Certified
Information Protection Admin
✓ Certified
Azure Security Engineer (AZ-500)
🎯 In Progress
CISSP
🎯 Q2 2025

Professional Experience

Principal Azure–Intune Security Architect

Olive & Goose • Clearwater, FL
March 2020 – Present
  • Architected Sentinel + Defender XDR unified security operations for 15+ enterprise MSP clients, reducing MTTR by 60% through custom KQL hunting queries
  • Engineered complex Intune tenant-to-tenant migrations for MSP client acquisitions, maintaining zero-downtime during 10K+ device transitions
  • Deployed Zero-Trust frameworks using Conditional Access, PIM, and Defender for Identity across 50K+ identities, achieving 99.8% NIST 800-53 compliance
  • Developed sophisticated PowerShell DSC and SCCM/MECM task sequence integration enabling automated OS deployment with embedded security baselines

Director of Operations & Chief Technology Officer

BluetechGreen MSP • Remote
October 2010 – May 2015
  • Directed daily operations for MSP serving 50+ SMB clients with sophisticated multi-tenant Intune and SCCM/MECM architectures
  • Managed P&L responsibility for $2.5M annual revenue, achieving 95%+ client retention through superior Intune and SCCM/MECM service delivery
  • Pioneered early Intune hybrid MDM deployments with sophisticated co-management scenarios for SMB market leadership
  • Developed advanced PowerShell DSC integration with SCCM/MECM and Intune for automated configuration management

XDR & Compliance Architect

Insight Enterprises • Remote
January 2018 – February 2020
  • Pioneered M365 Defender unification for 8 Fortune 500 MSP deployments, establishing security baselines before 10K+ user migrations
  • Implemented early Sentinel private preview with custom workbooks for MSP SOC teams across manufacturing and healthcare sectors
  • Designed MCAS integration with Defender for Endpoint, enabling real-time app governance and shadow IT discovery for MSP client portfolios
  • Engineered advanced PowerShell-driven application packaging through integrated SCCM/MECM and Intune workflows, reducing deployment errors by 45%

Modern Management Architect

The Navy Exchange • Remote
March 2016 – September 2018
  • Architected hybrid Azure AD + ADFS federation for 20K+ military personnel with Windows Hello for Business integration and advanced Intune compliance policies
  • Deployed Windows Defender ATP across DoD infrastructure with SIEM integration and sophisticated SCCM/MECM configuration baselines
  • Implemented advanced co-management architectures bridging legacy SCCM/MECM infrastructure and cloud-native Intune policies for cloud migration
  • Engineered complex Autopilot deployment scenarios with custom provisioning packages and OOBE customization for secure military device onboarding

Cloud Security Engineer

Universal American Mortgage Company • Remote
June 2015 – December 2016
  • Migrated on-premises identity to Azure AD with custom sync rules and advanced Intune enrollment automation, enabling MFA for 5K+ remote workers
  • Implemented BitLocker at scale through sophisticated SCCM/MECM task sequences with Intune compliance integration for PCI-DSS compliance
  • Established advanced Conditional Access policies with device compliance requirements preventing 12 potential breach attempts
  • Automated ARM template deployments with embedded SCCM/MECM client installation and Intune auto-enrollment, reducing provisioning time by 65%

SCCM SME / Team Lead Concurrent Role

U.S. Department of Veterans Affairs • Remote
April 2014 – December 2019
  • Architected and led SCCM/MECM infrastructure for 500K+ endpoints in one of world's largest Microsoft environments with advanced SQL optimization
  • Maintained 99.5% availability for critical VA healthcare systems supporting patient care operations through sophisticated SCCM/MECM fault tolerance design
  • Integrated Azure hybrid runbooks with on-premises SCCM/MECM infrastructure, reducing disaster recovery RTO by 75% through automated failover procedures
  • Promoted to Team Lead within 4 months, managing cross-functional teams while maintaining hands-on technical leadership in complex SCCM/MECM environments
  • Engineered advanced SCCM/MECM task sequences with embedded PowerShell scripting for zero-touch deployment across distributed healthcare infrastructure
  • Implemented PCI compliance baselines using sophisticated SCCM/MECM configuration items and custom compliance scripts across all VA medical facilities
  • Designed enterprise Hyper-V virtualization strategy with automated SCCM/MECM guest provisioning optimizing resources for mission-critical healthcare applications
  • Established early Azure AD integration pathways with SCCM/MECM client health monitoring creating foundation for future cloud-first identity strategy

O365 Migration Specialist / Exchange Online Support Engineer

Microsoft • Redmond, WA
November 2013 – January 2014
  • Engineered Office 365 hybrid Exchange migrations for mid-market enterprises, establishing security baselines and conditional access policies during tenant transitions
  • Developed security training materials for IT teams on O365 threat protection, improving client security posture by 35% post-migration
  • Resolved complex hybrid authentication issues using ADFS and early Azure AD Connect, ensuring seamless SSO for 50+ client deployments

Senior Systems Consultant

Avanade • Remote
June 2013 – April 2014
  • Delivered sophisticated MDT integration projects with SCCM/MECM achieving 125% utilization through advanced task sequence automation and endpoint hardening
  • Architected proof-of-concept security solutions demonstrating advanced SCCM/MECM and early Intune threat protection integration, leading to $2M+ in follow-on security engagements
  • Led cross-functional teams on complex System Center projects, implementing advanced configuration baselines and compliance policies exceeding client security requirements

Infrastructure Security Engineer

AIG • Remote
July 2013 – September 2013
  • Remediated 90K+ applications for global Windows 7 deployment with advanced SCCM/MECM packaging, security hardening, and application control policies
  • Established PMO governance for security programs with sophisticated SCCM/MECM deployment methodologies, reducing deployment risks by 40%
  • Conducted comprehensive endpoint discovery using advanced System Center tools and SCCM/MECM inventory optimization for security posture enhancement

System Center Security Consultant

Dell • Remote
January 2013 – April 2013
  • Engineered sophisticated System Center configurations with integrated SCCM/MECM security baselines, reducing application deployment vulnerabilities
  • Delivered comprehensive application remediation roadmaps with advanced SCCM/MECM packaging methodologies aligned with security best practices

Senior Security Engineer

Cornerstone Research • New York, NY
March 2007 – August 2010
  • Managed enterprise-wide application and OS security lifecycle across multiple regions, maintaining strict compliance with financial industry regulations
  • Automated security policy creation and deployment, establishing new benchmarks for regulatory compliance and data protection in financial services environment
  • Led IT security initiatives including endpoint protection standards and mobile device security policies for publicly traded financial technology company

Team Lead / Level III Security Administrator

Nice Systems (NASDAQ: NICE) • Contract
January 2006 – February 2007
  • Led IT security initiatives including endpoint protection standards and mobile device security policies for publicly traded financial technology company
  • Implemented corporate security standards alignment across regional offices, ensuring compliance with SOX and financial industry regulatory requirements
  • Delivered advanced customer service through proactive security monitoring and incident response, exceeding SLA expectations by 25%

Team Lead / Level II Security Administrator

Saint Barnabas Health Care System • New Jersey
March 2004 – January 2007
  • Managed IT security operations supporting 1000+ medical staff in HIPAA-compliant healthcare environment, implementing endpoint protection and access controls
  • Implemented HIPAA compliance and network security standardization, ensuring patient data protection and regulatory audit readiness
  • Delivered technical training on secure medical device operations, enhancing clinical staff security awareness and reducing security incidents by 30%