Michael Cabezas
Las Vegas,NV
Summary
Identity Engineering professional with extensive experience designing, deploying, and operating large-scale enterprise Identity and Access Management (IAM) ecosystems. Specialized in Okta Identity Governance, Identity Lifecycle Management, SSO/MFA, access governance, and compliance-driven IAM engineering. Proven track record leading IAM architecture, automating JML workflows, building RBAC frameworks, integrating enterprise applications via federation protocols, and supporting audit, SOX, and regulatory alignment. Adept at partnering with business, security, and engineering teams to deliver secure, scalable, and policy-aligned identity solutions. Strong background in troubleshooting complex identity issues, driving identity modernization initiatives, and implementing continuous access governance improvements across global environments.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Staff Enterprise System Administrator
eHealth Inc.
11.2024 - Current
- Engineered IAM integrations using Okta, Azure AD, and Active Directory, supporting secure provisioning, authentication, and governance across cloud and on-prem environments.
- Automated identity processes using Okta Workflows, Okta API, and Microsoft Graph API, including JML, entitlement cleanup, and compliance reporting.
- Supported identity lifecycle events driven by HR systems and ensured accurate identity synchronization.
- Designed and enforced MFA, Conditional Access, and identity security policies supporting least-privilege and Zero Trust principles.
- Supported audit preparation, access reviews, and identity-based risk assessments in partnership with GRC teams.
- Authored and maintained IAM operational runbooks, architectural documentation, and integration guides.
- Trained and mentored junior engineers, providing guidance and direction.
- Collaborated with other departments to facilitate successful project completion.
Okta Engineer
US General Services Administration (GSA)
02.2024 - 01.2025
- Led engineering and deployment of the Okta Identity Governance platform, supporting lifecycle automation, access governance, and compliance enforcement for federal identity environments.
- Designed and implemented Joiner–Mover–Leaver (JML) workflows using Okta Lifecycle Management (LCM) and Okta Workflows, enabling automated provisioning, entitlement assignment, and identity cleanup.
- Integrated enterprise and mission-critical applications using SAML, OIDC, SCIM, and federation standards.
- Contributed to Okta architectural standards, design documentation, and identity policy definitions.
- Performed access governance functions including access reviews, certification campaigns, and attestation for compliance and audit readiness.
- Supported PIV/CAC multi-factor authentication integrations to ensure compliance with federal security mandates.
- Led troubleshooting of complex identity, federation, and synchronization issues; provided senior-level escalation support.
- Coordinated with GRC, Security, and Application teams to ensure alignment with SOX, NIST, and federal compliance frameworks.
- Wrote, reviewed and edited technical document in accordance with template requirements.
- Participated in formal internal design reviews of proposed products and components.
- Developed positive working relationships with stakeholders to effectively coordinate work activities.
- Provided input to team lead regarding areas for process and procedural improvement.
- Monitored and evaluated engineering performance to recommend improvements.
- Developed and implemented procedures to verify compliance with engineering standards.
- Collaborated with other departments to facilitate successful project completion.
- Implemented automated systems to improve accuracy and efficiency of engineering processes.
Client Platform Engineer
Peloton Interactive
12.2022 - 09.2023
- Built a secure endpoint management pipeline using Intune, JAMF, and Google Workspace.
- Designed IAM policy enforcement for Windows and macOS fleet via Intune and Jamf.
- Led the development of enterprise patching and software distribution standards.
- Managed and scaled IAM systems integrated with Google Workspace and Azure AD.
- Trained and mentored junior engineers, providing guidance and direction.
- Implemented automated systems to improve accuracy and efficiency of engineering processes.
- Collaborated with other departments to facilitate successful project completion.
- Conducted research to identify and evaluate new technologies and concepts.
- Conducted technical evaluations of engineering designs and test results.
- Documented and developed engineering procedures and processes.
IT Engineer II
AppLovin
05.2020 - 11.2022
- Engineered and deployed Okta as the enterprise identity provider, including MFA, SSO, app integrations, and SCIM provisioning.
- Automated identity lifecycle and compliance workflows using Okta API and PowerShell, improving accuracy and reducing provisioning times.
- Conducted access reviews, entitlement evaluations, and IAM compliance documentation.
- Collaborated with internal teams to extend IAM governance policies into SaaS and cloud applications.
- Established secure onboarding and de-provisioning workflows, reducing access risk and audit findings.
- Performed scheduled service work, installations, testing and repairs.
- Identified and corrected system faults to minimize operational system downtime.
- Maintained service schedule for software and hardware.
IT Administrator II
Machine Zone
04.2016 - 05.2020
- Managed identity lifecycle processes using Okta LCM, automating onboarding/offboarding for multiple user groups.
- Administered directory services and maintained synchronization between Okta, AD, and cloud applications.
- Conducted access reviews, entitlement audits, and IAM compliance reporting.
- Supported federation and SSO integrations across internal and third-party applications.
System Specialist
United Health Group
08.2014 - 04.2016
- Supported Active Directory identity lifecycle tasks including user provisioning, access requests, and account remediation.
- Worked with IAM and Security teams to improve access governance controls and reduce excessive permissions.
Education
Associate of Science - Information Technology
Southern New Hampshire University
06-2023
Skills
- Identity Governance & Administration (IGA)
- Access governance, attestation, and entitlement review campaigns
- RBAC design, role engineering, policy enforcement
- Identity lifecycle automation (JML, HR-driven identity events)
- IAM Architecture & Engineering
- Okta Identity Engine (OIE), Workflows, SCIM, SAML, OIDC, MFA, Federation
- Active Directory, Entra ID, LDAP, directory sync and provisioning
- HR system integration (Workday HRIS as source of truth)
- Passwordless authentication, PAM alignment, least privilege enforcement
- Experience supporting SaaS, cloud, web applications in IAM workflows
- SOX, ISO 27001, NIST 800-53, internal audit remediation
- Access certification, entitlement reviews, risk reduction
- Roadmap planning, design documentation, architectural standards
- IAM project ownership, task management, cross-functional leadership
Certification
- Certified Identity and Access Manager (CIAM)
- Okta Professional Certification
- Certified Identity and Security Technologist (CIST)
- ISC2 Certification in Cybersecurity (CC)
- Microsoft Certified: Azure Fundamentals
Timeline
Staff Enterprise System Administrator
eHealth Inc.
11.2024 - Current
Okta Engineer
US General Services Administration (GSA)
02.2024 - 01.2025
Client Platform Engineer
Peloton Interactive
12.2022 - 09.2023
IT Engineer II
AppLovin
05.2020 - 11.2022
IT Administrator II
Machine Zone
04.2016 - 05.2020
System Specialist
United Health Group
08.2014 - 04.2016
Associate of Science - Information Technology
Southern New Hampshire University