// about // skills // experience // labs // progress // contact // resume
// IT Systems & Identity Administrator

ELAZAR
FERRER

Active Directory & M365 Specialist

Identity & Systems Administrator with 3+ years specializing in Active Directory (multi-domain), Microsoft Entra ID, and M365 operations. Expert in privileged access controls (PAM), PowerShell automation, and HIPAA/HITECH compliance. CompTIA Security+ (Expected April 2026). Available for identity, cloud, and GRC-focused IT roles.

⬇ DOWNLOAD RESUME VIEW LABS
✉ ferrerelazar@gmail.com in linkedin.com/in/elazarf
ONLINE
Elazar Ferrer
EF // LUBBOCK, TX // OPEN TO WORK
// 01 — about_me

WHO I AM

Identity & Systems Administrator with 3+ years of experience specializing in Active Directory (multi-domain), Microsoft Entra ID, and M365 operations. Expert in securing enterprise environments through privileged access controls (PAM) and PowerShell automation. Proven track record in HIPAA/HITECH environments, delivering high-impact identity lifecycle management and technical documentation within acquisition-support frameworks.

Hands-on experience administering AD, Azure AD, Exchange Online, Group Policy, DNS, DHCP, and PKI. Proficient in PowerShell scripting for user provisioning, auditing, and automation. Broadened into GRC through NIST CSF 2.0 control mapping, vendor risk assessments, and audit-readiness documentation.

Currently deepening expertise through a home lab environment covering DNS/DHCP/PKI, Azure AD hybrid identity, M365 security, and AD replication — targeting enterprise identity administration, cloud operations, and GRC-aligned IT roles.

3+
Years Enterprise IT
AVAILABLE
Open to Work
500+
Users Administered
M365
E5 Dev Tenant Active
// 02 — skills_&_certs

TECHNICAL ARSENAL

▸ Identity & Directory
  • Active Directory (Multi-Domain/Forest)
  • Azure AD / Entra ID
  • LDAP / LDAPS
  • GPO Management
  • FSMO Roles
  • AD Replication
  • Kerberos / NTLM
  • AD CS / PKI
  • ADUC / GPMC
▸ Microsoft 365
  • Exchange Online
  • Teams Admin
  • SharePoint Online
  • Conditional Access
  • Intune / MDM
  • SSPR
  • Azure AD Connect
  • License Management
▸ Networking & Infrastructure
  • DNS / DHCP
  • TCP/IP
  • VPN / IPSEC
  • SPF / DKIM / DMARC
  • SRV Records
  • Patch Management
  • Vulnerability Assessment
▸ Scripting & Automation
  • PowerShell
  • Python
  • Bash
  • SQL
  • New-ADUser / CSV Bulk
  • Search-ADAccount
  • Get-ADGroupMember
  • Connect-ExchangeOnline
▸ Security & Compliance
  • Zero Trust
  • HIPAA / HITECH
  • NIST CSF 2.0
  • SIEM / Splunk
  • Incident Response
  • Change Management
  • Root Cause Analysis
  • AAR Documentation
▸ Platforms & Tools
  • Windows Server 2019
  • Windows 10/11
  • ServiceNow / Jira
  • Epic / NextGen EHR
  • Cisco VOIP
  • VirtualBox / VMware
  • TryHackMe (Adept)
AZ-900 AZURE FUNDAMENTALS
◈ IN PROGRESS — EST. APRIL 2026
🔐
COMPTIA SECURITY+
◈ EXPECTED — APRIL 2026
🏥
GOOGLE HEALTHCARE IT
● JOHNS HOPKINS — 02/2026
🔒
GOOGLE CYBERSECURITY
● COMPLETED — 12/2025
// 03 — work_experience

FIELD HISTORY

IT SYSTEMS & IDENTITY ADMINISTRATOR
Alorica — CVS Health Contract | Remote
11/2024 — 12/2025
  • Administered full Active Directory lifecycle — provisioning, modification, group membership, and deprovisioning — across 500+ user accounts and 100+ new hire onboarding cycles; enforced least-privilege access policies and privileged/service account controls with zero access delays.
  • Hardened identity security by configuring MFA and SSO for business-critical applications, auditing group memberships, and implementing account tiering aligned with privileged access management (PAM) standards.
  • Investigated recurring authentication and connectivity failures, identified root causes, and implemented permanent fixes — reducing repeat tickets and improving overall system reliability.
  • Maintained audit-ready documentation for all account and system changes; mentored junior technicians on access workflows and security best practices.
IT HELP DESK SPECIALIST
AT&T | Lubbock, TX
09/2022 — 10/2024
  • Managed AD user provisioning, MFA enforcement, and service account access controls; identified recurring failure patterns and implemented fixes that measurably reduced repeat ticket volume.
  • Resolved complex hardware and network connectivity issues for remote and on-site users, ensuring 99% uptime for business-critical workstations and peripherals through proactive maintenance and rapid incident response.
  • Tracked and resolved 50+ monthly incidents in ServiceNow/Jira; authored knowledge base articles and process documentation that reduced average time-to-resolution by 20% and improved team response efficiency.
CYBER GRC INTERN
Skillweed | Lubbock, TX
01/2026 — 03/2026
  • Mapped NIST CSF 2.0 controls to organizational security policies, identifying 10+ gaps across infrastructure and endpoint domains — including unaddressed hardening controls, vulnerabilities, and misconfigurations.
  • Conducted third-party vendor risk assessments and supported audit-readiness through structured evidence collection and documentation aligned to compliance frameworks.
  • Produced executive-ready reports and security awareness materials that translated complex technical findings into clear, actionable recommendations for non-technical stakeholders.
// 04 — hands_on_labs

LAB ENVIRONMENT

LAB // 001
3-VM Active Directory Domain Lab
Built Windows Server 2019 DC + two Win10 clients in VirtualBox. Promoted domain controller, configured OU hierarchy, user/group structure, and GPO policy chain. Tested LSDOU ordering and verified with gpresult /r.
Server 2019Active DirectoryGPOVirtualBoxgpresult
LAB // 002
LDAPS & PKI Certificate Lab
Installed AD Certificate Services, configured Enterprise Root CA, issued server certificates, and enabled LDAPS on port 636. Verified secure bind with ldp.exe and confirmed TLS encryption on AD queries.
AD CSPKILDAPSPort 636ldp.exe
LAB // 003
PowerShell AD Automation Suite
Developed reusable scripts: bulk user creation from CSV with error handling (New-BulkADUsers.ps1), inactive account detection at 90 days (Get-ADStaleUsers.ps1), and recursive Domain Admin audit (Get-ADGroupAudit.ps1) with CSV export. Published to GitHub.
PowerShellNew-ADUserAutomationGitHub
LAB // 004
M365 Developer Tenant — E5 Sandbox
Activated 25-seat E5 developer tenant. Configured Conditional Access policies requiring MFA, set up mail flow rules, enabled SPF/DKIM/DMARC, ran Message Trace, and tested SSPR and group-based license assignment.
M365 E5Conditional AccessSPF/DKIM/DMARCExchange OnlineSSPR
LAB // 005
DNS/DHCP Infrastructure Setup
Configured forward/reverse DNS zones with SRV records for DC location (_ldap._tcp, _kerberos._tcp). Set up DHCP scopes, exclusions, and reservations. Practiced nslookup/ipconfig troubleshooting workflows and scavenging.
DNSDHCPSRV RecordsnslookupKerberos
LAB // 006
AD Replication & Health Monitoring
Practiced repadmin /showrepl, /replsummary, and /syncall for replication diagnostics. Used dcdiag for DC health checks. Intentionally broke replication, documented root cause, and wrote full After-Action Report per ITIL process.
repadmindcdiagReplicationAARITIL
// 05 — credentials

CREDENTIALS

CompTIA Security+
CompTIA
EXPECTED — APRIL 2026
Google Cybersecurity Professional Certificate
Google / Coursera
CERTIFIED
Google Healthcare IT Support Certificate
Google / Johns Hopkins University
CERTIFIED — 02/2026
▸ CERTIFICATIONS
COMPTIA SECURITY+85%
AZ-900 AZURE FUNDAMENTALS30%
SC-300 IDENTITY & ACCESS ADMIN5%
▸ TRYHACKME — COMPLETED ROOMS
WINDOWS FUNDAMENTALS 1–3100%
ACTIVE DIRECTORY BASICS100%
elazar@workstation — powershell
PS C:\Users\Elazar> Get-ADUser -Filter {Enabled -eq $true} | Measure-Object
Count     : 500+

PS C:\Users\Elazar> Search-ADAccount -AccountInactive -TimeSpan 90.00:00:00 | Select Name
Scanning inactive accounts... audit complete.

PS C:\Users\Elazar> Connect-ExchangeOnline -UserPrincipalName [email protected]
Connected to Exchange Online. MFA enforced via Conditional Access.

PS C:\Users\Elazar>
// 06 — contact

ESTABLISH LINK

Open to enterprise AD/M365 administrator roles, open to corporate, healthcare, education, and financial sector IT environments. Hands-on lab experience and a strong foundation in identity management, M365, Azure, and Entra ID.

Based in Lubbock, TX — available for remote or hybrid positions.

ferrerelazar@gmail.com inlinkedin.com/in/elazarf github.com/elazarf123 tryhackme.com/p/elazarferrer1
contact_lookup.ps1
$ Get-ADUser -Identity "ElazarFerrer" -Properties *

Name           : Elazar Ferrer
Title          : IT Systems & Identity Administrator
Location       : Lubbock, TX
Certs          : AZ-900 (In Progress)
Phone          : Available upon request
Availability   : OPEN TO OPPORTUNITIES
Status         : Enabled

$
ELAZAR FERRER // IT SYSTEMS & IDENTITY ADMINISTRATOR // LUBBOCK TX
© 2026 Elazar Ferrer