Jessica Alley

Systems Security | Identity | Incident Response
AUTOMATE EVERYTHING
[email protected] (530) 314-3181 linkedin.com/in/jessica-it-cybersec github.com/jesskidding
Sacramento, CA

Security and systems engineer for a global engineering firm. Responsible for identity security, incident response, and cloud architecture. Build custom automation in Python/Bash/PowerShell rather than rely on vendors. Investigate incidents, harden authentication, design collaboration security controls, and manage Microsoft 365 infrastructure. Linux tooling for analysis and troubleshooting.

Impact Highlights

Security & Identity Engineering

Designed and enforced authentication controls, identity governance, and incident response workflows for global organization.

Custom Automation Built

Built Python/Bash/PowerShell automation for identity hygiene, phishing investigation, audit reporting, and compliance. Scripted rather than purchased.

Cloud Architecture & Migration

Designed and executed multi-site cloud migrations, collaboration security controls, and Microsoft 365 architecture serving global engineering workflows.

Authentication Hardening

Implemented Conditional Access, eliminated legacy auth protocols, enforced MFA, and designed identity controls aligned with NIST frameworks.

Security Domains

Identity & Incident Response

Entra ID, Conditional Access, RBAC, sign-in and audit log investigation, Exchange message trace, mailbox rule review, phishing containment, evidence-grade documentation.

Cloud Controls & Collaboration Security

Microsoft 365 (Exchange/SharePoint/OneDrive), permission architecture, external sharing controls, secure migration design, email authentication (SPF/DKIM/DMARC), TLS lifecycle.

Linux, Automation & Analysis

Python, Bash, PowerShell for building custom automation and investigation tools. Linux (Arch/Kali/Ubuntu) for analysis, packet inspection (Wireshark/tshark), log parsing. Nmap, URLScan, VirusTotal for investigation workflows.

Experience

IT Security & Systems Administrator
Miyamoto International – Sacramento, CA
Oct 2021 – Present
  • Responsible for identity security, cloud architecture, and incident response across global engineering operations.
  • Hardened authentication across Microsoft 365 by implementing Conditional Access, eliminating legacy protocols, and enforcing device and MFA requirements aligned with NIST practices.
  • Designed collaboration security controls, external sharing policies, and permission models to reduce data exposure across SharePoint/OneDrive/Teams environments.
  • Built Python/Bash/PowerShell automation for identity lifecycle, phishing investigation workflows, compliance reporting, and audit evidence collection.
  • Built and tuned phishing simulations and awareness tracking (KnowBe4, prior GoPhish), using results to drive targeted user training.
  • Handle phishing and account compromise investigations from detection through remediation using sign-in logs, message trace, mailbox forensics, and packet analysis within Microsoft 365 telemetry.
  • Led multi-site migrations from file servers to SharePoint/OneDrive with custom PowerShell automation, preserving access models and engineering tool compatibility (Revit/Bluebeam).
Work Prep Participant
Girls Who Code – Remote
Jun 2022
  • Completed focused cybersecurity workshops covering ethical hacking fundamentals, data privacy, and risk awareness.
  • Received mentorship from engineers in cloud and security roles on career paths, technical growth, and interview preparation.
Special Education Paraeducator
Lake Tahoe Unified School District – South Lake Tahoe, CA
Oct 2019 – Jun 2021
  • Supported assistive technology and hybrid classroom setups for students with IEPs, including troubleshooting devices and access issues.
  • Helped configure and maintain remote learning environments during transitions between in person and virtual instruction.

Projects & Labs

Phishing Defense Program

Built and ran phishing simulations with evolving templates and payloads, tracked metrics by office and department, and fed results into security awareness training.

Cloud Migration & Architecture

Designed and executed office-by-office migrations from legacy file servers to SharePoint/OneDrive using custom PowerShell, preserving permissions and minimizing workflow disruption.

Phishing Investigation Automation

Built Python toolkit for rapid phishing triage: automated message trace pulls, mailbox rule detection, URLScan integration, and evidence collection.

Technologies

Python
Bash
PowerShell
Linux (Arch/Kali/Ubuntu)
Wireshark/tshark
Nmap
URLScan
VirusTotal
Entra ID / Azure AD
Conditional Access
RBAC
Microsoft 365
Exchange Online
SharePoint Online
OneDrive
Teams
Exchange Message Trace
Microsoft 365 Audit Log
SPF/DKIM/DMARC
KnowBe4
GoPhish

Specialized Training

SOC Core Skills – Black Hills Information Security

Microsoft Cybersecurity Stack: Identity and Endpoint Protection

IBM Cybersecurity Tools and Cyber Attacks

Education

A.S. Cybersecurity – Lake Tahoe Community College

A.A. Social Sciences – Lake Tahoe Community College