Hello, I'm Herson
I work across enterprise IT, identity and endpoint systems, security, and automation, building reliable things and solving technical problems.
About Me 🔍
My background spans enterprise IT and endpoint engineering, identity and access, security, and automation, with software and tooling work alongside it.
I've worked on internal tools, operational systems, and high-traffic platforms using PowerShell, Microsoft Entra ID and Intune, ServiceNow, Cloudflare, Python, and Airtable, along with TypeScript, React, and Supabase on the software side.
A lot of what I enjoy most is figuring out how things can work better, whether that means automating a repetitive process, cleaning up a messy workflow, improving reliability, or making something more useful for the people actually using it.
Projects 🛠️
Zero Trust Access Gate, Senior Capstone, CSU Dominguez Hills (Spring 2026)
A Zero Trust access workflow built in a self-directed VirtualBox lab (Windows 11 endpoint and Ubuntu gateway VMs) that requires both identity (Microsoft Entra ID / OIDC) and device-compliance posture before granting access to a protected application. I built the Linux gateway with NGINX and oauth2-proxy, wrote PowerShell posture-validation and remediation scripts, and integrated Intune compliance and Conditional Access, with documented runbooks and validation evidence across compliant, blocked, remediated, and public-route test cases.
View the repository on GitHub →