CHRISTOPHER COURTNEY

Summary

Infrastructure Engineer with more than 16 years of experience spanning incident response, EDR operations, MDM architecture, identity management, threat hunting, fleet automation, and building tools and software to help solve problems.

Experience

Endpoint Engineer, Subject Matter Expert — EverOps, San Fransico, CA - Remote
  • Embedded as a dedicated endpoint and security SME within a client’s IT Infrastructure Engineering team, serving as the primary escalation point for CrowdStrike Falcon, Kandji MDM, Okta IAM, and Azure/Intune, and owning the technical direction, architecture, and day-to-day operations of the endpoint and security tooling stack across a mixed macOS/Windows fleet.
  • Executed infrastructure projects from planning through deployment, including host firewall policies with phased rollout strategies and continuous detection tuning across Mac and Windows host groups.
  • Conducted incident response investigations using Falcon LogScale (CQL) and threat hunting via Google SecOps, including lateral movement analysis, IOC/IOA management, sandbox-based threat analysis, and forensic artifact collection on compromised endpoints.
  • Implemented and maintained Okta SSO/SAML integrations, SCIM provisioning, authentication policies, FastPass/Okta Verify deployment, and Kandji PassPort with Okta OIDC for Mac Login SSO enrollment. Authored Okta Workflows automations for device lifecycle management across Kandji and Jira.
  • Contributed to AI-driven automation initiatives, developing tooling for threat hunting query assistance and operational workflows using Python and Bash.
  • Collaborated with Security and Compliance teams to ensure systems met SOC 2 requirements, supporting audit preparation by gathering evidence and validating controls.
  • Maintained technical documentation including system configurations, runbooks, risk analysis, communications plans, and rollback procedures for each change.
  • Windows fleet compliance, CVE remediation, and application packaging and deployment/
  • Designed and deployed a production-grade Claude AI solution, integrating secure APIs, infrastructure automation, and monitoring to support scalable enterprise use cases while meeting security and reliability requirements.
  • Led end-to-end deployment of Claude AI across infrastructure, implementing access controls, API orchestration, logging, and performance monitoring to ensure high availability and compliance.
MDM Systems Administrator — Service Corporation International, Houston, TX
  • Managed multiple MDM platforms (Jamf Pro, MobileIron Core, MobileIron Cloud) supporting 20,000+ devices and 10,000 users including contractors and vendors across a distributed enterprise environment.
  • macOS DEP enrollment, payload deployment, and policy management with Apple Business Manager for VPP licensing.
  • Level 2 support for Palo Alto GlobalProtect VPN integration and deployment across macOS, iOS, Android, and tvOS devices.
  • Deployed and configured CrowdStrike, CyberArk, and Ivanti Neurons agents across macOS endpoints.
  • Okta user administration, SAML integration, and documentation for SSO-enabled applications.
  • Administered Android Enterprise device management and security/application update policies across multiple MDM environments.
  • Maintained CentOS-based on-premises servers for email gateway, VPN tunneling, and per-app VPN services.
  • Provided Tier 3 support for mobile device troubleshooting.
Desktop Support & Mobility Specialist — SAP, Houston, TX
  • Served as primary technical contact for the Houston office, supporting 1,500+ endpoints across Windows, Linux (Ubuntu), macOS, and mobile platforms for sales and development teams.
  • Managed mobile device enrollment, configuration, and troubleshooting for Android and iOS devices.
  • Built, maintained, and troubleshot VMware and Hyper-V images for Windows and macOS deployment.
  • Provided Office 365 administration and support, including Microsoft Teams rollout.
  • Supported SAP enterprise applications (SAP Logon, SAP GUI, ERP, AS400).
  • Managed hardware inventory, warranties, and vendor coordination (Verizon, Comcast, Level3).
  • Delivered conference and AV support for Polycom, ClickShare, Crestron, Microsoft Surface Hub, and projection systems.
Imaging Specialist — AIG, Houston, TX
  • System imaging and Windows 10 migration.
  • Office 365 support and training.
  • Maintained and enforced deployment standards.
  • Tested and deployed in-house applications and packages via System Center Configuration Manager.
Site Administrator — Lennar, Houston, TX
  • Provided Tier I/II desktop support for Windows, macOS, iOS, Android, and Apple TV devices across the site.
  • Administered AirWatch MDM for mobile device enrollment, configuration, and security policy enforcement.
  • Managed system updates, virus remediation, user data migration, backups, and LAN/WAN connectivity monitoring.
Application Support Analyst — Chevron Phillips Chemical Company, Sweeny, TX
  • Led application testing and migration from Windows XP to Windows 7 using SCCM 2012 and System Center Service Manager.
  • Active Directory user creation, OU permissions, and Windows Server service migration and troubleshooting.
  • Packaged, documented, and deployed proprietary oil, gas, and chemical applications with end-user validation.
Managed Services / Desktop & Server Support — Noble Drilling, Sugar Land, TX
  • Provided 24/7 managed services, including remote technical support and infrastructure monitoring for office and offshore drilling personnel.
  • Administered Active Directory (permissions, password resets, terminations) and SCCM 2007 (application packages, collections, updates).
  • Managed MobileIron MDM for Android, iPhone, and BlackBerry Enterprise devices.
  • Monitored offshore drilling rig fleet positioning, network/power outages, and emergency status reporting.

Technical Skills

Edr-security

CrowdStrike Falcon (LogScale, Firewall Management, Real Time Response, Foundry, Fusion, Custom IOA/IOC, Prevention/Response/Firewall Policies, Sensor Lifecycle)Google SecOps (Threat Hunting)Incident ResponseIOC/IOA ManagementSandbox Threat AnalysisVulnerability Remediation

Mdm-endpoint

KandjiMicrosoft IntuneJamf ProMobileIron Core/CloudIvanti NeuronsApple Business ManagerAutomated Device Enrollment (ADE)SCEPFileVaultBitLocker

Iam-sso

Okta (OIE, Device Trust, Workflows, SCIM, FastPass, SAML, OIDC, OAuth 2.0, Authentication Policies, Expression Language)Active DirectoryEntra IDCyberArk

Infrastructure

MerakiPalo Alto GlobalProtectCisco Secure ClientSecureW2BeyondTrustMimecastZoom Device Management

Scripting-dev

BashPowerShellPython (Flask, FastAPI)CrowdStrike Query Language (CQL)Claude Deployment Enterprise. Claude Enterprise platform administrationMicrosoft 365 admin center

Platforms

macOSWindowsiOSAndroidLinux (CentOS, Arch, Ubuntu)

Ai

ClaudeClaude for EnterpriseOpenAIChatGTPManus. Creating agentic workflows.Development: https://github.com/AES256Afro/Recent projects:

Https

//fsociety.work/ Github Networking Pixelated CyberPunk space.https://www.cybercard.net/

Projects

KoolaidGospel

Full-featured meme creation platform with 300+ templates, drag-and-drop editor, and social media video downloader.

Cloudflare WorkersJavaScriptSupabaseR2
Live Source
  • Meme editor with 300+ templates, draggable text layers, stickers, and filters
  • Video downloader supporting Reddit, Twitter/X, and Facebook
  • User authentication with Supabase (email + OAuth)
  • Image export in PNG/JPG with custom watermarks
  • Rate limiting and security headers for production traffic
Plastics City

Cyberpunk-themed idle game with 3D graphics, player progression, and real-time economy simulation.

Next.jsReactThree.jsTypeScriptTailwind CSSSupabase
Live Source
  • 3D environment rendering with React Three Fiber and Three.js
  • Player apartments, cyberdeck interface, and NetRunner minigame
  • Real-time economy with shop, leaderboard, and stats tracking
  • User profiles with persistent progression via Supabase
  • Responsive cyberpunk UI with Tailwind CSS
Harmony

Discord-inspired real-time communication platform built as an Electron desktop app with a Turbo monorepo architecture.

ElectronReactTypeScriptSQLiteRedispnpmTurbo
Source
  • Real-time messaging with channels, servers, and direct messages
  • Electron desktop app with native OS integration
  • Turbo monorepo with shared types and validators packages
  • SQLite + Redis for fast local and cached data
  • Modular architecture with separate API and desktop app workspaces
AppWrap

Container any local application with encryption, VPN/Proxy/Firewall

Go
Source
LinnyTool

Linux Security Hardening, Auditing & Grading Tool — The Linux counterpart to WinnyTool

Python
Source
WinnyTool

The WinnyTool

Python
Source
ResumeGuruSite

ResumeGuru

JavaScript
Source

Education

— Mayde Creek High School