I secure identities.
Human, workload, and AI agents.
Twenty years in enterprise IT: desktop support, then systems, then infrastructure, mostly in manufacturing and rail environments. A lot of that work was identity before I used the word. Provisioning, access troubleshooting, group policy, MFA support, credential lifecycle.
In 2026 I committed to identity security as a discipline rather than a side of the job. The certifications, the labs, and the market research on this page are that commitment, written down with dates so I can be held to them.
SOURCES: INDUSTRY RESEARCH 2025–2026 (KPMG; SAILPOINT). THE GAP BETWEEN THE LAST TWO NUMBERS IS WHERE I WORK.
Certification Track
A deliberate sequence, in progress. Cloud architecture first, then the identity platform this market actually runs, then security breadth, then the governance credential for the AI-identity intersection. Dates are commitments, not aspirations.
AWS Solutions Architect – Associate
The cloud substrate. Architecture, networking, and the IAM foundations everything else builds on.
Microsoft SC-300 — Identity & Access Administrator
Entra ID, Conditional Access, PIM, identity governance, and workload identities. Built hands-on in a live tenant.
CompTIA Security+
Security breadth and DoD 8140 alignment for federal and defense-adjacent environments.
IAPP AIGP — AI Governance Professional
The governance credential for the AI-identity intersection. Pursued in-role, once the identity practice is running on real workloads.
Work Index
Live work first, then the identity security roadmap. Each item is scoped, sequenced against the certification track, and ships with documentation.
AWS Enterprise Architecture
Multi-account enterprise AWS implementation across 13 documented labs: organization strategy, SCPs and IAM design, global networking, cost governance, and production-ready infrastructure.
Serverless API
Serverless web application on AWS Lambda, API Gateway, DynamoDB, Cognito, and Amplify with GitHub CI/CD. Identity-aware by design: Cognito user pools gate every API call.
Workload Identity Federation — OIDC + SPIFFE
Passwordless CI/CD: GitHub Actions assuming AWS IAM roles through OIDC federation. No static keys, no stored secrets, short-lived credentials only. Includes a SPIFFE/SPIRE demonstration of the vendor-neutral workload identity standard.
MCP Servers as Non-Human Identities
Security analysis of Model Context Protocol servers as an ungoverned identity surface: token audience validation, over-permissioned access, credential aggregation, and the IAM-side mitigations.
Entra ID Lab Series
Hands-on identity platform work in a live tenant: Conditional Access policy design, Privileged Identity Management, entitlement management and access reviews, and Entra Workload ID.
NHI Vendor Landscape & NIST AI RMF Mapping
A practitioner's map of the non-human identity tooling market and how the emerging AI governance frameworks translate into concrete identity controls.
Excessive Agency Threat Model — OWASP LLM06
Threat model for the OWASP LLM category where identity controls are the primary mitigation. Agent identity design, least privilege, human-in-the-loop gates, and real incident case studies.
PowerShell / Graph IAM Automation Library
Working automation for the identity day job: lifecycle scripts, stale account detection, access review reporting, and Conditional Access policy auditing via Microsoft Graph.
SailPoint Identity Lifecycle Lab
Full joiner-mover-leaver lifecycle in SailPoint: application onboarding, provisioning logic, and access certification campaigns, documented end to end.
Microsoft × SailPoint NHI Governance Architecture
The flagship: a cross-vendor reference architecture governing non-human identities end to end. Entra Workload ID as the control plane, SailPoint as the governance layer, vault-held short-lived secrets as enforcement.
Research
Measuring the market I work in, month over month.
Since June 2026 I have maintained a monthly open-source measurement of identity security hiring demand in the Kansas City market: which capabilities employers ask for, how long identity roles stay open, and how fast AI-agent adoption language is outrunning the identity governance vocabulary needed to secure it.
The methodology is frozen for comparability, the observations are archived with provenance, and the findings inform everything on this page, including which projects ship and in what order.
THE MONITOR PUBLISHES HERE · OCTOBER 2026
Contact
If you are hiring for identity work in Kansas City, or building at the NHI and AI governance intersection anywhere, I would like to hear about it.
© 2026 JARED PETERSON · KANSAS CITY, MO
DESIGNED AND BUILT AS PART OF THE SAME PROGRAM IT DESCRIBES.