Edward Griggs headshot
Cybersecurity & IT Systems Administrator

Edward Griggs

Systems Administrator • IT & Cybersecurity

IT professional with expertise in Microsoft 365 administration, cybersecurity compliance, and building IT infrastructure from the ground up. Experienced in developing organizational policies, managing web platforms, and supporting distributed teams.

Yorktown, VA

Download ResumeGet in Touch

About Me

A dedicated IT professional focused on building secure, efficient systems and empowering teams to do their best work.

IT Infrastructure

Built IT support function from the ground up, establishing policies, procedures, and workflows for growing organizations.

Security & Compliance

Supported ISO 9001 certification and NIST SP 800-171 alignment; created company-wide IT and AI policies.

Web Development

Designed and managed organizational websites and intranets using SharePoint, WordPress, HTML, and CSS.

Support Excellence

Provided remote technical support across platforms, reducing downtime and improving productivity for distributed teams.

Experience

My professional journey in IT systems administration, web development, and compliance.

Contract Closeout Specialist

Current
NewView OklahomaOklahoma City, OK
Nov 2024 - Present
  • Manage contract documentation and assist in finalizing federal contract closeouts.
  • Ensure compliance with federal acquisition regulations and internal standards.
  • Collaborate with visually impaired team members to maintain efficient workflows.
  • Frequently assigned additional responsibilities due to consistent, accurate performance.

Systems Administrator

Current
Aalis Management ConsultingAlexandria, VA
July 2023 - Present
  • Designed, developed, and launched "Aalis Connect," a SharePoint-based intranet centralizing organizational communication and knowledge sharing.
  • Administered and managed Microsoft 365 ecosystem (account provisioning, permissions, security configurations), implementing group policies that streamlined IT governance.
  • Built the IT support function from the ground up for a growing small business; established policies, procedures, and workflows for a two-person IT team.
  • Created and implemented company-wide IT and AI policies aligned with security, compliance, and ethical use standards.
  • Streamlined onboarding/offboarding by automating welcome emails, account setup, and role-based access; reduced setup time and increased consistency.
  • Designed, developed, and managed the company public website; owned updates, content strategy, and performance optimization.
  • Provided remote technical support to staff/contractors across platforms; reduced downtime and improved productivity.
  • Supported ISO 9001 certification and drove compliance with NIST SP 800-171; contributed to cybersecurity readiness.

Web & IT Support Specialist

Planting Hope GlobalRemote
Dec 2020 - July 2023
  • Designed, maintained, and updated organization website using WordPress, HTML, and CSS.
  • Provided IT support: account setup, password resets, troubleshooting hardware/software.
  • Assisted with network configuration and device setup for remote staff.
  • Managed hosting, updates, backups, and basic security controls.
  • Implemented access controls and followed security best practices to protect organizational data.
  • Integrated tools such as Mailchimp and analytics platforms for communication/reporting.
  • Documented systems/configurations/processes to support continuity and onboarding.

Skills & Tools

Technologies and methodologies I work with to deliver robust IT solutions.

Cloud & Identity

Microsoft 365Entra ID (Azure AD)SharePoint OnlineExchange Online

Security & Compliance

NIST SP 800-171ISO 9001Security Best PracticesAccess Controls

IT Administration

Account ProvisioningGroup PoliciesEndpoint ManagementRemote Support

Automation

Onboarding/Offboarding WorkflowsEmail AutomationRole-Based Access Setup

Web Development

WordPressHTMLCSSSharePoint Intranet Development

Policy & Governance

IT Policy DevelopmentAI Policy CreationCompliance Documentation

Support & Troubleshooting

Hardware/Software SupportNetwork ConfigurationDevice SetupPassword Management

Documentation

Systems DocumentationProcess BuildingConfiguration ManagementKnowledge Base

Certifications

Professional certifications validating expertise in cybersecurity.

CompTIA Security+

CompTIA

January 2026

Industry-leading certification validating baseline cybersecurity skills, including network security, compliance, operational security, and threat management.

Verify Credential

Security Projects

Hands-on home lab work — hardening systems, segmenting networks, and building automation with a security-first mindset.

Internet/ LANUFWFirewallRaspberry Pi 5SSH (keys-only)systemd unitsLogs · fail2ban · systemd timersPi 5 · Hardened Linux Node

Raspberry Pi 5 — Hardened Linux Node

Built and hardened a Raspberry Pi 5 running Linux with layered host security controls.

  • SSH hardening: public-key authentication only, root login disabled, connection rate limiting via fail2ban.
  • Host firewall policy with UFW — default-deny inbound, explicit allow for required services only.
  • systemd service isolation: unit-level hardening with least-privilege settings (ProtectSystem, NoNewPrivileges, CapabilityBoundingSet).
  • Automated patch and maintenance windows using systemd timers for unattended-upgrades.
  • Centralized log review and alerting for authentication events and service failures.
InternetHTTPSReverse ProxyTLS terminationCaddy / NginxDocker network (isolated)n8nautomation.envsecretsHealth checks · container logs · SSH (keys)Ubuntu VPS · Docker · n8n Automation

Docker / n8n — Containerized Automation VPS

Deployed a containerized automation platform on an Ubuntu VPS with a focus on secure configuration and network hygiene.

  • Secure reverse proxy with automatic TLS termination (Caddy/Nginx) — no plaintext traffic exposed.
  • Secret and environment management: no credentials in version control, runtime injection via .env with restricted file permissions.
  • SSH hardening on the host: key-based authentication only, non-default port, fail2ban brute-force protection.
  • Docker network segmentation — containers operate on isolated internal networks; only the reverse proxy is externally reachable.
  • Container health checks and structured log collection for operational visibility and incident detection.
Router / CoreVLAN-aware switchFirewall · VLAN ACLsTrusted VLANPCs · Admin access onlyno IoT east-westIoT VLANisolated · local-onlyHome AssistantZigbee coord · local controlHome Lab · IoT VLAN Segmentation

Home Assistant + Zigbee — IoT VLAN Segmentation

Segmented IoT devices into an isolated VLAN to reduce lateral movement risk and enforce local-only control.

  • Dedicated IoT VLAN with separate SSID — no layer-2 adjacency between IoT devices and trusted hosts.
  • Firewall ACLs blocking east-west movement from the IoT zone into the trusted LAN.
  • Local-only control: Home Assistant configured without cloud relay, reducing the external attack surface.
  • Zigbee risk evaluation: reviewed vendor firmware update cadence and known CVEs before device procurement.
  • IoT event logging forwarded to a central log store for visibility into unexpected device behavior.

Education

Academic foundation supporting my career in technology.

Bachelor of Arts in Fine Arts

University of Virginia's College at Wise

May 2019
Wise, VAGPA: 2.8

Get in Touch

Interested in working together? I'd love to hear from you.

Contact Information

Email

edwardjgriggs@gmail.com

Phone

276-701-1863

Location

Yorktown, VA 23693

Ready to Connect?

Whether you have a project in mind, a role that might be a good fit, or just want to discuss IT and cybersecurity, I'm always open to conversations.

Send EmailDownload Resume