Joshua Cain

I am an Identity and Access Management specialist focused on designing authentication, authorization, and identity governance systems, based on zero-trust methodology.

Starting at a young age, I've loved architecting and optimizing systems. Intially, it was building home computers for myself and my friends. From this passion, I expanded into tinkering with a multitude of Linux systems, doing everything from modifying my Arch install to push a 2019 Thinkpad past what I could expect from modern laptops, to creating a Raspberry Pi DNS server for blocking ads across my home network. Nothing is more rewarding than designing a system from the ground-up, and tackling each and every problem along the way.

I approach security from a systems perspective. Rather than focusing solely on individual technologies, I am interested in how people, processes, and systems interact to create secure and resilient environments. Identity sits at the center of that relationship. Authentication, authorization, governance, and automation are not isolated controls; they are interconnected components of a larger system that must balance security, usability, and operational requirements. This perspective has shaped both my professional work and personal projects, leading me to explore identity architecture, federation, governance, privileged access management, and infrastructure as code through hands-on implementation and experimentation.

My experience spans enterprise access governance, lifecycle management, privileged access management, federation, and identity automation. At Moneris I managed large-scale identity operations and access certifications, while today my work focuses on identity engineering and security architecture, implementing solutions such as zero-trust PAM and Kerberos-based single sign-on.

This site is where I document lab work, explore identity systems, and write about security problems I find interesting.