Available for New Roles & Projects
// Philadelphia, PA — Healthcare IT Security

MarkSchwinnPhiladelphia

I protect organizations from the inside out. Deep hands-on experience in identity management, access control, and healthcare security — building defenses that actually hold.

View Services See My Work
Mark Schwinn
MARK_SCHWINN.EXE // LOADED
Network
Philadelphia
Status
Active
Identity ManagementActive DirectorySailPointEntra IDCisco ISEHIPAA SecurityMFA & SSORBACAWS CloudZero TrustIncident ResponsePython Identity ManagementActive DirectorySailPointEntra IDCisco ISEHIPAA SecurityMFA & SSORBACAWS CloudZero TrustIncident ResponsePython
About

Who I Am

I work inside one of Philadelphia's largest health systems every single day. I've seen what real enterprise security looks like from the inside — the vulnerabilities nobody talks about, the access controls that slip through the cracks, the systems that look secure but aren't.

That experience is what I bring to every organization I work with. Not textbook knowledge. Real world defense.

I'm building something bigger — a consulting practice that makes enterprise-grade security accessible to every organization that needs it, not just the ones with Fortune 500 budgets. If your data matters, your security should too.

✓ CompTIA Security+
✓ Google Cybersecurity
↗ B.S. IT & Cybersecurity · 4.0 GPA
↗ CySA+ In Progress
Get In Touch LinkedIn Profile
IAM ArchitectureAccess GovernanceHIPAA ComplianceThreat DetectionCloud SecurityIdentity LifecycleIncident ResponseZero TrustPython AutomationHealthcare IT
// 01
Enterprise Scale Experience
Managing identity and access operations across a 20,000+ user healthcare environment daily. High-stakes security work where the wrong call affects patient care.
// 02
Healthcare Security Specialist
HIPAA compliance, patient data protection, and healthcare IT security aren't services I just offer — they're the environment I operate in every single day.
// 03
Builder, Not Just Advisor
I don't just identify problems and hand you a report. I build tools, automate processes, implement fixes, and stay involved until your environment is actually secure.
// 04
No Corporate Overhead
Working directly with me means enterprise-level expertise without the consulting firm markup. You get the same knowledge and a lot more of my actual attention.
Services

What I Do

Most Requested
HIPAA Security Risk Assessment
Know exactly where you're exposed before an auditor or attacker finds it first.
  • Full security environment scan
  • Written vulnerability report
  • Prioritized remediation roadmap
  • 30-day follow-up call
$2,500
ONE-TIME
Engage →
Full Stack
Cybersecurity Audit & Remediation
Find every gap. Fix every gap. Most consultants stop at the report — I don't.
  • Comprehensive security audit
  • Hands-on remediation
  • Access control overhaul
  • 90-day support included
$3,500
ONE-TIME
Engage →
Cloud
Microsoft 365 & Cloud Security
Out-of-the-box M365 is not secure. I configure it the way enterprise health systems do.
  • M365 security hardening
  • Entra ID & Azure AD setup
  • MFA & conditional access
  • RBAC implementation
$2,000
ONE-TIME
Engage →
Identity
Identity & Access Management
Wrong access controls are the #1 cause of breaches. I design IAM frameworks that solve this permanently.
  • IAM environment assessment
  • Active Directory consulting
  • RBAC framework design
  • SSO architecture guidance
$2,000
ONE-TIME
Engage →
Training
Security Awareness Training
Most breaches happen because of people, not technology. I teach your team to recognize threats before they become incidents.
  • Phishing & social engineering
  • Password & access hygiene
  • Incident reporting procedures
  • Custom session for your team
$500
PER SESSION
Engage →
Compliance
IT Security Policy Development
No policies means no protection and no compliance. I write the security documentation your organization actually needs.
  • Password & access control policy
  • Incident response procedures
  • HIPAA-aligned documentation
  • Employee security guidelines
$1,500
ONE-TIME
Engage →
Retainer
Managed Security Partnership
Your dedicated security operator every month. Threats don't take breaks. Neither does this. Most small organizations can't afford a full-time security team — but they can't afford not to have one.
  • Monthly monitoring & reporting
  • Quarterly risk assessments
  • Access control reviews
  • Incident support & response
  • Monthly strategy call
  • Priority 24-hour response
$1,500/mo
ONGOING
Engage →
Technical Stack

Tools I Operate

// Identity & Access
SailPoint IAMMicrosoft Entra IDActive DirectoryCisco ISEMFA / SSORBAC / PAMZero Trust
// Security & Compliance
HIPAA FrameworksIncident ResponseAccess AuditingThreat DetectionRisk AssessmentSecurity Operations
// Cloud & Infrastructure
AWSAzure ADMicrosoft 365CitrixEpic EHRVPN Administration
// Dev & Tools
PythonServiceNowGitHubKali LinuxWiresharkWindows / macOS
Portfolio

Things I've Built

HIPAA // Assessment // Case Study
Keystone Family Dental
A 7-person Philadelphia dental practice with critical HIPAA violations — no MFA, shared credentials, zero access controls, and no security policies. Assessed, remediated, and fully documented in two weeks with zero downtime.
HIPAAM365 SecurityIAMPolicy DevelopmentHealthcare
Read Full Case Study →
Python // AWS // HIPAA
HIPAA AWS Compliance Checker
Automated Python tool that scans AWS environments for HIPAA security compliance gaps. Generates reports identifying violations with prioritized remediation steps. Built from real healthcare security knowledge.
PythonAWSHIPAAAutomation
github.com/markthedev12 →
HTML // CSS // Netlify
This Website
Designed and built from scratch — no templates, no builders, pure code. Custom cyberpunk aesthetic, fully responsive, deployed on Netlify. The site you're looking at right now.
HTML/CSSDesignNetlify
You're already here →
VMware // Windows Server // Kali
Enterprise IAM Home Lab
Personal cybersecurity lab built to mirror enterprise healthcare IT. Windows Server AD, Kali Linux for attack simulation, hybrid Azure AD integration. Breaking things on purpose to understand them.
Active DirectoryKali LinuxAzure ADVMware
Follow progress →
Security Consulting // Live Application
AphoriaApp.com Security Implementation
Served as security consultant for Aphoria — a consumer productivity web application. Conducted security architecture review, implemented data protection principles, advised on secure authentication practices, and delivered security awareness guidance to the founding team across the platform's development lifecycle.
Security ArchitectureWeb SecurityOWASPConsultingLive App
aphoriaapp.com →
Client Testimonial

What People Say

“Mark taught me the importance of security principles and helped me implement them on my platform. He made something complex feel approachable and actually took the time to make sure everything was done right.”

M
Mahely
Founder — AphoriaApp.com
// VERIFIED CLIENT
// Initialize Contact Protocol

Let's Secure
Your World

Whether you need a HIPAA assessment, an IAM overhaul, an ongoing security partner, or you're looking to hire someone who actually knows this space — I'm ready to talk.

Book Free Consultation
// mark@markschwinn.com · // Response within 24hrs

Free consultation · No commitment · Philadelphia, PA