Managing enterprise systems and operations.
Expert in Entra ID, Intune, and M365 Security.
Integrating security into every layer of infrastructure.
Automating workflows for reliable deployments.
Selected Projects
Selected Projects
Day Trading Journal (Android App)
Context
Developed and published a comprehensive trading journal application for active traders.
Role & Action
Built the full application lifecycle from concept to Play Store release. Implemented local database storage, performance analytics, and responsive UI.
Outcome
Successfully launched on Google Play Store, providing traders with a tool to track performance and improve discipline.
Enterprise Service Management Rollout
Context
Mid-sized organization required a structured service delivery platform to replace ad-hoc email requests and improve SLA tracking.
Role & Action
Architected and implemented a Jira Service Management instance. Designed custom workflows for incident/request types, configured automation rules for routing, and established a knowledge base structure.
Outcome
Standardized IT support workflows, enabled measurable SLA tracking, and reduced ticket resolution time by centralized intake and automated triage.
In-House IT Infrastructure Transition
Context
Organization moved from full MSP reliance to internal IT ownership to improve responsiveness and security control.
Role & Action
Took ownership of internal infrastructure, network management, and security operations. Audited existing assets, documented network topology, and established internal patch management routines.
Outcome
Successfully brought core IT operations in-house, reducing external vendor costs and significantly improving incident response times for critical business functions.
ISO 27001 Audit Readiness Support
Context
Organization pursued ISO 27001 certification requiring evidence of operational controls and rigorous documentation.
Role & Action
Aligned daily operational practices with security controls. Collected technical evidence for audits, documented access control procedures, and ensured endpoint compliance standards were met.
Outcome
Contributed to successful certification by validating that technical reality matched policy requirements, demonstrating a strong culture of compliance.
High-Availability Web Hosting Operations
Context
Production Windows web hosting environment required stable uptime, security hardening, and performance monitoring.
Role & Action
Managed IIS configurations, including application pools, SSL/TLS binding management, and log analysis. Implemented routine maintenance windows and performance monitoring.
Outcome
Maintained high availability for business-critical applications through proactive monitoring and disciplined change management procedures.
Enterprise Identity Simulation Lab
Context
Self-directed initiative to master Windows enterprise patterns outside of production constraints.
Role & Action
Built a complete Active Directory forest (Windows Server 2019/2022). Configured DNS, DHCP, GPOs for security baselines, and practiced domain join/trust operations.
Outcome
Deepened practical understanding of Kerberos, Group Policy inheritance, and identity lifecycle management, directly applying concepts to professional troubleshoot scenarios.
Network Defense & Remediation Cycle
Context
Simulation of a corporate network breach to understand the attacker lifecycle and validate defense efficacy.
Role & Action
Conducted controlled pentests (Kali, Nmap, Metasploit) against a lab AD environment. Identified vulnerabilities, then switched roles to Blue Team to implement detection rules and patch gaps.
Outcome
Closed the loop between attack and defense. Developed a threat-actor perspective that informs more effective system hardening and alert prioritization.
CVE-2025-32462 Vulnerability Analysis
Context
Technical deep-dive into a specific local privilege escalation vulnerability to understand exploit mechanics.
Role & Action
Replicated the vulnerability in a controlled environment. Documented the escalation path in sudo and tested mitigation strategies provided by vendors.
Outcome
Produced technical documentation demonstrating the importance of timely patching and principle of least privilege, suitable for peer technical review.
Technical Capabilities
A balanced mix of infrastructure stability, cloud modernization, and security operations.
Infrastructure
- Azure Virtual Desktop & W365
- Hybrid Identity Management
- Network Security Groups & ASGs
- Linux & Windows Administration
- Server Hardening Benchmarks
DevOps & Cloud
- Azure DevOps & GitHub Actions
- Entra ID PIM & Conditional Access
- Intune Endpoint Manager
- Terraform State Management
- Application Gateway & WAF
Security Operations
- Sentinel SIEM Query Engineering
- Automated Threat Response
- Microsoft Defender for Endpoint
- Identity Protection & Risky Users
- Email Security Policies
GRC & Compliance
- Compliance Manager Score Analysis
- Privileged Identity Governance
- Data Loss Prevention Policies
- Sensitivity Label Architecture
- Third Party App Permissions
Tooling & Development
- Python & Bash Automation
- KQL Query Language Expert
- Logic Apps & Power Automate
- API Security Testing Tools
- Vulnerability Management Dashboards
About Me
I am a Systems Administrator with over 3 years of experience in enterprise environments, where I've transitioned from frontline support to managing core infrastructure and security operations. My work is defined by a calm, methodical approach to troubleshooting and a strong ownership mindset—I don't just fix issues; I look for the root cause and document the solution.
Currently, I manage internal IT infrastructure, bridging the gap between traditional reliability (Windows Server, Networking) and modern agility (Azure, M365). I have a growing focus on Blue Team operations, actively training in incident response and vulnerability management to better protect the systems I administer.
Now / Next
Focusing on deeply integrating security into daily operations. Currently studying for specialized security certifications and building automated detection labs to simulate real-world SOC scenarios.
Ready to Connect?
I am currently open to conversations about Systems Administration, Infrastructure, and Security Operations roles.