ICT Systems Administrator | Azure Cloud & Security Operations
Arpit Dahal
Results-driven Systems Administrator with extensive experience in Azure Cloud Infrastructure, Microsoft 365, and Cyber Security. Recently led ISO27001 certification and DISP compliance for a national infrastructure company servicing NextDC, Microsoft, and Amazon data centres.
Sole IT lead for cloud-only Microsoft infrastructure.
Led technical execution, achieving certification in record time.
SCCM to Intune migration reducing provisioning time by 40%.
Maintaining high availability across enterprise infrastructure.
Selected Projects
Selected Projects
ISO 27001 Certification & DISP Compliance
Context
Alliance SI pursued ISO 27001 certification and Defence Industry Security Program (DISP) compliance to service major data centre clients including NextDC, Microsoft, and Amazon.
Role & Action
Led the full technical execution of ISO 27001 controls. Hardened internal systems across identity, endpoints, and network layers. Aligned operational practices with DISP requirements and collected audit evidence.
Outcome
Achieved full company ISO 27001 certification in record time while meeting strict DISP compliance requirements, enabling Alliance SI to win Defence contracts.
Visitor Management System — Alliance SI
Context
Alliance SI required a compliant visitor management solution for Defence contract sites, replacing manual logbooks with an auditable digital workflow.
Role & Action
Architected a custom VMS using Power Automate and PowerApps with SharePoint backend. Automated check-in/out workflows, policy acknowledgment, and compliance reporting for 500+ annual visitors.
Outcome
Eliminated manual logbooks entirely, ensuring strict Defence contract compliance with full audit trails and automated notifications.
Corporate Office Network Build
Context
Alliance SI's new corporate office required a complete network infrastructure build from scratch with day-one connectivity for all staff.
Role & Action
Engineered the entire network setup end-to-end: ISP negotiation, Meraki firewall configuration, VLAN segmentation, and Wi-Fi optimization across the office floor.
Outcome
Delivered full day-one connectivity for all staff with a secure, segmented network architecture meeting enterprise and Defence standards.
SCCM to Intune Migration — NRMA
Context
NRMA's 2,000+ staff hybrid environment needed modernisation from legacy SCCM to cloud-native Intune for endpoint management.
Role & Action
Led the migration of 500+ endpoints from SCCM to Microsoft Intune. Designed compliance policies and configuration profiles. Acted as macOS infrastructure SME ensuring seamless Apple device integration.
Outcome
Reduced device provisioning time by 40% and established a modern, cloud-native endpoint management platform across the organisation.
Android Trading Journal App (Published)
Context
Developed a Forex trading journal application to help active traders track performance, analyse patterns, and improve discipline.
Role & Action
Built the full application lifecycle from concept to Google Play Store release. Leveraged AI-assisted coding for rapid feature delivery, personally managed Android Studio integration, Firebase backend (Authentication, Firestore database, Cloud Storage), and executed the complete release pipeline.
Outcome
Successfully published on Google Play Store, providing traders with a cloud-backed tool for journaling trades with real-time sync across devices.
Enterprise Home-lab Environment
Context
Self-directed initiative to master Windows enterprise patterns and security testing outside production constraints.
Role & Action
Engineered a virtualised enterprise environment using Windows Server 2019/2022 as Domain Controller. Built a complete AD forest with RBAC, 15+ custom GPOs, DNS/DHCP/File Services, Pi-hole DNS filtering, IIS hosting, and PowerShell automation sandbox.
Outcome
Deepened practical understanding of identity lifecycle, Group Policy inheritance, and network security — directly applying concepts to production troubleshooting.
Network Defense & Remediation Cycle
Context
Simulation of a corporate network breach to understand the attacker lifecycle and validate defense efficacy.
Role & Action
Conducted controlled pentests (Kali, Nmap, Metasploit) against a lab AD environment. Identified vulnerabilities, then switched to Blue Team to implement detection rules and harden gaps.
Outcome
Closed the attack-defense loop. Developed a threat-actor perspective that informs more effective system hardening and alert prioritisation.
CVE-2025-32462 Vulnerability Analysis
Context
Technical deep-dive into a local privilege escalation vulnerability in sudo to understand exploit mechanics and patching.
Role & Action
Replicated the vulnerability in a controlled environment. Documented the escalation path and tested vendor mitigation strategies.
Outcome
Produced technical documentation demonstrating the importance of timely patching and least privilege, suitable for peer review.
Technical Capabilities
A balanced mix of infrastructure stability, cloud modernization, and security operations.
Cloud & Identity
- Microsoft Azure
- Entra ID (Azure AD)
- Microsoft 365 (Exchange, SharePoint, Teams)
- Intune (MDM/MAM)
- Zero Trust Architecture
Security & Compliance
- ISO 27001 Compliance
- DISP (Defence Industry)
- Incident Response & Escalation
- Vulnerability Assessment
- SIEM Operations
Infrastructure & Networking
- Firewalls (Meraki/Cisco)
- DNS, DHCP, VPN, VLANs
- Windows Server 2019/2022
- Active Directory & Group Policy
- Linux (Kali, Ubuntu)
Automation & Development
- Power Automate & PowerApps
- PowerShell & Bash Scripting
- Java, JavaScript/TypeScript
- Next.js, HTML/CSS
- Android Studio & Firebase
Platforms & Tools
- ServiceNow, Jira, Atera
- Smartsheets, Simpro
- GitHub, Cloudflare
- Virtualisation (VMware/Hyper-V)
- Nmap, Metasploit, Wireshark
About Me
I am the ICT Systems Administrator at Alliance SI, a national network infrastructure company servicing major data centre clients including NextDC, Microsoft, and Amazon. I serve as the primary IT lead, solely responsible for end-to-end governance of a cloud-only Microsoft infrastructure for 200+ users.
I recently led the technical execution of ISO 27001 certification — achieving full company certification in record time — while simultaneously hardening systems to meet Defence Industry Security Program (DISP) compliance requirements. I also engineered the complete network build for our new corporate office and architected a custom Visitor Management System for Defence contracts.
Previously at NRMA, I led the migration of 500+ endpoints from SCCM to Intune across a 2,000+ staff hybrid environment and served as the macOS infrastructure SME. Before that, I built my foundation at Renew IT as a Technical Support Specialist, troubleshooting complex hardware issues and managing the full repair lifecycle.
Experience
ICT Systems Administrator — Alliance SI
May 2025 — Present · Artarmon, NSW
Service Desk Analyst — NRMA
Dec 2022 — May 2025 · Sydney Olympic Park, NSW
Technical Support Specialist — Renew IT
Dec 2021 — Dec 2022 · Parramatta, NSW
Education & Certifications
Certified in Cybersecurity (CC)
ISC2 · 2025
Bachelor of Information Technology
Major in Networking · 2019
Ready to Connect?
I am currently open to conversations about Senior Infrastructure, Systems Administration, and Security Operations roles.