About me

I'm a security architect focused on Microsoft technologies. Been doing this for 15+ years.

Background

Based in Auckland, working remotely with clients in the US, Europe, and Asia-Pacific. I focus on the Microsoft security stack - Azure, Sentinel, Defender, Entra ID, AVD, Intune, PKI.

20+ years in IT, 15+ years in security. Worked with financial services, telecom, healthcare, government, and tech companies. I do hands-on implementation and architectural design. Focus is on building stuff that actually works and that your team can maintain.

Some things I've done:

  • Deployed Azure Virtual Desktop (AVD) Privileged Access Workstations for financial services regulator
  • Designed and deployed enterprise PKI infrastructure compliant with NZISM/DIA for major telecommunications provider
  • Led Microsoft Sentinel implementations with custom KQL detection rules and SOAR automation for multiple organizations
  • Governed enterprise vulnerability management programs using Tenable, Nessus, and CrowdStrike
  • Optimized SCOM monitoring infrastructure reducing incident noise by 70% while improving accuracy
  • Previous experience with Microsoft Corporation as Information Technology Consultant

How I work

Security isn't about implementing every possible control. It's about understanding what you actually need, then building something practical that protects what matters.

What I'm good at:

  • Taking compliance requirements (NIST, ISO 27001, SOC 2) and turning them into controls you can actually maintain
  • Building solutions your security team can operate without calling me every week
  • Automating everything with Infrastructure as Code so deployments are consistent and fast
  • Training your team so they can run and evolve what we build

Industry Experience

15+ years working with financial services, healthcare, government, and technology organizations across regulated and high-security environments. Experience with PCI-DSS, HIPAA, FedRAMP, and strict data sovereignty requirements.

Availability

I work across US, Europe, and Australia time zones. Based in Auckland, so I can do real-time calls or async work. Some clients like that I can get work done overnight for their timezone.

Most work is remote. I can do on-site workshops if you need face-to-face for critical stuff. I write clear updates, document everything, and you'll always know what's happening.

Pricing: Flexible - hourly, project-based, or monthly retainer. Contact for details. Most projects run 3-6 months. Some clients keep me on retainer for ongoing help.

Technical Expertise

Deep expertise across the Microsoft security ecosystem including Sentinel, Defender Suite, Entra ID, and Azure security services. Strong automation capabilities with Bicep, PowerShell, and KQL. Compliance framework experience spans NIST, ISO 27001, SOC 2, NZISM, and CIS Benchmarks.

Philosophy

"The best security is stuff that works and that your team can actually maintain. Overly complex solutions eventually become security risks because nobody understands them. I build practical, well-documented infrastructure that your team can run and evolve as things change."

Let's work together

Need help with Azure security? Let's talk.

Book a call