A practitioner's site, not a résumé.
I run endpoints, identity, and the IT side of SOC 2 at Nablon. I've been on the internet since dial-up, broke things on Orkut for fun in the 2000s, and now I keep a fleet of devices honest with Intune, Entra, and Conditional Access.
I write here because I've been on both sides of the table that matters most in my field: the side that wants to get in, and the side that wants to keep that side out. Both sides ask the same questions. Only the answers are different.
Most of my work output is for an audience of one — my CTO, who approves what I draft. This site is for the rest of you: practitioners who'd benefit from a clear write-up of something that took me a week to figure out.
- 20032000s
Dial-up, IRC, and a school server I shouldn't have had access to.
First taste of what 'admin' really means: someone forgot to change a default password.
- 2005Orkut days
Orkut, scraps, and the testimonial economy.
A teenage masterclass in audience, identity, and reputation. I didn't know it was research.
- 2012early career
Helpdesk to sysadmin.
AD, Group Policy, and learning that documentation is the job.
- 2018early career
Cloud, then identity.
Azure, Entra, and the slow realisation that identity is the new perimeter.
- Todaynow
IT & Security at Nablon.
Endpoint, identity, and SOC 2. I draft the policies; my CTO Ravi approves them.
Want to talk shop, swap war stories, or compare SOC 2 evidence checklists? Get in touch.