Work

Endpoint, identity, and the IT side of SOC 2.

What I spend my weeks on, the stack I lean on, and a few of the projects worth talking about.

Endpoint Management

Microsoft Intune across Windows, macOS, iOS and Android. Autopilot, ADE, app deployment, configuration baselines, compliance.

Identity & Access

Entra ID, Conditional Access design, PIM, app registrations, hybrid join cleanups, FIDO2 rollouts.

Azure

Tenant hygiene, role design, log analytics, governance via management groups and policy.

SOC 2 for IT

Drafting endpoint and access controls, evidence collection runbooks, and the boring-but-vital quarterly attestations.

Selected case studies

SOC 2 Type II readiness — endpoint scope

IT & Security, Nablon

Built the endpoint and identity control set from zero: compliance policies, CA tied to device health, MFA enforcement, evidence collection that survives auditor scrutiny.

IntuneEntraSOC 2

Autopilot rollout — distributed workforce

IT & Security, Nablon

Replaced manual imaging with Autopilot for new hires across multiple regions. Cut day-zero setup from a half day to under thirty minutes.

IntuneAutopilot

Conditional Access redesign

IT & Security, Nablon

Replaced a sprawl of overlapping CA policies with a layered persona model. Cleaner audit story, fewer accidental lockouts.

EntraConditional Access

Hiring for an Endpoint, Identity, or Security IT role? Let's talk.