Projects & Achievements

MSP Multi-Tenant Assessment Platform

A managed service provider was spending weeks manually auditing each client's IT environment. I built an automated assessment platform that pulls live data from their existing security and management tools, generating comprehensive audit reports in minutes instead of days. The MSP now runs standardised assessments across all 28 clients with consistent quality and prioritised recommendations.

Automated what used to take weeks of manual work — 28 client environments now assessed consistently

PowerShell Python API Integration CrowdStrike NinjaOne Meraki Automation

HR-to-IT Lifecycle Automation

A growing company had no dedicated IT person and was manually setting up accounts for every new hire. As their Fractional IT Officer, I built their entire IT function from scratch — including automated employee onboarding that creates accounts, assigns the right permissions, and notifies managers without anyone lifting a finger. What used to take hours of ad-hoc IT work now happens automatically overnight.

Built the entire IT function from scratch — including hands-free employee onboarding

Power Automate Azure Automation HiBob PowerShell Microsoft Graph

Compliance Certification — ISO 27001 & Cyber Essentials

Two growing businesses needed security certifications to win larger contracts — but had no security framework in place. I took both organisations from zero to certified: one through ISO 27001 (the gold standard for information security) and another through Cyber Essentials. I handled everything — policy writing, risk assessment, evidence preparation, and audit readiness — so the business owners could focus on running their companies.

Took two companies from zero security framework to audit-ready — unlocking larger contracts

ISO 27001 Cyber Essentials Policy Authoring Risk Management Compliance

Qualys VMDR & Endpoint Security

A company with 300+ devices had no visibility into their security vulnerabilities and was failing compliance requirements. I deployed a unified security platform and built automated patching workflows that cut the time to deploy critical updates by 60%. Within two months, we eliminated over half of 45,000 identified security gaps — clearing the path for Cyber Essentials Plus certification.

Removed 45,000+ security gaps and cut patching time by 60% — enabling compliance certification

Qualys VMDR EDR Patch Management PowerShell Endpoint Security

More Projects

ISO 27001:2022 Readiness Assessment Tool

Self-service web app that generates a tailored Statement of Applicability and 10 ISMS policy documents from a 7-step questionnaire. Reduces time from assessment to audit-ready documentation from months to days.

View Project →
ISO 27001 Next.js Claude AI Compliance

Cyber Essentials Plus Readiness Assessment Tool

Self-service assessment tool aligned to the IASME Willow question set. AI-powered remediation guidance for all 62 CE+ questions with Microsoft 365 implementation steps, assessor preparation pack, and evidence export.

View Project →
Cyber Essentials Next.js Claude AI Compliance

Active Directory Migrations & Hybrid Identity

Led two distinct AD migration projects — a network re-IP and domain migration with hybrid Entra Connect sync, and a cross-forest ADMT migration with Azure-hosted DCs, SID history preservation, and password migration across 96 users and 3 file servers.

Active Directory ADMT Entra Connect Hybrid Identity Azure

M365 User Offboarding Automation

PowerShell runbooks triggered by Power Automate webhooks executing 8 offboarding tasks — OneDrive transfer, calendar forwarding, mailbox delegation, group removal, license recovery, and sign-in block. DryRun parameter for safe testing. Reduced offboarding from hours to minutes.

PowerShell Azure Automation Microsoft Graph Exchange Online

Intune MDM & Compliance Automation

Deployed Microsoft Intune for corporate device management with Conditional Access policies, Qualys agent distribution, and an Azure Automation runbook generating daily Cyber Essentials Plus compliance reports. Reduced critical findings from 49 to 7 in five days.

Intune Conditional Access Azure Automation Qualys Compliance

WordPress Incident Response & Hardening

Walk-in incident response for a compromised WordPress site. Full forensic investigation, multi-shell malware removal, credential rotation, database scanning, WAF and 2FA deployment. 38 remediation items completed, plugins reduced from 36 to 19, two client reports delivered.

WordPress Incident Response Forensics WAF Security Hardening

M365 Security Hardening (No Premium Licensing)

Secured a small business M365 tenant without Entra ID P1/P2 licensing. Enabled Security Defaults, designed 6 Conditional Access policies (scripted, ready for future P1), enabled unified audit logging, and investigated an Exchange mailbox deletion incident via Purview.

Security Defaults Conditional Access Exchange Online Audit Purview

Identity Lifecycle & SSO Integration

Configured SCIM provisioning and SSO across a SaaS stack with Entra ID as the authoritative identity source. Built a Blazor self-service tool for managers and IT admins to update Entra ID user attributes with role-based access controls and real-time Graph API verification.

SCIM SSO Entra ID Blazor Microsoft Graph

Power BI Embedded Portal

Deployed a Power BI Embedded portal replacing per-user Pro licences, achieving a 72% cost reduction. Embedded dashboards accessible to all staff without individual licensing.

Power BI Embedded Cost Optimisation Azure Data & Analytics

VMware Workspace ONE MDM Deployment

Single-handedly deployed VMware Workspace ONE as the MDM platform for a 300+ endpoint estate. Defined enrolment profiles, compliance policies, and application deployment workflows. Achieved 98% device coverage within three months.

VMware Workspace ONE MDM Endpoint Management

Purchase Order Approval Workflow

Two-tier purchase order approval via Power Automate and SharePoint — manager first, then executive with conditional routing by request type. Full audit trail, real-time status tracking, and email notifications at every stage.

Power Automate SharePoint Microsoft Approvals Automation

AD Disaster Recovery & Domain Rebuild

Restored a failed Active Directory environment from a 6-month-old backup. Reconstructed all domain objects into a new virtualised domain controller, preserving the original domain name for continuity across all joined devices.

Active Directory Disaster Recovery Windows Server Virtualisation

ChromeOS Secure Browser Deployment

Migrated 400+ ChromeOS devices from Google Workspace management to a secure browser infrastructure meeting examination compliance requirements across multiple test centre locations.

ChromeOS Google Workspace Compliance Device Management

RustDesk Monitor Dashboard

Built a Flask dashboard with Entra ID SSO for tracking 8 shared Bloomberg terminal devices — live status (Free/Busy/Offline), current user display, pivot-table usage reports with CSV export, and Docker deployment.

Python Flask Docker Entra ID SSO SQLite

IT & Security SharePoint Hub

Provisioned an 8-page IT & Security SharePoint hub entirely via PnP PowerShell — 25 ISO 27001 policies, tools catalogue, distribution lists, onboarding guide, and 25+ FAQs, all deployable from a single script.

SharePoint PnP PowerShell ISO 27001 Automation

These projects are backed by 15+ years across Continental, Vitesco Technologies, Accenture, and other enterprise environments.

View Full Career Timeline →