Experience
- Solo IT and security engineer at a 70-person HIPAA startup, reporting to the VP of Engineering. Own M365, Intune (Mac + Windows), Entra/identity, Sentinel XDR, Drata, and the internal tools around them.
- Built BLAST, an in-house URL shortener with API and cookie-based A/B-test routing for landing pages. Runs on Azure Functions (Node.js), Cosmos DB, and APIM.
- Deployed and managed Azure Virtual Desktop for the seasonal workforce across 4 operating regions running Windows 11 Enterprise multi-session; FSLogix used for profile storage enabling rapid VM scaling.
- Enforced passwordless privileged access using macOS Platform SSO and Windows Hello for Business platform keys, with Admin by Request managing all admin sessions in a HIPAA environment.
- Led end-to-end SOC 2 Type 2 audit, coordinating across security, engineering, and compliance.
- Automated major business processes — including onboarding/offboarding and incident-response workflows — reducing manual work and improving operational consistency.
- Launched a virtual contact centre with integrated telephony, routing, and analytics; managed vendor security reviews and Meta/Google data integrations for product and marketing.
- Managed data integrations across Snowflake, RudderStack, Fivetran, Power BI, and BambooHR as part of the broader data and HR infrastructure stack.
- Configured Microsoft Purview and Zscaler ZIA for a medium-sized organisation in the financial industry.
- Migrated legacy WordPress intranet to a SharePoint Modern site, modernising content architecture and improving governance and access controls.
- Served as lead IT on the contact centre system, overseeing platform operations across InContact and Five9 for a hybrid/remote workforce of 230 employees and 120 contractors.
- Debugged and troubleshot Salesforce custom integrations and scripts, becoming the primary internal resource for Salesforce platform issues.
- Migrated company identity platform from Okta to OneLogin.
- Cut macOS MDM spend by 50% by migrating device management from Jamf to Kandji.
- Redesigned Jira Service Desk workflows and automation logic, becoming the in-house expert for Jira Cloud development.
- Awarded Health IQ MVP for 2019.
Skills
Security Engineering
KQL · Sentinel XDR · Defender XDR · Purview · Zscaler ZIA · Drata · Detection Engineering · Incident Response · Zero Trust · DLP · SOC 2 · HIPAA
Identity & Access
Entra ID · Conditional Access · FIDO2 / Passwordless · macOS Platform SSO · Windows Hello for Business · Admin by Request · Okta · OneLogin
Endpoint Management
Intune · JAMF · Kandji
Cloud & Infrastructure
Azure · Azure Functions · Cosmos DB · APIM · Azure Virtual Desktop · FSLogix · AWS · Cloudflare Workers · D1 · Durable Objects · Serverless
Automation & Scripting
PowerShell · Node.js · Bash · Power Automate · Zapier · GitHub Actions (CI/CD)
Software Development
React · TypeScript · Tailwind · Vite · PWA / Service Workers · IndexedDB (Dexie) · Clerk · REST APIs
Data & Analytics
Snowflake · RudderStack · Fivetran · Power BI · Google Analytics · Google Tag Manager
Business Systems
Jira · Salesforce · Talkdesk · Amazon Connect · BambooHR
Selected Projects
- Built end-to-end on Cloudflare's edge stack: Pages Functions, D1, KV, R2, Workers AI, and Durable Objects for per-crew WebSocket fan-out.
- React 19 + TypeScript + Tailwind frontend with Dexie-backed offline cache, vite-plugin-pwa service worker, and a sync queue that replays mutations when the connection returns.
- Operated like production: Clerk auth, PostHog exception capture + autocapture analytics, structured error logs in KV, and a scaling-canary cron that pages at 80% of Workers Paid plan budget.
Certifications
CompTIA IT Operations Specialist, CompTIA Network+, CompTIA A+