Security Architect & Engineer

Building Zero Trust Architectures with Microsoft Security Stack

I design and implement Zero Trust architectures using Microsoft Entra ID, Defender suite, and Sentinel. Specializing in Conditional Access, PIM, workload identities, and automated security guardrails.

Learn More View Projects
decor

About Me

I design and implement Zero Trust architectures using Microsoft Entra ID, Defender suite, and Sentinel. I specialize in Conditional Access, PIM, workload identities, and automated security guardrails via Microsoft Graph API.

My work spans SAML/OIDC/OAuth2 integrations, B2B/cross-tenant scenarios; AI security with Security Copilot, Agentic AI, and the Entra Agentic ID framework for autonomous identity management; and cloud defense across Azure and multi-cloud environments.

I support presales and delivery, mentor engineers, and drive least-privilege IAM. I'm not here to maintain systems, I'm here to evolve them.

Extended Competencies

Core areas of expertise across Microsoft Security ecosystem and cloud architectures

Microsoft 365 & Azure Security

Expert in identity management, Defender and Azure security solutions, compliance, and monitoring.

  • Entra IDAzure architecture and implementation
  • DefenderDefender XDR, MDE, MDO, MDI, MDCA
  • SentinelSentinel SIEM and threat detection
  • PurviewPurview information protection

Security Tools & DevSecOps

Hands-on experience with security tools and automated security monitoring solutions with CI/CD integration.

  • XDRXDR, EDR, NDR implementations
  • EmailEmail security and phishing defense
  • OSINTOSINT tooling and threat intelligence
  • AutomationSecurity automation and orchestration

AI Security

Expert in Security Copilot, AI governance frameworks, and secure AI integrations across Microsoft ecosystem.

  • CopilotSecurity Copilot implementation
  • AICustom Security Copilot Store agents
  • AIAI governance and compliance
  • AISecure AI integration patterns

Identity & Access Management

Architected Verified ID solutions and designed decentralized identity services for enterprise clients.

  • Entra IDEntra ID, EEID and B2C implementations
  • PIMSSO and federation protocols
  • Verified IDVerified ID and decentralized identity
  • Entra SecurityMicrosoft Graph API automation
  • Private AccessPrivate Access / Conditional Access patterns
  • Internet AccessEntra Internet Access / Secure internet connectivity

ProjectsSolutions & Projects

Selected solutions, tools and agents I built or led

security

MS ZTA in a Box

Free browser-based Zero Trust Assessment tool. Validate your Microsoft 365 tenant against 150+ security controls based on NIST, CISA, CIS standards. Sign in with your Microsoft account, grant read-only Graph API permissions, and get a detailed HTML report in 5-15 minutes.

security

CA Policy Manager

Deploy and manage Conditional Access policies with ease. Import policies from CSV files or GitHub repositories and deploy multiple CA policies to Entra ID at once. Use pre-built templates for NIST, Zero-Trust, and more. View, edit, and delete policies with real-time status.

security

Entra Assessment Tool

Comprehensive Entra ID analysis with advanced security assessment. Complete user, group, identity configuration, conditional access policies, and security compliance analysis with risk assessment. Export comprehensive documentation to GitHub or SharePoint with executive summaries and technical details.

github

Certification Monitor

A PowerShell-based monitoring solution to track Microsoft Learn certification expiration dates with intelligent automation and comprehensive notification system. Works in both Windows and Mac!

github

Custom OSINT tooling

PowerShell 7+ reconnaissance framework for Azure AD/Entra ID tenants. The script automates tenant discovery, service fingerprinting, authentication flow testing, certificate transparency research, digital footprint enrichment, and report generation. Designed for defenders, red teams, and security researchers.

tools

CertHelper

A free, AI-powered study assistant that helps professionals prepare for SC-100, SC-200, SC-300, SC-401, and AZ-500 certifications. Uses 80+ official Microsoft Learn pages.

Azure

Cloudpartner Training

Subscribe to deep learning sessions on Microsoft Security topics, including Entra ID, Purview, Azure security, Defender XDR, and Security Copilot.

github

Export-posts

Powerful, flexible PowerShell tool for extracting and analyzing blog post metadata across any platform. Seamlessly aggregates posts from markdown front matter, JSON APIs, or web services. Features intelligent data decoupling, multi-source support, and extensible category mapping—built for portfolio auditing, content migration, and analytics workflows.

academy

Cloudpartner Academy

AI-powered practice platform for Microsoft Security certifications. Master exam questions with intelligent hints, real-world scenarios, personalized weak area detection, and full-length exam simulations to prepare for SC-100, SC-200, SC-300, SC-401, and AZ-500.