Microsoft Cloud Architect Building Secure Azure Environments

PROFESSIONAL SUMMARY

Senior Implementation Engineer and Modern Workplace Architect with 9+ years of progressive experience delivering enterprise-grade cloud, identity, endpoint, and infrastructure solutions across environments ranging from small businesses to 1,000+ user organizations. Known for building the frameworks, automation platforms, and security baselines that save thousands of engineering hours and drive consistency across managed client estates. A trusted technical authority, pre-sales partner, and mentor who sets the standard in documentation, delivery, and technical leadership. Recognized as Field Network Engineer of the Year (2023) for outstanding technical performance, leadership, and client delivery excellence.

PROFESSIONAL EXPERIENCE

MSP (2022-Present)
Implementation Engineer

• Serve as Principal SME for Modern Workplace and enterprise networking across a managed client portfolio spanning SMB to
• 1,000+ user enterprises, owning Intune MDM/MAM, Conditional Access, device compliance, identity governance, and large-scale firewall, switching, and wireless architectures.
• Architected the company’s enterprise Modern Workplace and endpoint-management client offerings – including governance models, deployment frameworks, CIS Benchmark-aligned security baselines, and automation standards – saving thousands of engineer hours through repeatable, templated delivery.
• Built PowerShell and RMM-based automation libraries for application deployment, policy enforcement, tenant hygiene, and operational consistency, eliminating redundant manual work across the entire managed client environment.
• Designed and delivered Azure Virtual Desktop (AVD) solutions including host pool architecture, image strategy, FSLogix configuration, identity integration, monitoring standards, and cost governance; authored comprehensive AVD and Windows 365
• Cloud PC implementation SOPs adopted org-wide.
• Deployed Microsoft Defender suite (Endpoint, Office, Identity, Cloud Apps) with alerting, enforcement baselines, and response workflows, strengthening security posture across clients of all sizes.
• Led enterprise Microsoft 365 SSO and automated provisioning implementations using SAML, OIDC, and SCIM; managed Entra ID application registrations, admin-consent workflows, and permission governance for complex multi-tenant environments.
• Engineered Azure infrastructure including IaaS server deployments, VNet/VPN/NSG topologies for zero-trust architectures, Azure
• Files with identity-aware access, and Azure Policy/Blueprint alignment.
• Directed technical strategy during Business Transformation Assessments (BTA) – performing discovery, telemetry analysis, and risk evaluation – and delivered executive-level modernization roadmaps for client leadership.
• Partnered with pre-sales teams to validate solutions, define scopes of work, and support technical strategy discussions; served as senior escalation point across cloud, identity, virtualization, networking, and endpoint domains.
• Delivered comprehensive documentation with validated client sign-offs and actively mentored engineers to raise technical delivery standards across the organization.

Lead Field Network Engineer April 2022 – April 2024

• Managed and mentored a team of 8 engineers, overseeing daily operations, technical development, workload distribution, and delivery quality across a growing MSP client portfolio.
• Led end-to-end technical execution of Business Transformation Assessments including RMM deployment, asset discovery, onsite evaluations, and stakeholder interviews across SMB and mid-market client environments.
• Translated discovery into best-practice modernization roadmaps spanning cloud, server, network, and identity infrastructure; regularly presented recommendations to client leadership and ownership.
• Deployed and maintained full infrastructure stacks across Windows Server, AD/GPO, Exchange, SharePoint, VMware, Hyper-V,
• Azure, Microsoft 365, firewalls, layer-3 switching, wireless, and storage platforms.
• Configured RMM platforms for monitoring, alerting, patch automation, A/V enforcement, backup verification, and documentation hygiene across a large multi-tenant environment.
• Coordinated with internal support teams, vendors, and LOB application providers to resolve escalations and ensure successful, on- time delivery.
• Led cybersecurity incident remediation across client environments – responding to ransomware, CVE exposures, brute force, and social engineering attacks through data decryption, environment sanitization, domain migrations, and full rebuilds that restored operations ahead of schedule.

Another MSP (2020-2021)
MSP Engineer III

• Architected and delivered customer projects using structured PM and quoting workflows; implemented NinjaRMM and Hexnode
• MDM with automation policies for patching, deployment, and configuration enforcement.
• Engineered diverse network infrastructures including SonicWall, Untangle, UniFi, HP/Dell switching, Replibit backup appliances, and hybrid environments; administered SentinelOne, IDS/IPS, and security monitoring with documented remediation workflows.
• Managed Microsoft 365 and Azure AD services including AD migrations, SharePoint/OneDrive deployments, Teams integrations, and cloud governance.

Consulting Company (2019-2020)
Project Manager / Systems Engineer II

• Managed customer projects end-to-end in Datto Autotask; executed Exchange-to-Microsoft 365 migrations (including hybrid),
• MFA rollouts, identity structures, and tenant governance across multi-site environments.
• Implemented ESET endpoint security, Barracuda/IronScales email protections, phishing simulations, and Dark Web ID monitoring; configured WatchGuard, SonicWall, UniFi/Aruba, HP/Dell switching, SAN/NAS, and multi-site routing environments.

MSP (2018-2019)
IT / Managed Services Engineer

• Delivered onsite and remote support across diverse SMB environments; configured routers, switches, firewalls, wireless, Windows
• Server/AD, and GPO structures alongside Veeam backups, Hyper-V virtualization, VLAN segmentation, VPN, and Microsoft 365

Data Center (2017-2018)
Project Lead

• Led nationwide wireless and network modernization projects across retail and distribution center environments, coordinating corporate leadership, franchise owners, and onsite engineering teams.
• Performed data center operations including rack/stack, structured cabling, power/cooling monitoring, and DCIM updates (Nlyte); delivered rapid incident response to minimize downtime.

Communications Company (2015-2017)
Foreman / Fiber Optic Network Installation Technician

• Supervised and directed teams of up to 10 technicians across multiple simultaneous cabling and network installation projects; accountable for crew performance, safety compliance, materials management, and on-time project delivery.
• Installed, terminated, and tested fiber-optic and structured cabling systems for voice and data networks; identified and resolved faults to maintain performance standards across all sites.

CORE COMPETENCIES

• Cloud & Identity: Microsoft Azure (IaaS, AVD, Azure Files, VNet/VPN/NSG), Entra ID, Intune MDM/MAM, Windows 365 Cloud PC,
• Conditional Access, B2B/External Identities, SAML, OIDC, SCIM
• Security: Microsoft Defender Suite (Endpoint, Office, Identity, Cloud Apps), CIS Benchmark Baselines, SentinelOne, IDS/IPS, Zero-Trust
• Architecture, Compliance & Governance Frameworks
• Networking: Cisco, Meraki, Fortinet, SonicWall, WatchGuard, Sophos, Layer-3 Switching, Wireless Architecture, VPN, VLAN
• Segmentation, Multi-Site Routing, TCP/IP, DNS, DHCP
• Automation & Scripting: PowerShell, RMM Platforms, SOP Development, Templated Deployment Frameworks, Governance & Standards Authoring
• Platforms & Tools: Nerdio, CIPP, Liongard, VMware, Hyper-V, Datto BCDR, Veeam, Exchange Online, SharePoint, Microsoft 365,
• NinjaRMM, N-able/N-central, Datto Autotask, Windows Server 2008-2025

CERTIFICATIONS

• Sophos Certified Engineer – March 2022 to Present
• Liongard Certified Administrator