Secure Systems, Not Just Features
I design with guardrails first — least privilege, validation, strong defaults, real-world abuse resistance.
About Me
I am a security-first engineer focused on identity and endpoint operations across Entra ID, Intune, Windows 365, and Azure ops. I prefer practical systems that are stable, observable, and secure by default.
I also build product tooling, including Lens, a privacy-first phishing copilot. I care about local-first decisioning, disciplined telemetry, and UX that explains why a security action happened.
Skills & Tools
Core technologies and practices I use across identity, endpoint operations, and product engineering.
Security & IAM
- Microsoft Entra IDCore
- Conditional AccessCore
- Identity & Access ManagementCore
- Zero Trust PatternsWorking
- Security ReviewsWorking
- Threat ModelingWorking
Cloud & Endpoint Engineering
- Microsoft IntuneCore
- Windows 365Core
- Endpoint Compliance & BaselinesCore
- Autopilot / ProvisioningWorking
- Azure OperationsWorking
- MDM TroubleshootingCore
Automation & Scripting
- PowerShell AutomationWorking
- Microsoft GraphWorking
- Scripting for Admin OpsWorking
- Documentation & SOPsCore
Product Engineering (Builder Track)
- Browser Extension EngineeringCore
- Next.jsWorking
- REST API DesignWorking
- TypeScriptFamiliar
- Node.jsFamiliar
- Secure UI PatternsWorking
What I Build
Endpoint & Identity Control
Intune, Entra ID, Windows 365. From enrollment to policy enforcement to recovery.
Privacy-First Security Tools
Local learning. Transparent logic. No silent data leaks. Security that respects the user.