Azure • Infrastructure • Security • Automation
I specialize in Microsoft cloud, systems administration, security tooling, backup/recovery, and infrastructure modernization. This site is a containerized Python Flask app deployed to Azure.
About
I am an IT professional with a decade of experience across Microsoft 365, Azure, Windows Server, virtualization, backup platforms, endpoint security, and client-facing technical support. I enjoy building secure, well-documented environments and troubleshooting complex problems.
My focus is practical cloud administration: secure networking, identity, backup and recovery, infrastructure as code, and reliable operations for real business environments.
Skills
VMs, VNets, NSGs, Bastion, Storage, Key Vault, App Services, Containers, RBAC, RSV, ASR, Object Replication.
Least Privilege, Defender, Sentinel, MFA, DUO, KnowBe4, Access Reviews, Secure Design, Vulnerability Management, Firewalls, ACLs.
Windows Server, Linux, Active Directory, DNS, DHCP, VMware, Hyper-V, Veeam, Monitoring & Patching.
PowerShell, Azure CLI, ARM templates, Bicep, Docker, Intune, GPO, RMM.
Portfolio
Problem: Storage needed to be locked down without account keys or SAS tokens.
Solution: Configured Private Endpoint, Private DNS, Managed Identity, and Azure RBAC.
Result: Blob access worked privately through Entra authentication with public access disabled.
Problem: Administrators needed secure VM access without exposing public IPs.
Solution: Built hub-spoke VNets, Bastion, NSGs, and route controls.
Result: VMs were reachable through Bastion only, with no direct RDP exposure.
Problem: Application secrets needed to be removed from configuration files.
Solution: Enabled system-assigned identity and assigned Key Vault Secrets User permissions.
Result: Application identity retrieved secrets securely without stored credentials.
Problem: A critical VM needed restore testing and file-level recovery validation.
Solution: Configured Recovery Services Vault, backup policy, recovery points, and restore testing.
Result: Validated file-level and full VM recovery scenarios.
Problem: Needed a portable showcase website for employers.
Solution: Built a Flask website, containerized it with Docker, and deployed it to Azure.
Result: Created a repeatable cloud-hosted portfolio deployment.
Problem: Client wanted to utilize a hybrid environment by having a secondary domain controller in Azure
Solution: Created Azure VPN GW, configured a S2S tunnel between Azure and client's Watchguard firewall. Spun up new Windows Server VM in Azure and configured secondary DC on domain.
Result: Created intersite connectivity between Azure and on premise network for redundancy.
Problem: Infrastructure needed to be deployed consistently across environments.
Solution: Built reusable templates with parameters, variables, outputs, and dependencies.
Result: Improved repeatability and reduced manual deployment effort.
Learning
Contact