// projects

Projects & Deliverables

Real-world security and platform engineering work from enterprise environments — from NZ Police (15,000+ staff) to UK local government. Identifying details have been generalised where required.

Featured

⭐ Featured

Sentinel SIEM/SOAR Build-out

Designed and delivered Microsoft Sentinel from the ground up at a 2,500-staff local authority — data connectors, custom KQL analytics rules, automation playbooks, and logic apps for incident response. Integrated Defender EASM and tuned alert fidelity to reduce noise and improve analyst response times.

Microsoft Sentinel KQL Logic Apps Defender EASM SOAR Automation

⭐ Featured

Azure Landing Zone – Design & Compliance

Led the Microsoft Azure Landing Zone design and compliance assessment for NZ Police (15,000+ staff, 30,000+ devices). Established governance baselines, security policies, and compliance benchmarks. CIS Benchmarks score grew 1.8 points across the tenure.

Azure Landing Zone CIS Benchmarks Governance Compliance GRC

Other Work

Microsoft E5 Defender Suite Implementation

End-to-end implementation and operational management of the full Microsoft E5 Defender suite including Defender for Identity (sensor setup & Sentinel integration), Defender for Cloud (CSPM, Servers, Storage), and Defender XDR (Cloud Apps, Endpoint, Office). Delivered across two major organisations.

Defender for Identity Defender for Cloud Defender XDR CSPM E5

M365 Programme Delivery – NZ Police

Security lead for the full M365 programme at NZ Police, delivered within one year. Covered Exchange Online migration (from on-premise hybrid), BYOD security, IAM, SIEM/SOAR integration, and government Certification & Assurance (C&A) requirements.

M365 Exchange Online IAM BYOD Migration GRC

Entra Conditional Access Rework

Analysed, redesigned, and implemented a hardened Conditional Access policy set for a hybrid Zero Trust environment. Covered privileged identity controls, MFA enforcement, device compliance gates, and location-based policies — with report-only phasing to prevent service disruption.

Entra ID Conditional Access PIM Zero Trust MFA Identity

PCI-DSS Compliance – NZ Police

Security specialist responsible for PCI-DSS compliance across NZ Police e-commerce and card-present environments. Worked with a QSA (Qualified Security Auditor) through assessment and audit, implementing technical controls and producing evidence documentation.

PCI-DSS Compliance Audit Security Controls Risk Management

Exchange Modernisation (SMTP to OAuth)

Planned and executed the upgrade of Exchange Server 2016/2019 environments and modernised email authentication from legacy SMTP to OAuth. Included EOP configuration, DMARC and DNS hardening, and integration with Defender for Office.

Exchange OAuth DMARC EOP Email Security

Incident Response Plan & Security SOPs

Co-authored a comprehensive Incident Response Plan, operational SOPs, and contributed to the Risk Register for a public sector organisation. Designed and implemented secure E-Discovery processes and managed live E-Discovery cases.

Incident Response SOP Risk Register E-Discovery GRC

Want to talk through any of this work in more detail?

Get in Touch →