Senior Microsoft Cloud Engineer & Architect
Microsoft cloud engineer with 20+ years building and operating M365, Azure, and Entra ID environments. I work at the platform level: identity, endpoint, messaging, and the security controls that tie them together.
At scale: sole senior engineer for 25 Microsoft tenants at National Business Technologies. Hands-on Entra ID Connect hybrid identity, Conditional Access design, Intune device compliance, and Defender stack work across internal and customer tenants. Built an Azure environment from the ground up at a 2,000-user manufacturer (cb20 engagement at Latham Pool Products): AVD, Data Lake, Data Factory, Databricks, hub-and-spoke networking, and ExpressRoute. 25 on-premises VMs consolidated to 3, with approximately $79,000 annual hosting cost reduction. Earlier: managed a 22-person team across identity, desktop, and messaging operations at MetLife, a 64,000-user financial services environment.
Looking for Senior Engineer, M365 Engineer, Cloud Engineer, Identity Engineer, Endpoint Engineer, or Director of IT roles centered on Microsoft cloud. Open to remote, hybrid, or on-site in the Capital Region of New York. Microsoft platforms only.
A production agent system built on Anthropic's Claude Agent SDK. 16 specialist skills, scheduled jobs, Microsoft Graph wiring, and an interactive system-flow walkthrough. Full case study and the animated flow live on the Projects page.
See the project →As Principal Microsoft Cloud Architect at National Business Technologies, I owned the Microsoft platform architecture across approximately 25 MSP client tenants with no technical oversight above me. Covered M365, Azure, Entra ID, Intune, Defender, and Purview across environments ranging from small business to mid-market. Every architectural decision, from identity design and security baseline to governance structure and licensing optimization, originated at my desk.
See how I structure this work →At Latham Pool Products (via cb20 Technology Solutions), I replaced Mimecast entirely with native Microsoft 365 E5 capabilities, specifically Defender for Office 365, Exchange Online Protection, and Purview information protection. The result was equivalent or better protection with the third-party licensing cost eliminated. This is the core of what E5 enablement work looks like in practice: activating capabilities organizations are already paying for.
See the full E5 capability map →Designed and implemented Entra ID identity architectures across multiple organizations, including hybrid identity with Entra Connect Sync, Conditional Access policy frameworks aligned to Zero Trust, and Privileged Identity Management to eliminate standing Global Administrator accounts. Identity architecture is the foundation every other security and governance capability depends on.
Read the identity principle →At Latham Pool Products, I worked directly with the Legal Department to design and implement eDiscovery and legal hold workflows through Microsoft Purview. This included configuring custodian management, content search scoping, hold policies, and export workflows that met legal requirements without relying on third-party tools. The result was a defensible, auditable process the Legal team could operate themselves.
See the Compliance & Data section →A set of reference documents covering architectural process, operating principles, Microsoft licensing, and the role of AI in modern cloud environments.
A structured five-phase approach to delivering Microsoft 365, Azure, and cloud platform solutions, spanning first assessment through long-term governance.
Seven principles that guide how I design, assess, and operate modern Microsoft cloud environments.
A capability-by-capability map of AI tools most organizations are already licensed for but haven't fully activated.
A practical decision framework for E3 vs E5, Business Premium, and where targeted add-ons beat full tier upgrades.
What managing 25 tenants simultaneously teaches you about consistency, failure patterns, and the human side of security governance.
25+ years of Microsoft infrastructure experience, from 64,000-user enterprise scale to MSP multi-tenant architecture.