Microsoft Security
Defender XDR, MDE, MDO, MDI, MDCA, Defender for Cloud, Defender for Servers, Sentinel, Security Copilot, SIEM/SOAR, incident response, and vulnerability management.
Microsoft Security Architect & Engineering Lead
Security architecture for enterprise Microsoft environments.
I design and lead Microsoft security, identity, endpoint, compliance, and cloud programs across Defender XDR, Entra ID, Sentinel, Purview, Intune, Zero Trust, AI-driven SecOps, and MDR.
Evidence
Enterprise-scale delivery, not theory.
18years in Microsoft cloud, identity, security, and operations
150+Microsoft 365 and Azure projects delivered
197Kmailboxes migrated in a global cross-forest Exchange program
15K+devices deployed through Intune and Autopilot programs
200K+identity environments supported across enterprise programs
EUR 3M+won presales engagements across RFPs, SOWs, and workshops
750+professionals trained, mentored, or coached toward certification
Architecture Strengths
A Microsoft security practice built across identity, data, endpoint, and operations.
The work is architecture-first, but grounded in implementation: designs that can survive delivery, managed operations, audit pressure, and executive scrutiny.
Identity & Zero Trust
Entra ID, Active Directory, Conditional Access, PIM/PAM, MFA, passwordless, SSPR, hybrid identity, AAD Connect, ADFS, app governance, and admin-tiering.
Compliance & Data
Microsoft Purview DLP, sensitivity labels, retention, records, eDiscovery, audit readiness, SCuBA, Maester, DMARC, DKIM, SPF, and data lifecycle governance.
Endpoint & UEM
Intune, Autopilot, Win32/MSIX packaging, GPO-to-MDM modernization, macOS management, Windows servicing, Azure Arc, AMA/DCR, ASR, and endpoint hardening.
AI SecOps & MDR
AI-driven security operations, MDR operating models, Microsoft Security Copilot, SOC AI agents, open-source agent frameworks, and build-vs-buy roadmap definition.
Selected Proof
Anonymized security architecture case studies.
Representative work is summarized without exposing sensitive customer names or delivery details.
Defender E5 engineering at national scale
Engineering ownership for a Microsoft Defender E5 rollout across 12,400 users, 16,000 devices, 1,600 servers, and 10 data centres.
- MDO P2, Entra ID P2, MDE P2, MDI, Defender for Servers, and MDCA
- Delivery governance, documentation standards, and managed-service transition
197,000-mailbox Exchange modernization
Architected a cross-forest Hybrid Exchange Online migration with identity and endpoint modernization workstreams.
- Multi-forest AAD Connect across 12 forests
- Azure AD Hybrid, ADFS SSO, Windows Autopilot, and identity security controls
15,000+ device Intune and Autopilot delivery
Standardized provisioning and endpoint management across multiple enterprise programs.
- GPO-to-MDM modernization, Win32/MSIX packaging, macOS via Intune
- Windows servicing, endpoint hardening, and lifecycle governance
AI-driven SecOps and MDR practice build-out
Defined early practice direction for AI-assisted SOC operations and managed detection and response offerings.
- Evaluation of SOC AI agent platforms and Microsoft Security Copilot patterns
- Build-vs-buy roadmap and customer-facing offering definition
Experience
Selected roles aligned to Microsoft Security Architect positions.
Apr 2026 - Present
Engineering Lead, Cyber Technology | vCyberiz
Owns Microsoft security engineering delivery for enterprise and government clients across APAC, spanning Defender XDR, Entra ID, Sentinel, Purview, Intune, Azure, and Microsoft 365.
Feb 2026 - Mar 2026
Senior Solution Architect, Microsoft Security | vCyberiz
Architected a large Defender E5 engagement, designed the parallel-execution program plan across six Defender modules, and was promoted within two months.
May 2025 - Nov 2025
Microsoft Specialist / Senior Administrator | Unzer GmbH
Secured Microsoft cloud and identity operations for a regulated fintech across Azure, Microsoft 365, Entra ID, Intune, Defender, Purview, Exchange Hybrid, and Veeam.
May 2024 - May 2025
Enterprise Platform Specialist | medmix AG
Managed hybrid Microsoft infrastructure, Copilot rollout, automation, Azure Virtual Desktop, Purview governance, DLP, retention, and endpoint security.
Oct 2022 - Apr 2024
Microsoft Cloud Architect | HWS Gruppe
Led Microsoft 365 migrations, AD consolidation, Azure workload migrations, M&A tenant consolidation, Zero Trust design, Intune/Autopilot deployment, and presales solutioning.
2008 - 2022
Earlier Microsoft Architecture, Consulting, and Support Leadership Roles
Delivered M365/Azure consulting, global Exchange migrations, identity modernization, Office 365 architecture, migration leadership, and enterprise support across multiple geographies.
Credentials
Certifications and education.
Certifications
Education
- UCLA Anderson School of ManagementPost Graduate Program in Global Leadership and Management
- Great Lakes Institute of ManagementPost Graduate Program in Cloud Computing
- Success Institute of Management and TechnologyBachelor of Business Administration, Finance
Contact
Available for senior Microsoft security architecture conversations.
Best fit: Microsoft Security Architect, Principal Architect, Cybersecurity Architect, Engineering Lead, or security leadership roles across APAC, EMEA, or remote teams.