IT infrastructure, security & operations.
Scroll downI design, deploy, and secure the infrastructure that keeps organisations running. From modernising legacy networks with Ubiquiti VLAN segmentation to rolling out Microsoft Entra ID and Intune across a mobile workforce — I build systems that are reliable, auditable, and easy for teams to live in.
I also bridge the gap between IT and operations: managing AppFolio workflows, automating reporting, and building an LLM-powered internal knowledge base that reduced dependency on institutional knowledge. Based in Philadelphia, PA. Open to IT management, sysadmin, and operations roles.
Ubiquiti UniFi stack, VLAN segmentation, TrueNAS Scale, Synology Active Backup, VirtualBox, VoIP.ms PBX.
Microsoft Entra ID, Microsoft Intune, SharePoint, Bitwarden Enterprise. IAM aligned to NIST guidelines.
UniFi Protect & Access deployed across multi-facility environments, replacing legacy key-based systems with auditable access control.
AppFolio full platform suite, Follow Up Boss, Paychex Flex, Proton Business Suite, Notion, draw.io, Gamma Slides.
Zapier, PostHog, Sentry, SEMrush, Cookiebot, hunter.io, Resend, Azure AI Search and AI governance frameworks.
GitHub, Visual Studio Code, Docker, Google Business. Comfortable building and maintaining internal tools and automated workflows.
Deployed Microsoft Entra ID and Intune across the organisation via staged rollout, implementing NIST-aligned IAM policies that eliminated credential-related support tickets by 90%+ and integrated Bitwarden as the centralised password manager.
Redesigned the company network using the Ubiquiti stack with VLAN segmentation to isolate traffic and reduce support tickets. Deployed UniFi Protect and Access across all facilities, replacing legacy key-based entry with auditable, cloud-managed access control.
Built a centralised knowledge base using Azure AI Search with Entra group-based security trimming, enabling policy retrieval through natural language while enforcing role-based access. Deployed a company-approved LLM platform with governance policies that eliminated shadow AI usage org-wide.
Running TrueNAS Scale for networked storage and VM hosting, with Docker-composed services for self-hosted applications. Experimenting with local LLM RAG pipelines — ingesting documents into a vector store and querying them via a locally-run model — which directly informed the Azure AI Search knowledge base deployed at work.
Migrated a paper-based lease portfolio to AppFolio PMS, enabling online payments, work orders, and reporting. Simultaneously replaced an analogue phone and fax system with a cloud-managed VoIP PBX and eFax solution, and implemented M365 backup aligned to the 3-2-1 standard.
Map what exists: hardware, software, access controls, workflows. No assumptions. Everything documented before anything changes.
Design around minimising disruption. Staged rollouts, rollback paths, and clear communication with stakeholders before changes go live.
Execution with documentation in lockstep: SOPs, runbooks, and policies written as infrastructure is built, not after.
Systems need ongoing care. Monitoring, incident response planning, user training, and regular review keep environments secure and efficient.
Open to systems administration, IT management, and operations roles. If your organisation needs someone who can own the full infrastructure stack, from networking and security to tooling and documentation, let's talk.