Security architect and freelance IT consultant, based in Denmark.
I work with the Microsoft identity and infrastructure stack, mostly the load-bearing, unglamorous parts. The kind of work where the goal is for nothing visible to happen.
Most engagements come from customers of all sizes, who need someone to design a migration, untangle a setup that grew sideways, or write the script that finally cleans up the thing nobody wanted to touch.
I also still work with classic on-premises Windows infrastructure. File servers, print, the things that have been running for years and still need to. A lot of consultants would rather not touch it. I don’t mind.
I write up the more reusable bits on my blog: runbooks, scripts, and the occasional opinion on how an environment got into the state it’s in.
What I work with
Identity: Active Directory and Entra ID design, hardening, tiering, consolidation and cross-forest migration. User lifecycle and Exchange Online management.
Access governance: Conditional Access, PIM, entitlement management, and cross-tenant access configuration.
Certificates: Microsoft CA, PKI, and SCEPman for device and Wi-Fi authentication.
Windows Server and on-premises infrastructure: hardening with CIS baselines, datacentre migrations, and day-to-day care of the classic file, print and server estate.
Automation: PowerShell and Microsoft Graph for the bits of identity and infrastructure work that should never have been clicked by hand in the first place.
The odd jobs
A fair share of my time goes to the jobs that don’t fit any of the boxes above. The one-off problem nobody else wants to pick up, the unicorn integration, the half-broken thing that’s been sitting on someone’s list for two years. Those tend to be the ones I enjoy most.