Network Security Architect
I design and harden networks where firewall rules, IDS/IPS tuning, VLAN segmentation, remote access and documentation have to survive support handover, audits and supplier change.
Background
Designed and executed a 1 Gb to 10 Gb network upgrade in collaboration with Cisco engineers, sequencing the rollout to avoid service interruption and re-validating segmentation, firewall rules and high-availability paths after each phase.
Configured access points, wireless networks and remote-access pathways with strong identity binding to Entra ID and Conditional Access, reducing the dependency on static credentials.
Areas of capability
- Network architecture and design across 1 Gb–10 Gb infrastructure.
- Firewall, access point and remote-access configuration.
- Intrusion detection and prevention system tuning.
- VLAN segmentation, routing and switching protocol selection.
- VPN and remote-access design with strong identity binding.
- Penetration testing and network vulnerability assessment.
How this shapes the consultancy work
On the Microsoft 365 side, the same architecture discipline shapes Conditional Access, device trust and the boundary between the cloud control plane and the on-prem network. The point is not a neat diagram; it is a control model that survives audit and supplier change.