Lead Infrastructure & Cyber Security Engineer

Nova Blue Technologies • Remote, England, United Kingdom

February 2025 - Present

Projects: IaC-Style Shared Mailbox Permissions Management • Microsoft 365 Security Configuration Automation Platfrom
Certificates: Microsoft Certified: Azure Fundamentals

Lead Infrastructure & Cyber Security Engineer

Lead Infrastructure & Cyber Security Engineer responsible for technical consultancy, solution architecture, and security engineering across diverse client environments. I work directly with customers in sectors including technology and transport, human intelligence and finance, designing and implementing secure, scalable systems. I drive innovation within Nova Blue Technologies to strengthen our managed security service delivery and operational maturity.

Key Achievements/Projects:

• Designed and deployed a fully automated M365 security configuration management platform, enabling consistent, baseline-driven deployment of 200+ security configurations per tenant within hours instead of weeks. Fully developed in-house to eliminate third-party risk, the solution makes customer change approval the only limiting factor to deployment speed. Beyond initial deployment, the platform performs continuous baseline compliance checking with drift detection and proactive alerting, ensuring tenants don’t just get secured once, but stay secured.
• Architected and implemented an automated import/export system enabling secure, seamless data transfer between low and high-security domains. The solution eliminated the need for a dedicated manual process (previously budgeted at ~£21,000 per year) and reduced ongoing operational costs to ~£3,000 annually, delivering a more efficient, compliant, and cost-effective capability.
• Designed and implemented a declarative, IaC-style permissions management system for customer shared mailboxes, built on a PowerShell automation backend and delivered via GitHub Actions into Exchange Online. Replaced a manual, knowledge-dependent process where engineers had to recall role-specific permissions individually, reducing permissions management from hours to minutes. On first execution the system automatically detected and remediated incorrectly assigned permissions, immediately improving the customer’s security posture and eliminating the risk of human error in ongoing role-based access changes.
• Led detection engineering initiatives that delivered unified visibility and threat detection capabilities across customer: cloud services, SASE solution, on-prem network security platforms (inc. Palo Alto, Sophos, Thor APT), Linux and Windows servers, virtualisation environments (Proxmox, VMware), OT infrastructure and end-user workstations. Enhanced detection of insider data exfiltration and identity compromise risks, addressing key business threats in a highly sensitive environment.
• Overhauled daily analyst workflows by developing data visualisation dashboards within the SIEM, consolidating customer environment security data into a single-pane view. Standardised proactive daily security oversight across the MSSP and reduced analyst time to complete all customer checks from four hours to one.
• Developed automated KPI collection systems to track customer security posture improvements over time, eliminating manual reporting effort. Enabled expansion of tracked metrics while ensuring consistent, error-free data collection and accurate trend analysis with no missed or mistyped inputs.
• Actively contributed to internal process improvement and scalability, developing fully documented workflows with visual flow diagrams to support workforce expansion and business efficiency improvements. Streamlined operations by identifying and removing process choke points, enabling consistent, high-quality MSSP service delivery at scale.