Copilot SME / M365 & Entra ID Consultant

• Leading Microsoft 365 Copilot adoption and AI enablement initiatives across an enterprise environment of approximately 20,000 users.
• Providing strategic guidance and architecture on Entra ID identity governance, including Conditional Access policy design, Entra ID Governance configuration, and access review processes for regulated financial services environments.
• Implementing and advising on Privileged Identity Management (PIM) to enforce just-in-time access, least-privilege principles, and audit-ready access controls across M365 and Azure workloads.
• Designing identity lifecycle workflows (Joiner/Mover/Leaver) aligned to HR systems via SCIM provisioning and Entra ID automated provisioning, reducing manual identity administration overhead.
• Managing and resolving complex 3rd line M365 and Intune escalations daily — spanning Exchange Online, Teams, SharePoint, Entra ID, Conditional Access, device compliance, and Autopilot issues.
• Designing governance, adoption, and evergreen strategies for Microsoft 365 Copilot, including sensitivity label alignment and compliance readiness for AI tooling.
• Acting as trusted advisor and escalation authority to Technology Leadership on identity, EUX, and modern workplace architecture.

Senior Intune Architect / Entra ID SME

• Designed and delivered enterprise-scale Intune endpoint management architecture supporting 30,000+ devices, leading the strategic migration away from legacy SCCM.
• Architected the Entra ID identity and access management framework for the endpoint estate: Conditional Access policies, device compliance enforcement, Entra ID-joined device design, and hybrid join strategy for legacy workloads.
• Implemented Privileged Identity Management (PIM) and Entra ID Governance controls, enforcing role-based access, time-limited admin rights, and access reviews across IT and security teams.
• Designed and deployed SSPR (Self-Service Password Reset), MFA, and Windows Hello for Business (WHfB) as part of a passwordless authentication initiative, reducing helpdesk credential tickets.
• Defined identity lifecycle management processes integrated with HR provisioning, ensuring automated Joiner/Mover/Leaver workflows through Entra ID and SCIM-compatible connectors.
• Led Windows 11 transformation programme end-to-end: architecture, Autopilot provisioning, Entra ID join policies, compliance baselines, and phased rollout across all business units.
• Implemented Zero Trust security model: Defender for Endpoint integration, Conditional Access with device compliance gates, and Cyber Essentials+ alignment.
• Automated device provisioning, compliance remediation, and identity reporting via PowerShell and Microsoft Graph API.
• Operated as 3rd/4th line SME and final escalation point for complex endpoint, identity, and Entra ID incidents.

Modern Workplace Architect

• Delivered enterprise endpoint architecture and modern workplace solutions for government and large enterprise customers.
• Designed Entra ID and Azure AD configurations for client environments, including Conditional Access framework design, B2B guest identity controls, and cross-tenant collaboration policies.
• Implemented identity governance controls including access packages, entitlement management, and automated access reviews for clients in regulated sectors.
• Led Workspace ONE to Microsoft Intune migrations including Entra ID join strategy, policy translation, and identity-aligned compliance framework design.
• Designed multi-platform endpoint management across Windows, macOS, iOS (Apple DEP), and Android Enterprise (Samsung Knox / Google Play Managed).
• Worked with Microsoft Purview, Defender for Endpoint, and endpoint security baselines to improve customer security and governance posture.
• Produced HLDs, LLDs, and architecture documentation applying enterprise EUX and identity best practices.

Previous consultancy and engineering roles spanning NHS, Johnson Matthey, Office for National Statistics, Ministry of Housing, Cabinet Office, Taylor Wessing, Tradeweb, Thomson Reuters, and Unilever. Scope included enterprise Windows 10 migrations (up to 120,000 devices), Intune/SCCM architecture, Autopilot deployments, Active Directory / Azure AD management, and EUC transformation programmes across government and regulated industries. Full details available on request.