π Projects
Microsoft 365 OAuth Email Integration Standard
Designed a secure, vendor-agnostic Microsoft Graph email integration standard for third-party SaaS applications using Microsoft Entra ID and Exchange Online.
Implemented: June 2026
Controlling High-Risk Authentication Paths in Microsoft Entra ID
Implemented Conditional Access controls to restrict high-risk authentication flows vulnerable to phishing and unmanaged device access.
Implemented: May 2026
Containerized Web Application Deployment Pipeline
End-to-end CI/CD pipeline for deploying containerized web applications using either GitHub, AWS, or Azure DevOps tools.
Implemented: May 2026
Google Workspace to Exchange Online Migration
Planned and executed a secure mailbox migration from Google Workspace to Microsoft 365 Exchange Online using Microsoftβs native migration tooling.
Implemented: May 2026
Microsoft Teams API Integration for Automated Meeting Scheduling
Integration enabling third-party applications to programmatically create Microsoft Teams meetings.
Implemented: May 2026
Federated Socials Login via Microsoft Entra External ID (CIAM)
Cloud-based identity architecture extended to support external users through Microsoft Entra External ID.
Implemented: April 2026
SSO Integration with 3rd-Party WebApps
Entra ID-based Single Sign-On integration for Enterprise Application access.
Implemented: April 2026
Azure Web Application Custom URL Routing with Azure Functions Proxy
Designed and implemented a custom domain access solution for Azure-hosted web applications using Azure DNS, Function Apps, and reverse proxy routing.
Implemented: November 2023
AWS Single Sign-On Integration with Azure Active Directory
Implemented centralized SAML-based authentication between Azure Active Directory and AWS multi-account environments using AWS SSO and automated identity provisioning.
Implemented: June 2022
Active/Passive Disaster Recovery Architecture Across AWS Regions
Designed and implemented a multi-region Active/Passive disaster recovery strategy to improve business continuity, service resilience, and recovery readiness for critical cloud workloads.
Implemented: June 2022
Multi-Account AWS Network Architecture with Centralized VPN Connectivity
Designed and implemented a segmented AWS multi-account network architecture with centralized connectivity, secure remote access, and shared transit routing.
Implemented: June 2022
AWS CI/CD Pipeline for Containerized Application Deployment
Designed and implemented an automated CI/CD pipeline on AWS to build, package, and deploy containerized applications across cloud environments.
Implemented: June 2022
AWS Static Website Hosting and Secure Web Application Deployment Architecture
Designed and deployed a scalable AWS-hosted web application platform combining static website hosting, containerized workloads, CDN delivery, and layered security services.
Implemented: June 2022
Enterprise Wi-Fi Authentication Platform using Microsoft NPS, RADIUS, and 802.1X EAP-TLS
Implemented a certificate-based enterprise wireless authentication platform using Microsoft NPS and RADIUS to satisfy fintech security and compliance requirements.
Implemented: January 2022
AWS Transit Gateway Deployment for Multi-Account VPC Connectivity
Designed and implemented a centralized AWS Transit Gateway architecture to provide secure, scalable connectivity across multiple AWS accounts and VPC environments.
Implemented: November 2020
Centralized AWS CloudWatch Monitoring for Multi-Account Cloud Environments
Implemented a centralized monitoring and observability platform using Amazon CloudWatch to provide unified visibility across multiple AWS accounts and regions.
Implemented: August 2020
Microsoft Entra ID and AWS IAM Federation for Multi-Account Single Sign-On
Implemented federated identity and Single Sign-On (SSO) between Microsoft Entra ID and AWS IAM to provide centralized access management across a multi-account AWS environment.
Implemented: August 2020
AWS Site-to-Site VPN Integration for Secure Fintech Partner Connectivity
Designed and implemented a secure AWS Site-to-Site VPN solution to enable encrypted communication between AWS-hosted services and third-party Fintech partner networks.
Implemented: July 2020
AWS Control Tower Landing Zone Deployment for Multi-Account Fintech Operations
Designed and implemented an AWS Control Tower landing zone spanning 20 AWS accounts and 17 isolated environments to support secure, compliant, and scalable fintech operations across multiple business units and countries.
Implemented: March 2020
Enterprise Active Directory Infrastructure Deployment for Identity and Device Management
Designed and implemented a centralized Active Directory infrastructure to provide identity management, authentication, device administration, and security policy enforcement across the enterprise.
Implemented: May 2019
Enterprise LAN Topology Upgrade with Sophos Firewall Integration
Migrated a legacy 2-tier LAN architecture to a scalable 3-tier network design with centralized security enforcement using Sophos Firewall.
Implemented: May 2019
Resilient Small Business Network Infrastructure Deployment
Designed and implemented a secure dual-WAN office network infrastructure with centralized firewall management and scalable wireless connectivity.
Implemented: November 2017
Read-Only Domain Controller (RODC) Deployment for Distributed Authentication Resilience
Implemented a Read-Only Domain Controller (RODC) solution to improve authentication availability, reduce branch-site dependency on core infrastructure, and strengthen Active Directory security.
Implemented: July 2016