Cloud Services Specialist

University of Essex

2025-05 — Present

United Kingdom

Terraform ARM Templates PowerShell CI/CD pipelines GitHub Actions, Entra ID Conditional Access Entra ID Windows AD Microsoft 365 AWS IAM VNet/VPC Firewalls VPNs LAN/WAN AWS EC2 Azure VMs Azure Virtual Desktop

Responsibilities

  • Designed a secure Azure IaaS and PaaS environments aligned to architecture, operational, and compliance requirements.
  • Built Terraform and ARM-based deployments to standardise infrastructure builds, reduce drift, and improve repeatability.
  • Integrated automated deployment workflows using GitHub Actions, AWS CodePipeline, and other CI/CD tools.
  • Strengthened identity posture through Entra ID, MFA, Conditional Access, and role-based access models.
  • Improved monitoring, audit logging, and operational visibility across Azure and Microsoft 365 services.
  • Partnered with engineering, service, and security teams to modernise Cloud environments and embed best practice controls.
  • Supported governance frameworks, documentation, and operational handover for production services.
  • Led security solution design for Azure and Microsoft 365 initiatives covering identity, networking, and governance controls.
  • Produced architecture artifact including high-level designs, implementation patterns, standards, and operational documentation.
  • Guided stakeholders on solution risks, control requirements, and remediation options.
  • Improved monitoring, audit logging, and operational visibility across cloud services.
  • Automated administrative workflows using PowerShell and Microsoft Graph and other IaC tools.
  • Monitored and managed Azure resources and services to ensure optimal performance, security, and cost efficiency, contributing to overall business success.

Achievements

  • Architected and deployed Azure IaaS services, including VNet/VPC, NSGs, VPN connectivity, Azure Virtual Machines, supporting secure hybrid connectivity and scalable workloads.
  • Automated infrastructure provisioning using Terraform, reducing manual configuration effort and improving deployment consistency across environments.
  • Designed and implemented CI/CD workflows to support infrastructure and configuration deployments, improving release velocity and operational resilience.
  • Rolled out organisation-wide phishing simulation initiatives, contributing to improved security posture and risk awareness across large user population - more than 2,500 staff and more than 20,000 students.
  • Configured monitoring, logging, and compliance controls across Microsoft 365 and Azure environments to align with enterprise governance and security standards.
  • Introduced and implemented Passwordless authentication with FIDO2 keys and Passkeys.
  • Achieved multiple successful SAML & OIDC SSO implementations with 3rd-party WebApps to achieve centralized identity management and simplify credential management for users.
  • Introduced and implemented Entra ID Self-Service Password Reset (SSPR) feature thereby freeing time spent by Helpdesk team in resolving password related issues.
  • Implemented a SAML transformation fix to resolve 3rd-Party WebApp authentication issues caused by single-name users and a policy requiring both First and Last names.
  • Implemented a phishing-resistant MFA policy to strengthen the security posture of high-privilege accounts against password replay attacks.
  • Configured Exchange Online connector for email routing from OnPrem Exchange to Exchange Online to enable smooth delivery of DirectSend emails.
© 2026 AK Techno Services Ltd.
Developed by AK Udofeh using Astrofy