Available for new opportunities

Hi, I'm Tom Clark

Senior Cloud Security & Platform Engineer

I secure and operate Microsoft cloud platforms at enterprise scale — across organisations from 2,500 to 15,000+ staff. I specialise in the Microsoft E5 security stack, Zero Trust architecture, Sentinel SIEM/SOAR, and compliance frameworks including PCI-DSS and ISO 27001. I also write about what I learn here on this blog.

Microsoft E5 Microsoft Sentinel Defender for Cloud Defender for Identity Defender XDR Entra ID Zero Trust Conditional Access PIM Azure Infrastructure KQL PowerShell PCI-DSS ISO 27001 CIS Benchmarks IAM SIEM / SOAR Exchange Online Intune

// work

Featured Projects

Featured

Sentinel SIEM/SOAR Build-out

Designed and delivered Microsoft Sentinel from the ground up at a 2,500-staff organisation — connectors, custom analytics rules, automation playbooks, and logic apps. Integrated with Defender EASM and the full E5 Defender suite.

Microsoft Sentinel KQL Logic Apps Defender EASM SOAR
Featured

Azure Landing Zone Design & Compliance

Led the Microsoft Azure Landing Zone design and compliance assessment for NZ Police (15,000+ staff). Established governance, security baselines, and compliance against CIS Benchmarks — contributing to a 1.8-point score improvement.

Azure Landing Zone CIS Benchmarks GRC Compliance

// interactive

Security Posture Simulator

Compose a security architecture, run attack scenarios against it, and watch compliance alignment update live across eight frameworks. Here's a quick taster — open the full simulator to explore every mode.

// side projects

Hobby Projects

Things I build for fun, learning, or to scratch my own itch.

WhatSite

Chrome/Edge browser extension that surfaces first-party cookies, third-party cookies, and outbound connections — with IP geolocation and live threat scores — for any site you visit.

Browser Extension Privacy JavaScript

// field notes

Did You Know?

Gotchas, quirks, and undocumented behaviours I've run into in the wild.

Looking for a Cloud Security Engineer?

I'm currently open to new senior roles in cloud security and platform engineering. Let's have a conversation.