This site uses Microsoft Clarity for anonymous analytics. Cookie Policy
Intune · Defender XDR · ISO/IEC 27001:2022
I design secure Microsoft 365 environments. My work covers Identity & Access Management, endpoint governance, and ISO-aligned security architecture. The goal is simple: reduce risk and keep compliance sustainable.
Certifications
Across Microsoft, Cisco, Fortinet, Google, Cyber Risk GmbH & more
Years in IT & Security
From Support Engineer to Security Architect
Key Projects Delivered
Network design, GRC transformation, CPS & more
Companies & Clients
Full-time, contract, and freelance engagements
ABOUT ME
I'm an Information Security Architect. My focus is Microsoft 365 security. I work on Identity & Access Management, endpoint governance, and secure cloud design. As a Certified Access Management Specialist (CAMS®), my main tools are Intune, Defender XDR, and Entra ID.
I have hands-on experience with ISO 27001:2022 and hold the NIS 2 Directive Trained Professional (NIS2DTP™) credential. My work includes risk management, internal audits, regulatory compliance, and NIS2 readiness assessments. I build security baselines that help teams meet real business goals.
I started in technical support and systems administration. Over time, I moved into security analysis and architecture. Each step gave me a clearer picture of how organisations get attacked — and how to defend them properly.
I align security with business goals. Risk is managed, not avoided.
I work across teams to embed security best practices organisation-wide.
I stay current with emerging threats and adapt security strategies accordingly.
Better security means less risk, less downtime, and more confidence in your systems.
PROFESSIONAL EXPERIENCE
Showing security-related positions only. For the complete work history, visit my LinkedIn profile.
Fiverr and Upwork Freelancers (Buyers and Sellers)
Remote
Fiverr and Upwork Freelancers (Buyers and Sellers)
Remote
Microsoft Community
Remote
Microsoft Community
Remote
Simtec Software & Services
Thessaloniki, Greece · Hybrid
Simtec Software & Services
Thessaloniki, Greece · Hybrid
CBS LAN A.E. / Lancom Ltd
Thessaloniki, Greece · On-site
CBS LAN A.E. / Lancom Ltd
Thessaloniki, Greece · On-site
Regency Casino Thessaloniki
Thessaloniki, Greece · On-site
Regency Casino Thessaloniki
Thessaloniki, Greece · On-site
SingularLogic
Thessaloniki, Greece · Hybrid
SingularLogic
Thessaloniki, Greece · Hybrid
Professional Development
Thessaloniki, Greece
Professional Development
Thessaloniki, Greece
Synapsecom Telecoms S.A.
Thessaloniki, Greece · On-site
Synapsecom Telecoms S.A.
Thessaloniki, Greece · On-site
Specialisation
Four years of hands-on experience across the Microsoft security ecosystem. From architecture design to compliance management.
Identity is the new perimeter. I start every engagement by mapping who has access to what — and why.
Using Microsoft Entra ID, I set up Conditional Access policies that check device health, location, and risk level before granting access. Privileged Identity Management limits admin rights to exactly when they are needed.
Every design follows Zero Trust principles: verify every request, use least privilege, and always assume breach.
Good security architecture is not about tools. It is about turning business risk into clear, practical controls.
I use Microsoft Defender XDR to connect security across endpoints, email, identities, and cloud apps. This gives teams one place to see and respond to threats.
I also build governance frameworks — ISO/IEC 27001 policies, risk registers, and audit-ready documentation. The goal is security that the business can actually sustain.
Secure endpoints start before the device ever reaches the user.
I use Microsoft Intune and Windows Autopilot to enroll devices automatically. The right compliance policies and security baselines apply from day one — no manual setup needed.
Microsoft Defender for Endpoint monitors behaviour and flags threats in real time. In cloud environments, I apply access controls and Defender for Cloud to keep workloads compliant.
Compliance should be the result of good security — not a checklist bolted on at the end.
I work with ISO/IEC 27001:2022, the EU NIS 2 Directive, and GDPR. Risk assessments follow a clear method: identify threats, rate likelihood and impact, apply the right controls.
As a NIS2DTP and CAMS® holder, I have current, formally tested knowledge of EU security regulations. I translate that into steps organisations can actually follow.
I cover every stage — threat modelling, architecture design, technical setup, and compliance reporting.
Need to build an M365 security stack? Working toward ISO 27001? Responding to NIS 2 requirements? I handle all of it.
Based in Thessaloniki, Greece. Available to clients across the EU, in both Greek and English.
Primary Domain
M365 Security
Compliance Focus
ISO 27001 · NIS2 · GDPR
Location
Thessaloniki, Greece
Languages
Greek · English
ACADEMIC BACKGROUND
EDUCATION
European International University - Paris
Official
Advanced Professional Diploma in Cyber Security, Computer and Information Systems Security/Information Assurance
Sep 2025 – Present
Covers both technical and managerial aspects of cybersecurity. Key areas include risk management, infrastructure protection, and incident response.
Includes preparation for the BSI ISO 27001 Lead Auditor certification. Covers ethical hacking, penetration testing, and strategic security decision-making.
Mediterranean College
Advanced Professional Diploma in Cyber Security, Computer and Information Systems Security/Information Assurance
Sep 2025 – Present
Covers both technical and managerial aspects of cybersecurity. Key areas include risk management, infrastructure protection, and incident response.
Includes preparation for the BSI ISO 27001 Lead Auditor certification. Covers ethical hacking, penetration testing, and strategic security decision-making.
General High School
High School Diploma, Technological
2006 – 2009
KEY COURSES
European International University - Paris
Advanced Diploma Program
Advanced Security Protocols
Enterprise Security Management
Security: Attacks and Countermeasures
Securing Networks
Human and Legal Aspects of Cyber Security
Certification Preparation
BSI ISO 27001 Lead Auditor — Information Security Management Systems
CERTIFICATIONS & CREDENTIALS
Click any badge to view details
All certifications are also published on Credly
Visit my Credly profile to verify credentials, view digital badges, and see the full up-to-date list of earned certifications.
TCM Security
TECHNICAL EXPERTISE
Specialized in Microsoft Security Ecosystem
CORE COMPETENCIES
COMMUNICATION
Native
Professional
Beginner (A1)
FEATURED PROJECTS
Product Design & Build – GRC Platform
GRC Hub is an enterprise GRC workspace designed to help organizations manage governance, risk, compliance, controls, evidence, audits, vendors, employees, access reviews, security training and regulatory obligations from one centralized platform.
Deployment Highlights
Academic Cybersecurity Governance Project / AI Risk & Compliance Case Study
A human-centred and legal analysis of AI-powered email security in a UK organisational context. Analyses AI/ML-based email classification, user risk scoring, automated quarantine and escalation workflows as a socio-technical decision system — examining accountability, transparency, human oversight and governance readiness.
Deployment Highlights
Detection Engineering / Threat Hunting
Designed a structured Microsoft Defender XDR detection pack with 40 KQL rules across Basic, Intermediate, Advanced, and Complex levels, built for Advanced Hunting and Custom Detection use cases.
Deployment Highlights
Financial Services Secure Network Design
Designed and implemented a secure enterprise network for a financial services scenario using a three-zone architecture, site-to-site IPsec VPN, DHCP, NAT, EIGRP routing, DMZ service controls, and ACL-based segmentation.
Deployment Highlights
Axess Infrastructure Deployment
Designed and deployed a Layer 3 network for a ski resort. The system handles access control and parking automation across the whole site.
Deployment Highlights
Documentation
Pigadia – AXESS Network & Infrastructure Overview
High-level overview of the network. Covers gate cabinets, chairlift integration, ticket office, parking automation, and server connectivity.
Omada L3 Network Architecture – Pigadia Deployment
Layer 3 network design and VLAN segmentation. Includes core switching, ER706W-4G gateway, industrial PoE cabinets, and parking network. Built for traffic isolation and scalable access control.
Pigadia – Omada Network Architecture & Runbook
Full deployment runbook. Includes VLAN design, IP addressing, PoE cabinets, parking integration, firewall rules, and security hardening guidelines.
University Project – Mediterranean College
University project. The goal was to design a secure Smart Office network. It uses IoT devices and enterprise IT systems. A Head Office and a Branch Office connect via IPsec VPN. The project was built in Cisco Packet Tracer with full security documentation.
Deployment Highlights
Documentation
University of Derby – CPS Smart Office Presentation
Project presentation covering the network design, VLAN segmentation, IPsec VPN, and before/after hardening analysis.
Our Network Topology
Visual topology showing HQ and Branch architecture, VLANs, IPsec tunnel, IoT devices, and server placement.
300+ Employees – Financial Sector
A 4-month GRC project for a 300+ person financial firm. Work covered risk identification, impact review, and policy redesign. All outputs were built to meet regulatory requirements.
Deployment Highlights
Documentation
Anonymized Enterprise GRC Transformation Report
Anonymized 4-month GRC project for a financial services firm. Includes risk assessment, heat maps, control gaps, policy redesign, RACI model, and mitigation roadmap.
Regency Casino Thessaloniki
Led Project Butler at Regency Casino Thessaloniki. The goal was to improve Food & Beverage operations through better technology. The project was delivered on time at 100% completion.
Deployment Highlights
COMMUNITY & MEMBERSHIP
Cloud Security Alliance
Feb 2026 - Present
ISC2
Feb 2026 - Present
CyberSecurity NonProfit (CSNP)
Feb 2026 - Present
Chartered Institute of Information Security
Feb 2026 - Present
CAUSES I CARE ABOUT
Speaking & Events
Sessions where I share knowledge on cybersecurity, Microsoft 365 security architecture, and compliance frameworks.
A free seminar at Edu Festival 2026. The talk covers how AI is changing cybersecurity. It looks at AI as both an attack tool and a defence tool. Key topics include the CIA Triad and the EU AI Act.
Complete professional profile in PDF format
GET IN TOUCH
I'm always interested in discussing new opportunities, collaborations, or sharing insights about cybersecurity and IT infrastructure. Feel free to reach out through any of the channels below.
Text Size
Settings are saved automatically
