Skip to main content
Seán Braeken-Gray

About

I'm Seán Braeken-Gray: a DevOps and Infrastructure Engineer with a background in cloud security and the Microsoft ecosystem. I currently work full-time as an Infrastructure Engineer at a fintech startup, where I look after Azure infrastructure, identity and access management, and Microsoft 365 - often all in the same afternoon.

Technical Focus

Azure & Infrastructure Infrastructure as Code using Bicep. CI/CD pipelines in Azure DevOps. Resource governance through Azure Policy and Management Groups. I treat infrastructure the same way I treat application code: versioned, reviewed, and tested before it reaches production.

Identity & Access Management Microsoft Entra ID is the control plane for access decisions across the Microsoft stack. I design and implement Conditional Access policies, Privileged Identity Management configurations, and Zero Trust architectures that work in practice, accounting for the operational friction that comes with tightening access controls.

Cloud Security Microsoft Defender for Cloud, Entra ID Protection, and Microsoft Purview. Security controls that are proportionate, auditable, and integrated into the platforms your organisation already uses.

Microsoft 365 Administration Tenant configuration, Exchange Online, Teams, and SharePoint. I've delivered cloud-to-cloud migrations from Google Workspace, Dropbox, and Box to Microsoft 365 in a previous role, along with on-premises Active Directory migrations using Microsoft Entra ID Cloud Sync.

Automation & Scripting Bash and Zsh are my primary automation tools. I use curl with the Microsoft Graph API (making direct REST calls) to automate tenant management, reporting, and configuration at scale.

Background & Certifications

I hold a BSc (2.1) in Cyber Security and Networking from Glasgow Caledonian University, covering penetration testing, network forensics, networking, and secure architecture design. That foundation shapes how I approach infrastructure today, not just "does it work?" but "is it auditable, secure, and resilient to failure?"

Certifications

  • AZ-900 — Microsoft Azure Fundamentals
  • MS-900 — Microsoft 365 Fundamentals
  • SC-300 — Microsoft Identity and Access Administrator
  • AZ-104 — Microsoft Azure Administrator

Beyond the Terminal

Not everything here is infrastructure. I play chess: competitively enough to take it seriously, casually enough to still enjoy losing. I also shoot photography, mostly street, wildlife and events. Both have a way of showing up in how I think about technical problems: patience, composition, and knowing when something is good enough to ship.

This Blog

I write about what I'm building and what I'm figuring out: Azure infrastructure patterns, identity and access controls, PowerShell automation, and lessons from real-world deployments. Occasionally something that has nothing to do with any of that.

No padding. No product announcements dressed up as insight. Just clear writing about problems worth solving.