IT Manager · London

I keep critical systems stable, secure, and well documented.

Sole IT owner across two operating entities. The interesting work is hardening operations and tightening controls – building a stack that's secure by default, not by reaction.

ROLE IT Manager
BASED London, UK
SCOPE 80 users · 100+ endpoints
CURRENT ROLE OPERATIONAL
Users supported80
Endpoints100+
Intune coverage100%
On-prem ADRetired
IT ownerSole, since '24
TenureSince 2022
About 01 / 07

I build systems that make technology reliable, secure, and easier to run.

My foundation is in engineering. It taught me to think in structures, constraints, and repeatable processes. That mindset led me into IT, where I found the opportunity to turn complexity into clear, dependable systems.

I began that journey at 1Rivet, a US-based IT consultancy, where I moved from operations into IT and DevOps. I worked across Microsoft 365 and SharePoint administration, tenant migrations, and delivery pipeline automation using Jenkins and Ansible. That was where a core principle of my work became fixed: if a task repeats, it should be systemised.

In 2019, I moved to London to complete an MSc in Information Systems. My dissertation focused on early diabetic retinopathy detection using TensorFlow in Google Colab. It gave me hands-on experience applying machine learning to a real clinical problem, with a focus on detection at a stage where treatment can still make a difference.

I joined Hydro Cleansing in February 2022 as an IT Technician. In June 2024, I stepped into full ownership of the IT function. Today I manage identity and access, endpoints, security, networking, vendors, and day-to-day support for around 80 users and more than 100 devices. I run the function end to end, with an emphasis on clarity, documentation, stability, and systems that work quietly in the background.

The path 02 / 07
2018–2019
1RIVET · INDIA

DevOps & Enterprise Admin, Associate

Broke into IT from operations. Supported CI/CD pipelines with Jenkins, Ansible, Git and Nexus; handled M365 provisioning and SharePoint admin at scale; trained 50+ interns on source-control fundamentals.

2019–2021
UNIVERSITY OF WEST LONDON · UK

MSc Information Systems (2:1)

Moved to London and studied through Covid. My dissertation trained a TensorFlow model in Google Colab to detect diabetic retinopathy early – my first real, hands-on machine-learning project, years before the current AI wave.

Feb 2022
HYDRO CLEANSING · UK

IT Technician

Joined on a Graduate visa. Delivered L1–L3 support across hardware, software, and M365, and took on Azure AD and Intune administration. Earned employer-sponsored Skilled Worker status in 2023 as my scope grew.

Jun 2024 – now
HYDRO CLEANSING · UK

IT Manager

When my manager left, I took the whole function. I own infrastructure, identity, security, and endpoint management across two operating entities, running a fully cloud-native estate on Entra and Intune. Delivered Cyber Essentials Plus solo and migrated the company to a new phone system. Also manage vendors, support developers, and line-manage a small team across IT, design and social media.

Selected work 03 / 07
FEATURED · TELEPHONY · 2026

Migrated telephony to RingCentral with zero downtime

Moved the business off an unreliable phone system onto RingCentral without a single minute of downtime – and gave operations a platform they can finally count on.

Yay → RingCentral Zero downtime
99.999%
CALL UPTIME
SECURITY · 2026

Delivered Cyber Essentials Plus certification

Took the organisation through Cyber Essentials Plus – the audited tier – and passed the hands-on assessment across the estate. Underneath it: Conditional Access, MFA enforcement, exception handling and break-glass accounts, all hardened, documented and audit-ready.

Cyber Essentials Plus Conditional Access MFA Device hardening
IDENTITY & ENDPOINTS · 2022

Modernised identity and unified sign-on across the estate

Retired on-prem Active Directory in practice and moved 100% of the Windows estate, plus ~30 mobile devices, onto Microsoft Intune with Autopilot. Then unified sign-on across every cloud app – Microsoft 365, Google Workspace and Apple work accounts – as Google admin alongside Azure AD: one identity, one set of controls.

Azure AD Intune SSO Google Workspace
NETWORKING · ONGOING

Own and evolve the UniFi network stack

Run the full UniFi estate – access points, firewall rules, VLANs and segmentation across sites – and improve it incrementally as the business grows, keeping the network fast, segmented and reliable.

UniFi VLANs / firewall Segmentation
AUTOMATION · ONGOING

Made joiner–mover–leaver a repeatable system

Onboarding, offboarding, and access provisioning turned into SOPs and PowerShell-backed playbooks – the right access granted and revoked to a standard, documented, and no longer dependent on any one person.

Onboarding / offboarding PowerShell Access provisioning
TOOLING · ONGOING

Built the costing model behind our service-pricing app

Built the costing calculator in Excel – working with AI to get the logic right – to price the business's services. It worked well enough that the development team rebuilt it into an internal app and integrated it with Claude.

Excel Costing model Claude
MIGRATION · 2018

Ran Microsoft 365 tenant migrations at scale

At 1Rivet, supported tenant-to-tenant moves across Microsoft 365 – mailboxes, SharePoint, OneDrive and identity – alongside provisioning and licence administration for a large user base, kept controlled and documented.

Microsoft 365 Tenant migration SharePoint
VENDORS & COST · ONGOING

Took control of vendors, licensing and IT spend

Own procurement, supplier relationships, renewals and licence management for core IT services across two entities – negotiating contracts and making the cost decisions, with spend kept lean and accountable.

Procurement Licensing Vendor management
LEADERSHIP · 2024

Stepped up to lead IT and a cross-functional team

When my manager left in June 2024, I took the entire IT function for two operating entities – infrastructure, identity, security, networking, vendors and support – with no gap in service. I also began line-managing a small team across design, social media and IT admin, and supporting the development team. I also run onboarding trainings for new starters.

Team leadership 80 users Two entities
Skills & tools 04 / 07

Cloud & Identity

Azure AD Microsoft 365 Exchange Online SharePoint Teams Conditional Access Google Workspace SSO Apple work accounts

Endpoint Management

Intune Autopilot Compliance policies Config profiles Win / Android / iOS

Security & Compliance

Cyber Essentials Plus Baseline hardening Access control ISC2 CC Audit-ready docs

Infrastructure & Networking

Azure Windows servers AWS Multi-cloud UniFi VLANs & firewall Wi-Fi

Automation & AI

PowerShell Git Jenkins / Ansible TensorFlow Claude

Ways of working

SOPs & playbooks Vendor management Jira Stakeholder management
Where I'm heading: security & governance 05 / 07

Heading into security architecture.

I own a cloud-native Microsoft estate end to end – Entra ID, Intune, Conditional Access, Exchange Online – and delivered Cyber Essentials Plus as sole IT owner. I'm now moving deliberately into security architecture and governance, building toward the credentials and depth to own a security function.

01 · IDENTITY & ACCESS

Identity-first security

Deepening identity and access governance across the Microsoft stack – Conditional Access, least privilege, auditable controls. (SC-300, booked August.)

02 · ARCHITECTURE

Security by design

Moving from operating the estate to architecting it – threat modelling, defence in depth, designing controls rather than just running them. (SC-100, CISSP.)

03 · GOVERNANCE

Risk & compliance

Building toward GRC ownership – frameworks, audit, and the leadership side of keeping an organisation secure. (CISM horizon.)

My direction is to own a security function end to end – the architecture, the governance, and the risk decisions behind a stack that stays safe and well run.

Education & credentials 06 / 07
MSc Information Systems
University of West London · 2:1
2021
BEng Mechanical Engineering
Gujarat Technological University
2018
ISC2 Certified in Cybersecurity
Foundational security certification
CC
Cyber Essentials Plus
Audited certification · achieved 2026
CE+
Microsoft SC-300
Identity & Access Administrator Associate
In progress
Contact 07 / 07

Let's talk.

I build and secure systems, and I own the result. I'm heading into security architecture and governance – let's talk if that's the kind of person you need.

Email me LinkedIn
EMAILk@tandel.uk
LINKEDINin/krupaltandel
LOCATIONLondon, United Kingdom