Cloud Architect · Microsoft Solutions

Brandon
van Dijk

IT professional at a Microsoft Solution Provider, helping hundreds of clients build secure and modern workplaces. Passionate about endpoint management, identity, and information protection.

Get in touch See selected work ↓

// Based in Utrecht, NL · // Responds in under 24h · // 5 active Microsoft certs

Available for projects

// Currently

// Now Leading a tenant carve-out for a 2,400-seat divestiture M365 · Purview · Entra ID · week 6 of 11

// Next up Two slots open from May — Intune or Purview engagements 1–6 week scopes · discovery or hands-on

// Latest post Getting started with Microsoft Purview Information Protection Mar 8, 2026 · 5 min read Read →

// Focus areas

01 · 4 disciplines

What I work on

⬡

01 / 04

Endpoint Management

Securing and automating Windows devices at scale via Microsoft Intune. Compliance policies, app deployment, and autopilot provisioning.

IntuneEntra IDAutopilot

{
  "displayName": "Win11-Corporate-Baseline",
  "platforms": "windows10AndLater",
  "technologies": ["mdm"],
  "settings": [
    { "bitlockerFixedDriveEncryption": true },
    { "firewallProfileDomain.allowLocalIpSecRules": false }
  ]
}

Devices managed 12,400+Typical scope 2–6 weeks

› See detail + code

⬡

02 / 04

Information Protection

Designing data lifecycle management, sensitivity labels, DLP policies, and compliance frameworks through Microsoft Purview.

PurviewDLPCompliance

# Purview sensitivity label taxonomy
- Public         → no protection
- Internal       → watermark only
- Confidential   → encrypt, external block
- Regulated      → encrypt + audit + 10y retention

Labels deployed 40+DLP policies tuned 120+

› See detail + code

⬡

03 / 04

Cloud Architecture

Tenant design, carve-outs, and migrations on Azure and Microsoft 365. Building resilient, well-governed cloud environments.

AzureM365Governance

// Landing zone — subscription per workload
Subscription "connectivity"  { hub-vnet, firewall, DNS }
Subscription "identity"      { domain-controllers, pim }
Subscription "platform"      { monitor, key-vault, backup }
Subscription "workload-prod" { apps, data, analytics }

Tenants split 11Mailboxes moved 38k

› See detail + code

⬡

04 / 04

Modern Workplace

End-to-end Microsoft 365 implementation for SMB and enterprise. Exchange, SharePoint, Teams, and identity security.

ExchangeSharePointTeams

# Conditional Access baseline
CA01  Require MFA                    → all users
CA02  Block legacy auth              → all users
CA03  Require compliant device       → internal apps
CA04  Session control on unmanaged   → web only, no download

Tenants designed 60+Seats delivered 18k

› See detail + code

// Selected work

02 · Engagements 2024–2026

Proof, not promises

2026 · Financial services

Tenant carve-out for a 2,400-seat divestiture

Split a single M365 tenant into two within 11 weeks. Designed the migration waves, cut-over, and identity-bridging strategy. Zero lost mailboxes, two weekend cut-overs, full Purview re-labeling.

2,400

users migrated

11 wk

door-to-door

data loss events

2025 · Logistics · 3,800 devices

Intune Autopilot rollout across warehouses

Replaced a legacy imaging process with Autopilot user-driven and self-deploying profiles. Baseline compliance, app deployment rings, and a hardware-rollout playbook the IT team still uses.

3,800

devices onboarded

72%

faster provisioning

4 wk

pilot to GA

2025 · Healthcare

Purview label taxonomy + DLP from scratch

Four-label taxonomy, encryption for Confidential and Regulated, and tuned DLP policies across Exchange, SharePoint, and endpoints. Cut false positives by 80% in month two.

sensitivity labels

120

DLP rules tuned

80%

fewer false +ve

2024 · Public sector

Conditional Access & Entra ID redesign

Rebuilt a sprawling CA estate down to 9 baseline policies. Introduced PIM for all privileged roles and an emergency-access glass-break path. Passed the annual IT audit on first submission.

CA policies

100%

PIM coverage

1st

audit pass

// Certifications

03 · Microsoft certified