New York, NY · Open to remote
Brandon Sardelli
Technical Operator · Cloud, Security & Platform Engineering
5+ years taking on hard technical problems and shipping outcomes—across cloud infrastructure, endpoint management, security baselines, partner delivery, and full-stack internal tooling. I learn fast, own the work end-to-end, and leave teams self-sufficient.
200+ technical sessions and 50+ completed engagements in my first 6 months at Nerdio—plus platforms, automation, and enablement assets still in daily use.
Platforms I work with
- Microsoft
- Azure
- Microsoft Intune
Microsoft Entra ID
Microsoft Defender- Nerdio
What I do
Own the Problem
Walk into ambiguous situations, define scope, and drive work from discovery through delivery and handoff—across technical teams, leadership, and external partners.
- End-to-end ownership
- Discovery
- Delivery
- Enablement
- Handoff
Build & Operate
Cloud, endpoint, identity, and security at scale—Intune, Entra ID, Azure, Defender, AVD, multi-tenant ops, plus full-stack platforms I designed and shipped myself.
- Intune
- Azure
- Entra ID
- Defender
- TypeScript
- Automation
Make Teams Self-Sufficient
Documentation, playbooks, workshops, and tooling so others can run without me—baselines, drift governance, compliance frameworks, and repeatable workflows.
- Playbooks
- Workshops
- CIS / CMMC
- Drift governance
- Internal tooling
Projects
Real problems solved end-to-end—security at scale, platform builds, automation, and delivery work that proves I can pick up anything and ship it.
Multi-tenant environment · greenfield-to-production rollout
Security at Scale
Took a team from zero to self-sufficient—standardized security baselines and built a repeatable onboarding pipeline across a complex multi-tenant environment.
- Entra ID
- Defender
- Solution Baselines
- CIS
- +2 more
View case study →
Ongoing optimization · high-volume multi-tenant ops
Drift Control
Replaced manual per-tenant checks with centralized drift visibility, alerting, and remediation workflows across an entire customer portfolio.
- Global Views
- Drift Management
- Conditional Access
- Alerting
- +1 more
View case study →
Multi-tenant ops · standardization at scale
App Delivery Platform
Built one catalog to deploy version-controlled apps everywhere—and a backup management path when primary tooling failed on endpoints.
- UAM
- Intune
- Winget
- Win32/LOB
- +1 more
View case study →
Research & strategy · evaluation support
Decision Framework
Built source-backed comparison assets and customer-ready explainers so teams could make defensible platform decisions fast.
- Competitive Analysis
- Documentation
- Solution Baselines
- Enablement
View case study →
Internal platform · knowledge & automation
Knowledge Platform
Turned scattered transcripts, docs, and notes into a structured knowledge base that generates accurate answers and deliverables on demand.
- MCP Server
- Knowledge Base
- Automation
- Documentation
View case study →
Workflow automation · internal delivery tooling
GLE Automation Form
No-code automation that builds a customer's Go-Live workspace from one Microsoft Form submission.
- Power Automate
- Microsoft Forms
- Microsoft Teams
- Outlook
- +1 more
View case study →
Platform engineering · sole builder, production system
GLE Utility Belt
Full-stack platform I designed and built—turns complex onboarding into a secure, shareable, self-serve experience in seconds.
- TypeScript
- React
- Hono
- Azure
- +2 more
View case study →
Experience
Go Live Engineer (Modern Work focus) at Nerdio
- Own complex technical engagements end-to-end—scoping, discovery, delivery, enablement, and handoff across Sales, PSMs, and partner teams.
- Completed 50+ projects and 200+ technical sessions in the first 6 months; consistently the person teams call when something is blocked or undefined.
- Translate vague requirements into executable plans—workshops, playbooks, and rollout patterns teams reuse without ongoing dependency.
- Integrate and troubleshoot multi-tenant environments (Intune, Defender, Entra, Exchange, SharePoint)—API permissions, prerequisites, imports, and golden-tenant workflows.
- Standardize security at scale: CIS baselines, Solution Baselines, drift governance, Conditional Access, and report-only → enforce rollouts.
- Built GLE Utility Belt—a full-stack internal platform (TypeScript, React, Hono, Azure, 570 tests) that replaced manual document delivery with secure, shareable customer plans.
- Ship automation at scale—Power Automate flows for Teams provisioning and partner comms templated across thousands of organizations.
- Author reusable assets: 12-module guides, enablement checklists, 10-module go-live playbook, and competitive decision frameworks.
- Design modular engagement recipes (Autopilot, LAPS, UAM, Update Rings, Scripted Actions) adaptable to greenfield and brownfield scenarios.
- Configure RBAC, Graph API, and least-privilege integrations; lead release campaigns aligning product, support, and field teams on major platform updates.
Network Administrator at Centerview Partners · Huntington, NY
- Stepped into a financial-services environment with seven MPLS-connected offices—supported patch cycles, maintenance windows, and hybrid cloud/on-prem operations.
- Documented Intune and Microsoft Tunnel patterns for secure hybrid access; shadowed senior engineers on Azure networking, BGP, and WAN design.
- Monitored infrastructure health and resolved endpoint and network issues during change windows under tight uptime expectations.
Systems Engineer at Site2
- Ran Intune and endpoint operations across 15 multi-tenant customers—Autopilot, compliance, security baselines, app deployment, and remediation at scale.
- Deployed and maintained Defender, Conditional Access, encryption, ASR, EDR, and mobile management (Tunnel, MAM) across diverse client environments.
- Built and supported Azure Virtual Desktop infrastructure; migrated 15 customers through datacenter moves, image management, and session optimization.
- Owned help desk escalations and deep troubleshooting (MDE, ESP, device registration); operated RMM, M365 admin, and hybrid identity tooling daily.
- Designed Azure hub-and-spoke networking with Microsoft engineers—VNets, peering, Azure Firewall, CIS policies—plus Entra Connect and co-management.
Systems Engineer at Ivionics · Hauppauge, NY
- Delivered MSP services for legal clients with strict confidentiality and audit requirements—Intune, Entra Connect, Conditional Access, and hybrid identity.
- Led AWS-to-Azure migrations and O365 cutovers with planned zero-downtime transitions across multiple tenants.
- Owned firewalls, wireless, SLAs, escalations, and backup/DR across hardware, software, and cloud—whatever broke, I fixed it.
Systems Engineer at Arbor Realty Trust · Uniondale, NY
- Led Intune MDM and OneDrive rollout for 700+ devices—white-glove onboarding for executives and hybrid workers during a company-wide security push.
- Hardened endpoint posture with Entra ID and Conditional Access; optimized AVD images and cross-platform access (Windows, macOS).
- Responded to Azure Sentinel alerts and resolved identity, MFA, and sync issues under active threat-detection workflows.
Endpoint & MDM Engineer at US Ecology · Great River, NY
- Administered MDM for 1,600+ employees across HQ, field sites, and regulated environments—enrollment, compliance, and cross-platform device support.
- Contributed to Okta migration; aligned mobile policies with new identity requirements while keeping operations running.
- Closed 2,500+ Tier 2 tickets across O365, Citrix, VoIP, and endpoint hardware; documented repeatable workflows for the help desk.
Contact
Open to technical operator, cloud engineering, platform, and customer-facing roles. If you have a hard problem, I can probably help—reach out by email or LinkedIn.