Daniel Okonkwo

Daniel has 13 years in IT operations split across two very different worlds: six years as a Tier 3 Windows server admin at a UK NHS trust, then seven years at CDW handling M365 security posture work for mid-market clients. He carries SC-200 (Security Operations Analyst), the CompTIA CySA+, and a slightly out-of-date ITIL v3 Expert that he refuses to renew on principle. His writing focuses on the helpdesk-adjacent security work that nobody owns cleanly: Defender for Endpoint onboarding, the difference between Defender for Office 365 Plan 1 and Plan 2 when finance asks why the bill jumped, and tuning Conditional Access without breaking the field sales team's iPads. He spent most of 2024 doing forensic cleanup on three separate Business Email Compromise cases - two of which traced back to a missing MFA gap on a service account. He is based in Birmingham and runs a quiet Mastodon instance for old-school sysadmins.