Lauri Suutari

Conducted a full ISO 27001 gap analysis and risk assessment for a SaaS organisation. Defined the Information Security Management System (ISMS) scope, identified control gaps across Annex A, and produced a remediation roadmap that brought the organisation to certification readiness within a single audit cycle.

Earned the Microsoft Security Operations Analyst certification, validating expertise with Microsoft Sentinel and Defender XDR. Covered threat detection engineering, incident response workflows, KQL hunting queries, and cross-product investigation across identity, endpoint, email, and cloud workloads.

Designed and implemented a secure Single Sign-On flow using Azure Active Directory and MSAL. Covered token lifecycle management, conditional access policies, and structured audit logging to meet both internal security requirements and external compliance obligations.

Contributed to the development of a Google Workspace backup product at Remod, covering Gmail, Drive, and Shared Drives. Focused on secure data handling, encryption at rest, and recovery workflows — ensuring organisations can meet data retention and business continuity requirements.

Built a cloud-based security lab environment using Infrastructure as Code (IaC) for hands-on penetration testing and security training. The platform provisions isolated, reproducible attack/defence scenarios — enabling practical learning of offensive and defensive techniques in a safe, controlled environment.