Embedded Files
Tomasz Wójciak
Tomasz Wójciak
Enterprise Security Architect | Security Transformation | IAM, Cloud & Risk
Enterprise Security Architect | Security Transformation | IAM, Cloud & Risk
I help organizations simplify and modernize cybersecurity by focusing on architecture, identity governance, risk clarity, and practical operating models.
Over 25 years across enterprise IT, finance, manufacturing, critical infrastructure, public sector and global environments have taught me that many security failures are not caused by technology alone. They often come from unclear ownership, fragmented processes, weak governance, poor documentation and decisions that are not translated into operational reality.
My work is grounded, structured and pragmatic. I focus on clear target states, decision points, ownership models, standards, procedures, and security capabilities that can be implemented, audited and operated.
Professional Summary
Professional Summary
I am an enterprise security architect, IAM/PAM advisor and cyber risk consultant specializing in identity, privileged access, cloud governance, enterprise risk, M&A integration and security transformation.
I support CISOs, IT directors, architecture teams and transformation programs by translating complex security issues into practical decisions and implementation steps. My work spans Azure governance, Active Directory and Entra ID modernization, CyberArk and BeyondTrust PAM models, NIS2/ISO-aligned controls, M&A cybersecurity integration and audit readiness.
I build structure:
• how security decisions are made
• how privileges and identities are governed
• how architecture supports business and operations
• how risks become clear, actionable and owned
• how documentation survives beyond one project
Whether advising on security architecture, designing identity governance, supporting privileged access transformation, or helping with post-acquisition integration, I prioritize realistic execution, clear expectations and long-term maintainability.
Clarity Over Complexity
Clarity Over Complexity
Security must be explainable to executives and implementable by engineers.
Clear scope, ownership and evidence reduce ambiguity and accelerate decisions.
Architecture Before Tools
Architecture Before Tools
Security tools fail without architecture, ownership and governance.
Architecture is the operating system of sustainable security.
Structured, Practical Delivery
Structured, Practical Delivery
I focus on structured decisions, predictable delivery and sustainable results in complex stakeholder environments.
Career Overview
Career Overview
• Today — Enterprise Security Architect / Independent Security Advisor
Leading IAM/PAM, cloud governance, cyber risk, architecture and transformation projects for clients such as Microsoft, Barry Callebaut, AML RightSource, Sysco, Sanoma, Ørsted, Electrolux, Ahold Delhaize, Howden Group and others.
• 2020–2021 — Senior Security Engineer / Head of Security Engineering, Equiniti
Led IAM/PAM architecture, Azure security baselines, vulnerability governance and security engineering maturity.
• 2019–2020 — Security Engineer & Consultant, GAIN Capital / EY
Threat detection, incident response, vulnerability management, PKI governance and security process documentation.
• 2013–2016 — IT Risk & Control Specialist, UBS
Infrastructure risk assessments, control reviews, regulatory readiness and secure delivery oversight.
• 2006–2013 — IAM, AD and Infrastructure Engineering
AD/SSO engineering, PKI, Citrix, VMware, endpoint hardening, migrations and enterprise support.
• 1999–2006 — Founder of IT Consulting Firm
Built and led a small IT services company delivering secure infrastructure, remote access and support services for SMB and public-sector clients.
Core Capabilities
Core Capabilities
• Enterprise security architecture and transformation
• IAM, PAM and hybrid identity governance
• Azure and Microsoft security governance
• Cyber risk, audit readiness and control remediation
• M&A and third-party security integration
• OT/ICS secure remote access
• Documentation, workshops, playbooks and executive communication
Technology Focus
Technology Focus
• Microsoft Entra ID / Azure AD
• Active Directory / ADFS
• CyberArk, BeyondTrust, SailPoint, Saviynt, Okta
• Entra PIM, Conditional Access, Access Packages
• Microsoft Defender, Sentinel, Intune
• Tenable, Qualys, Armis
• PowerShell automation
How I Work
How I Work
I value transparency, structure and direct communication.
I work best with leaders who want practical architecture, clear decisions and sustainable delivery. My goal is to leave every organization with better ownership, simpler processes, stronger controls and architecture that lasts beyond the project.
Looking for support with architecture, IAM, or risk governance?
Looking for support with architecture, IAM, or risk governance?
I’m available for contract roles, advisory engagements and transformation programs.
I’m available for contract roles, advisory engagements and transformation programs.
Page updated
Google Sites
Report abuse