Andrew Doering

Profile

LinkedIn Github Blog Site

Build identity, device management, compliance, and AI enablement systems that companies grow into, by being curious about each component of the problem, which then allows to create a long-term solution. First IT hire twice, drawn to the variety of new technologies and diverse locations each role brings.

Experience

Legora

Stockholm, Sweden

Senior IT Engineer

Dec. 2025 - Present

  • Designed and rolled out Okta as the company identity provider, delivering SSO and SCIM across the SaaS estate (Google Workspace, Slack, Microsoft 365, AWS, Azure, Zoom, Vanta) and the Legora Platform, managed as code with Pulumi and Terraform across production and preview tenants.
  • Built an automated joiner/mover/leaver identity lifecycle on HiBob as the source of truth syncing into Okta, with dynamic groups, automated Google Groups and email lists (replacing manual lists), inactivity-based deactivation, and downstream attribute mapping.
  • Own the Apple fleet (macOS/iOS) via Kandji and Iru MDM (Okta Device Trust, OS-update policies, self-service, 120+ iPhone restrictions) and Windows in Intune (BitLocker, LAPS, exploit protection). Oversaw and mentored the Jamf deployment ahead of an upcoming migration.
  • Rolled out Tailscale (replacing Cloudflare) with infrastructure-as-code components and GCP/AWS exit nodes, and standardized a unified Wi-Fi configuration across offices.
  • Designed scalable IT processes (onboarding/offboarding, Lumos access requests, 188-app software catalog, license tracking) with a procurement standard requiring SSO and SCIM, and resolved 750+ IT and identity tickets.
  • Configured Vanta as the continuous-compliance system of record, automating SOC 2 and ISO 27001 evidence collection with API integrations (including GitHub identity sync), and partnered with the Security team on Zero Trust and IAM.
  • Authored the company Okta, device, and identity-lifecycle runbooks, a self-service knowledge base, and the Linear Weekly Project Updates reporting standard.
  • Migrated collaboration tooling (Google Meet to Zoom and Slack EMM on mobile) and enforced managed-browser and authentication policies company-wide.
  • Executed a work-phone rollout (iPhone and eSIM provisioning) via Kandji MDM, including device recovery (Activation Lock removal, remote locate) and eSIM lifecycle management.
  • To see 4 more achievements, please visit the full CV online.
  • First IT Hire
  • Operational Efficiency & Automation
  • DevOps & Agile Engineering
  • AI Enablement (Claude / MCP)
  • Apple MDM (Kandji / Jamf)

Interim, Head of IT

Jan. 2026 - May 2026

  • Led a globally distributed 7-person team across Support and Engineering (US & EU), running weekly 1:1s for coaching, feedback, and career development.
  • Designed the Technology organization structure, authoring 7 functional charters (Identity & Access, Applications, End-User Devices & Facilities, Help Desk & Onboarding, KM/Data/Training, AI Enablement, Security & Risk) and 80+ position descriptions to enable scaling.
  • Established AI Enablement as a strategic function with a composable AI stack (Notion AI, Claude Cowork, Claude Code, MCP Gateway), an L0-L3 maturity model, Skills Library, and Responsible AI Use policy.
  • Designed an incident management framework (Slack intake, Serval triage agent, incident.io integration, IT on-call rotation) replacing ad-hoc escalation with measurable response SLAs.
  • Built a 3-week hiring plan with 30/60/90-day ramp for 2-4 IT Support Consultants, designed to shift IT engineering time from reactive ticket work to strategic initiatives.
  • Partnered with Legal, Engineering, People, and Facilities leadership on cross-functional Technology initiatives spanning policy, procurement, and onboarding.
  • To see 2 more achievements, please visit the full CV online.
  • IT Leadership
  • Organizational Design
  • AI Enablement Strategy
  • Cross-Functional Collaboration
  • Hiring & Team Building

EXPERIENCE (CONTINUED...)

EQT Group

Stockholm, Sweden

Sr. Technical Operations Engineer

Nov. 2022 - Feb. 2026

  • Introduced DORA-compliant Terraform configurations, additionally enabling other teams to self-service configurations, setups, and streamline their workflows. Blog Post
  • Led IAM operations for ~5,000 users, managing Okta, achieving enhanced regulatory compliance and seamless access. Okta Identity Engine
  • Implemented Self-Service Processes for End Users to access Applications, Groups, etc through Entitlement Management and Identity Governance, resulting in a reduction of Tech Support Tickets by 64%.
  • Implemented Device Assurance, Compliance, and Posturing for self-servicing issues with Kolide, enhancing security standards for external users. Example
  • Advised EQT Ventures on due diligence and helped portfolio teams implement secure user systems, including authentication design for ADA (IVCEvidensia) using OAuth 2.0 and OIDC.
  • Mentored colleagues on tools like Workato, Jamf, and Okta, helping team members achieve technical certifications and improve skill sets (such as git, terraform, etc).
  • Championed CI/CD pipelines and Agile practices (via Jira) to increase team velocity and improve deployment workflows.
  • Reduced operational costs by $400K+ using automation and tech debt cleanup.
  • Standardized cross-functional processes and technical implementations, including global cost center change workflows and the deployment of Managed Apple IDs via Apple Business Manager, ensuring regulatory alignment, centralized communication, and scalable SSO integration across multinational environments.
  • Guided enterprise app configurations (AARO, EBX, MRI, Slack Enterprise) with secure SSO and domain integrations, in addition to modern services (Slack Enterprise Grid, Google Workspace).
  • Member of the Acquisition Planning and Execution Team, contributing to seamless technology integration during transitions. Company Announcement
  • Strategic Investment Advisory
  • Operational Efficiency & Automation
  • DevOps & Agile Engineering
  • Enterprise Identity Management
  • Self-Service & Governance
  • Endpoint Assurance & Compliance
  • Process Standardization
  • Enterprise Application Integration
  • Technical Mentorship & Training
  • Acquisition & Integration
  • and 3 more

Epidemic Sound

Stockholm, Sweden

Sr. IT Engineer

Mar. 2021 - Nov. 2022

  • Created policies for broader company pertaining to Employee Lifecycle, IT Asset Management, and User Access Management. Created processes for IT Support team to follow.
  • Led MDM transition from Fleetsmith to Workspace ONE, completed ahead of the scheduled deadline across the macOS fleet.
  • Restructured Okta from MSP-managed to in-house, using Terraform to support hyperscale and changing company dynamics.
  • Detail Security and Process Gaps across various business lines for IPO, ITGC, and Audit Readiness.

EXPERIENCE (CONTINUED...)

ThousandEyes (Part of Cisco)

San Francisco, CA

Sr. IT Engineer (Cisco)

Aug. 2020 - Aug. 2021

  • Lead for business service integrations discovery, acquisition, and close.
  • Integration and migrations of services from ThousandEyes' Stack into Cisco's Suite (such as Google Workspace to Exchange, Project Management Tools, Collaboration Tools, etc).
  • Transitioned MDM configuration from Workspace One to JAMF on End User Devices.

Sr. IT Engineer (ThousandEyes)

Aug. 2017 - Aug. 2021

  • Team Lead for IT Engineering, and Tier 3 Escalation Support to IT Support team.
  • Led end-to-end device management strategy, including deployment of Workspace ONE MDM to all macOS and Windows devices. Blog Post
  • Developed zero-touch deployment workflows for macOS using open-source tools, reducing provisioning time by 90% (from 200 minutes to 20). Blog Post
  • Established HR automation and identity pipelines, integrating BambooHR with Okta to eliminate manual onboarding steps and reduce user creation errors. Blog Post
  • Led cloud-first IAM migration, deprecating on-prem Active Directory in favor of Okta and AzureAD interoperability for Windows fleets. Blog Post
  • Designed and implemented FedRAMP-compliant infrastructure, aligning internal systems with strict U.S. government security standards. Company Announcement
  • Pioneered global communication transformation, replacing WebEx with Zoom and launching Zoom Rooms, driving 85% improvement in satisfaction.
  • Built out IT infrastructure for new offices in Austin, London, Dublin, and San Francisco, managing networking, AV, VoIP, and vendor coordination. Example Deployment
  • Launched company-wide security initiatives, hand-in-hand with security team members, for example, Google Workspace API Restrictions. Source Code
  • Automated asset management using open-source tools (Snipe-IT) with cloud deployment and vendor system integration. Source Code
  • Managed global vendor relationships across North America, EMEA, and APAC, including procurement, deployment, and support operations.
  • Worked across Okta, Python, Workspace ONE, macOS, Windows, Google Workspace, BambooHR, Munki, Snipe-IT, AzureAD, Zoom, and AWS.

IT Support Engineer (ThousandEyes)

Jan. 2016 - Aug. 2017

  • Bootstrapped IT and infrastructure operations from the ground up as the company’s first IT employee, scaling systems to support 500+ global employees across multiple offices.
  • First IT Hire
  • IT Leadership
  • Initiative-Driven
  • Cross-Functional Collaboration
  • Process Builder
  • Automation Advocate
  • Security-First Mindset
  • Compliance-Oriented
  • FedRAMP Ready Enablement
  • ISO 27001 Readiness & Achievement
  • SOC-2 Compliance & Achievement
  • and 3 more

For experience prior to 2016, please view the full CV online.

Lord Corporation

Cary, NC

Information Systems Intern

Jun. 2011 - Aug. 2012

  • Worked in an International Traffic in Arms Regulation (ITAR) & Information Technology Infrastructure Library (ITIL) environment.
  • Handle Tier 1 & 2 support incidents, resolving forty incidents on a weekly basis for 3000+ employees in remote and on-site across four office locations domestically, and provide minor assistance to international office locations.
  • Handle provisioning of laptops, phones, AV systems.
  • Write documentation in SharePoint pertaining to improvements and break fix resolutions.

Andrew Doering

Senior IT Engineer

References

References available upon request

References

XXXXXXXXXXXX

Colleague at EQT Group

  • Sweden

    • XXXXXXXXXXXXXXXXX

    Colleague at Cisco, ThousandEyes

  • USA

    • XXXXXXXXXXXXXXXX

    Colleague at EQT Group,
    Manager at Epidemic Sound

  • Sweden

    • XXXXXXXXXX

    Colleague at EQT Group

  • Sweden

    • XXXXXXXXXXX

    Colleague at Cisco, ThousandEyes

  • Great Britain

    • XXXXXXXXXXX

    Colleague at Cisco, ThousandEyes

  • USA