Kenneth Tiemroth

Profile

IT Director with 25 years in infrastructure and security, the last decade in SaaS. At Omada, a global Identity Governance vendor, I run the cloud and security stack: Azure, Microsoft 365, Entra ID, Intune, and SASE. The same stack carries five consecutive ISO/IEC 27001 recertifications and three SOC 2 Type II audits with zero critical findings. I stay technical: I build the controls, lead the team, and report to the business.

Cloud operations • platform stability • security hardening • compliance • scalable IT foundations

View Experience

Key Highlights

  • Moved global operations to Microsoft Azure, ending on-premises server dependency
  • Five ISO/IEC 27001 recertifications and three SOC 2 Type II audits with zero critical findings
  • Rolled out global SASE platform via Cato Networks
  • Implemented Conditional Access, MFA, Intune Security Baselines, and Omada Identity Cloud
  • Rebuilt the helpdesk function. NSAT scores have stayed above 98% across 300 users
  • Hands-on contributor to annual penetration testing programme in cooperation with CISO
  • Set up Azure cost governance: tagging, rightsizing, reserved instances, and reporting to finance and leadership
  • Led distributed 4-person IT team across Copenhagen and Alicante

Professional Experience

Omada Current role

IT Director (2021–Present) · IT Manager (2018–2021) · IT Specialist (2016–2018) · October 2016 – Present

Progressed from IT Specialist to IT Director, leading IT operations, infrastructure, cloud, and security for a global SaaS vendor in Identity Governance.

Team4 people · CPH + Alicante Compliance5× ISO 27001 · 3× SOC 2 Type II ScopeGlobal SaaS · cloud-first
  • Architected and delivered the move from hybrid infrastructure to a cloud-first operating model on Microsoft Azure, ending on-premises server dependency across all locations.
  • Drove infrastructure modernisation, including Hyper-V platform improvements and scalability initiatives.
  • Implemented key security and identity controls: Conditional Access, MFA, Intune Security Baselines, Azure AD / Entra ID, and Omada Identity Cloud.
  • Owned all IT controls across five consecutive ISO/IEC 27001 recertifications and three SOC 2 Type II audits, with zero critical findings across 5 years of continuous certification.
  • Hands-on contributor to annual penetration testing programme, coordinating remediation and reporting in close cooperation with CISO in support of ISO 27001 and SOC 2 compliance cycles.
  • Rebuilt the internal helpdesk function. NSAT scores have stayed above 98% year on year.
  • Rolled out a global SASE platform with Cato Networks for secure, optimised access across all locations.
  • Led and coordinated a distributed 4-person IT team across Copenhagen and Alicante.
  • Set up Azure cost governance, covering budget alerts, tagging strategy, cost allocation, reserved instance decisions, and rightsizing, with regular reporting to finance and leadership.
  • Manage the ~300-seat Microsoft 365 tenant including Exchange Online, Intune, Entra ID, and Defender. Responsible for tenant-level security policy, identity configuration, and service continuity.

Tech Stack: Microsoft Azure · Hyper-V · Azure AD / Entra ID · Microsoft Intune · Conditional Access · MFA · Omada Identity Cloud · Cato Networks · Windows Server · PowerShell · SASE · ISO/IEC 27001 · SOC 2 Type II

Cryptomathic

IT Operations / Infrastructure · January 2015 – September 2016

Managed IT operations and support for the Aarhus HQ and satellite offices in Cambridge, Munich, and San Jose.

LocationAarhus HQ + Cambridge, Munich, San Jose FocusIT operations · infrastructure · migrations ScopeMulti-office, international
  • Led migration from on-premises Exchange to Microsoft 365.
  • Oversaw implementation of new infrastructure, including Hyper-V hosts and SAN storage.
  • Rebuilt the test environment on VMware.
  • Rolled out a Meraki MX-based VPN solution to strengthen secure connectivity across offices.

Tech Stack: Microsoft 365 · Hyper-V · VMware · SAN Storage · Meraki MX · Windows Server · Active Directory · DNS · DHCP

Systematic

Infrastructure Support Consultant · August 2013 – December 2014

Supported the IT infrastructure for the Admiral Danish Fleet in a high-security environment near Marselisborg, Aarhus.

EnvironmentHigh-security · Danish Navy ClearanceActive Danish security clearance FocusMission-critical infrastructure support
  • Held active Danish security clearance. Supported two mission-critical naval systems and contributed to the full reconstruction of IT infrastructure on HDMS Esbern Snare.
  • Worked in a high-security environment supporting the Admiral Danish Fleet near Marselisborg, Aarhus.

Tech Stack: Windows Server · VMware · Cisco networking · Secure VPN · Backup and Recovery Systems · ITIL-based processes

Earlier Career

Plougmann Vingtoft  •  IT Support / Infrastructure  •  Dec 2006 – Jul 2013
Responsible for helpdesk, user administration, and infrastructure maintenance. Improved internal processes and contributed to infrastructure roadmap initiatives.

T-Systems / Jensen Consulting  •  Installation Consultant  •  Jan 1999 – Nov 2006
Long-term client engagements in IT operations, rollout, training, and end-user enablement. Key clients included Maersk Logistics, DSB S-tog, Ferring Pharmaceuticals, and Nokia Danmark.

Core Competencies

Leadership & Operations

Run IT operations as a function: team, budget, vendors, service quality, and reporting up to the business. Comfortable building and leading small teams that carry a wide scope.

Cloud & Infrastructure

Design and operate cloud-first environments on Microsoft Azure and Microsoft 365. Hands-on with virtualisation, migrations, endpoint management, and ongoing cost governance.

Security & Compliance

Own the security controls behind ISO/IEC 27001 and SOC 2 certification. Practical experience across policy, hardening, penetration testing, remediation, and audit preparation.

Identity & Access

Long background in Microsoft identity: Entra ID, Active Directory, Conditional Access, PKI, and MFA. Extended into governance with Omada Identity Cloud for access lifecycle and compliance.

Networking & Remote Access

Designed and rolled out global secure access on Cato Networks SASE. Comfortable with network decisions across multi-site, multi-country setups.

Delivery Style

Structured and hands-on. I prefer to fix the problem myself rather than hand it on, and I am still as comfortable in PowerShell as I am presenting to leadership.

Kenneth Tiemroth

About Me

Outside of work, I live in Snekkersten north of Copenhagen with my wife, two kids, and our beagle Balder. When I'm not keeping infrastructure running, you'll usually find me near the coast, in the forest, out on the water, or at a music festival or concert.