6 Months: 24/7 Engineer

6 Months: 24/7 Engineer

July 2025

So, I am now 6 months into my new role at Krome Technologies, and I have to say it has really surprised me.

I honestly didn't think IT operations and support could vary that much from company to company, but it is quite a bit different to what I was doing at CloudTech24. In my last role, it was primarily cloud based, so everything was incredibly quick, dynamic and scalable. Whereas at Krome, there are a lot more on-premises type infrastructure systems to look after. But that is just it, there's more of everything, a lot more in fact. Because it's a much bigger company that the one I was working at before, there's more of everything to get stuck into. Don't get me wrong, I am still able to flex my M365 skills, but I have really enjoyed the challenge of getting my hands dirty and really learning about on-prem AD and who doesn't love working 5 VMs deep figuring out why a particular service cannot start on a mission critical sever at 4am. Also, this was my first time dealing with large scale virtualisation environments, primarily vSphere and Hyper-V, then having those have PRTG sensors installed on them to alert us if anything is going wrong. In my last place we had the luxury of DattoRMM (which in a nutshell is like RDP and PRTG rolled into one, and to be fair, having that backend access to systems really is second to none) which gave us direct access to a device but at Krome, because we look after the sites of these medium to large scale enterprises, we would have NAT rules that would allow us to access a JumpBox inside the environment, to then be able to RDP to whatever system we would need to access to, to fix whatever was going wrong.

Another big focus of my role is Palo Alto Firewalls. Again, not something I spent a huge amount of time on in my last role, but I am so glad I did my Network+ when I did! It really is a whole domain unto itself. The main thing I have learned about firewalls and networks is that their configuration CAN be similar from company to company but none of them actually are! You'll learn about the simplistic core principals and cornerstones of every network and then it'll be complicated 1000x with all the rules, objects, policies, tunnels, gateways, IKE cryptos, you get the picture. As of right now I think I am going to put myself forward to grab a certification or two in this domain as it really is interesting. Plus, everyone always loves a good network engineer!

One other aspect of this role, one that I really did not anticipate, was the cyber security part. It didn't really occur to me just how much security stuff I'd be doing. But now come to think about it, it makes complete sense. As a 24/7 Engineer, I am working when SOC is not, so naturally, when security incidents happen, I am on hand to respond. This can be anything from dismissing known expected, benign traffic (once confirmed to be expected and benign by reaching out to the end-user and sometimes their line manager), to physically blocking traffic or quarantining a device while we dive deeper to determine the risk and how to remediate the threat. I am also hurdling towards a DarkTrace certification as I type. Watch this space.

All in all, I would say the job move has been worth it, my commute is now a 5-minute walk through town, I am forever broadening my knowledge horizon with new technologies, systems and ways of working. The culture is good, and the people are great, plus we have a fully stocked beer fridge that is open on Fridays (and sometimes weekends ;P).

As for the HTB certifications I said I was going to be working towards in my spare timeā€¦ I have since pivoted away from that, from any further certs of that kind. I don't know exactly when or what the straw was that broke the camel's back, but I have since changed my entire approach to cyber and my career in general. I suppose all people must go through this at some point in their life where the thing you were chasing wasn't really what you even wanted, it just sounded cool. What I mean is (bold take incoming) cyber security is both redundant and critical at the same time. It is very niche and specific but then also affects absolutely everything tech. I will go into much more detail in a later opinion piece but what I am trying to say is that it really is not very hard to mitigate 99% of all malicious eventualities and ultimately, nobody wants to pay a pretty penny for the service. A good cloud engineer can fortify any M365 or Google environment with very limited knowledge. Simply set password policies, enforce 2FA and set specifically allowed sign in locations (like the UK), teach employees to not click phishing links, and even if they do, you can set Intune or MDM policies to patch end-user devices so that should they click a link and Defender doesn't spot it, the likelihood of that malware actually being able to exploit the system is very small. But even then, if they do manage to get into your patched system you have a much bigger problem, it is then likely that an active APT is targeting you. If that is the case, you are toast.

Instead, I am now seeing cyber security being included in every IT role out there. You don't have to be a SOC analyst or a Security Engineer to be in cyber anymore, and its great.

Now that I am finally realising this, I can focus on what is catching my eye at the moment. Cloud Engineering and Application Development. Essentially, I want to securely build, manage, maintain, cool websites and applications (and maybe even build a few of my own!).

Stay tuned and watch this space!