Kieran Jacobsen

Information & Communications Technology

PowerShell Azure Automation security devops devsecops

Melbourne, Victoria, Australia

Kieran Jacobsen

Head of Information Technology at Telstra Purple. Microsoft MVP. Conference junkie and speaker. Gay 🏳‍🌈. He/Him.

Kieran Jacobsen (he/him) is the Head of Information Technology at Telstra Purple and a Microsoft MVP for Cloud and Datacenter Management. Kieran’s interests focus on automating processes and the integration of security processes within DevOps. Kieran describes himself as a jack-of-all-trades, and a keen explorer of technology. Kieran can be seen speaking at regular conferences including NDC Sydney, CrikeyCon and DDD Melbourne.

Kieran is the founder and maintainer of Planet PowerShell ( an aggregator of community written PowerShell content. Kieran writes on his blog Posh Security ( Kieran lives with his husband and cat in Melbourne, Australia.

Current sessions

Using GraphQL as a Secure Innovation Boundary and data-driven culture driver

Do these scenarios sound familiar?

* "It's hard to innovate; every time we want to access some data we need to talk to multiple teams and wait to get approval."
* "When we access our core data we need to wait for a time-constrained subject matter expert to help us out; the data schema of our core systems is hard to decipher without their help."
* "The easiest way for us to integrate with core systems is via the reporting replica databases, but now all of our systems are tightly coupled and we can't evolve our core systems."
* "Our systems integration landscape is a security nightmare, there is no cross-cutting authorisation or telemetry and we are using shared database credentials between systems that give full access to all the data."

As consultants, we've seen these problems occur commonly across multiple organisations. As it turned out, we were no exception either! We recently realised that these problems we've helped identify and solve for our customers were impacting our business, Telstra Purple, the largest Australian-owned technology services company. To address this, we took our learnings from multiple customer projects and applied them to our business. This involved using GraphQL to implement a Secure Innovation Boundary that we lovingly call Purple Graph!

In this presentation, we will describe how we went about pitching, prototyping, launching and operating Purple Graph. We will cover the learnings we've had along the way (technical and non-technical) and talk about the cultural change that we are starting to drive using this technology.

You'll leave this presentation with an understanding of the people, process and technology changes we were able to drive using this technology as well as our technical and non-technical tips to help you want to roll out a similar change to your organisation.

Panel: Career changers - the ideas, suggestions and people who influenced your career

Panel of industry professionals discuss the pivotal moments in their career including ideas, suggestions, advice and people that changed their career tragectory.
Hosted by:
Shiva Ford (Community Program Manager, Microsoft)
Natalie Yan-Chatonsky (Founder & CEO, Full Time Lives)
Kieran Jacobsen (Head of Information Technology, Telstra Purple)
Sarah Bowden (Microsoft, Sarah Bowden One Commercial Partner Director)
Amy Kapernick (Front End Dev, Evangelist, Dog Lover)

Bank Grade Security

Banks and financial services providers love to make some big claims when it comes to the security of their products and networks. The truth is, the phrase "bank grade security" has become an oxymoron. Many institutions have failed to implement basic security controls, least to keep ahead of security curve. Yet we continue to place considerable trust in them, and put up with security controls that are counter-productive, all to maintain the theatre of security.

This session will look at some of Australia's largest institutions. With simple tools we will make some of our own assessments on how well they secure their networks.

The Boring Security Talk

We all know that securing our applications is a necessity, but it can be incredibly boring. With time and budget constraints, we often focus on the more exciting security aspects and tools. In this talk, we'll be looking at some of the aspects to our application security that are often overlooked; the software we depend upon, CI/CD infrastructure, sending email and resolving DNS. Vulnerabilities here might not result in a newsworthy breach, yet they are still worth discussing and defending.

Past and future events

NDC Sydney 2020

11 Oct 2020 - 15 Oct 2020
Sydney, New South Wales, Australia

Microsoft 365 May 2020

30 Apr 2020 - 30 May 2020

NDC Sydney 2019

13 Oct 2019 - 17 Oct 2019
Sydney, New South Wales, Australia

DDD Sydney 2019

20 Sep 2019
Sydney, New South Wales, Australia

DDD Melbourne 2019

9 Aug 2019
Melbourne, Victoria, Australia

Global Azure Bootcamp - Melbourne

26 Apr 2019
Melbourne, Victoria, Australia

NDC Sydney 2018

16 Sep 2018 - 20 Sep 2018
Sydney, New South Wales, Australia

Global Azure Bootcamp Melbourne 2018

20 Apr 2018
Melbourne, Victoria, Australia