Thor Draper Jr Operator notes on technology, leadership, AI, and the long game
career

Performance Narrative: Oct - Apr

May 8, 2026 3 min read
careerperformanceleadership

I have always heard the same line from customers, partners, and interviewers: specifics win.

"Reduced deployment time by 37%." "Improved adoption by 18,000 MAU." "Closed $4.2M in influenced revenue." "Delivered 14 executive briefings."

The problem is I have only ever written these things up internally. The Connect tool, my manager 1:1 doc, the FY plan -- that is where the specifics live. None of it ever leaves my Microsoft tenant, which means none of it shows up when someone is trying to figure out what I actually do.

This post is my attempt to fix that. It is a public-safe version of my mid-year performance narrative -- October through April -- structured around the same three prompts the Connect tool asks me to answer, with customer-identifiable details scrubbed.

Performance Narrative

Thor Draper Jr

Sr Security Solution Engineer · Health & Life Sciences

Lvl 64 Oct 2025 - Apr 2026 7 months
Quota

Exceeded quota across all four revenue buckets.

Impact is what you accomplish - and how you do it matters just as much.

What

Results delivered against goals, with security, quality, and AI in mind.

How

Behaviors and actions that helped me, my team, and Microsoft excel, grow, and build trust.

Reflect on the past

I
Prompt I

What results did you deliver, and how did you do it?

Measurable outcomes for current priorities. Contributions to security, quality, and AI. Behaviors that demonstrated the culture.

The defining work of this half was platform displacement: moving customers off fragmented third-party stacks and onto a Microsoft security platform they could actually operate. The biggest of those was an eight-figure-TCV E5 step-up at a regional health system, where the play reframed the deal around operational efficiency, cost overlap, and security outcomes we could prove. Two more followed the same pattern. A mid six-figure Defender Experts for Hunting expansion at a multi-state health system, anchored in their SOC transformation roadmap. And a seven-figure Entra ID Governance opportunity in a regulated environment, where I led stakeholder alignment to displace a legacy IAM tool with a lifecycle management, Verified ID, and workflow-integrated identity vision.

Underneath the deals was a Perform motion that earned the right to those conversations: landing the E5 step-up, executing competitive CIR/DART wins across several large health systems, and delivering an on-the-fly ESA during a renewal pressure cycle. The Transform side compounded it. My flagship contribution this half was the ATS Security Enablement series. It started as an idea about driving a sales campaign toward ACR and grew into an executive-sponsored program that helps account teams turn Microsoft's security and AI story into practical customer conversations, especially around agentic AI, identity, governance, and risk. The sessions are forums for translating complex platform capabilities into language a customer can act on. The motivation is simple: make security an accelerator for AI adoption instead of a blocker. Alongside it I authored and delivered the AI Red Teaming workshop that two regional user groups picked up and ran with their own communities.

The "how" is where I want this to land. None of these were solo wins. The E5 step-up took months of weekly co-selling with the account team, and the DEX expansion only worked because I got out of the way and let the customer's SOC leader carry the narrative back to their own executives. I leaned hard on the work of others, too. I built on the Sentinel data lake strategy coming out of product and field leadership to support a competitive takeout that doubled a customer's ingestion commitment, and I partnered on a bi-weekly cadence with GBBs, CxEs, and CSU to translate frontier-customer incubation signals into field execution. I also joined the HLS Momentum Program this half to develop deeper sales acumen and grow my network with AEs, SSPs, and executives, because the long-term version of this role is bigger than the deals I close myself; it is shaping the motions others close. The pattern I am most proud of: every deal above has at least one named teammate whose contribution is load-bearing, and every enablement asset I shipped is something another SE can run without me in the room.

Supporting evidence specific, scrubbed wins
I
Key accomplishments

Wins that contribute to the team, business, and customer impact.

Eight-figure TCV Seven-figure billed - tens of thousands of seats

Regional health system

Led the shift from a fragmented stack (third-party email and endpoint) to a unified Microsoft platform. Reframed the deal around operational efficiency, cost overlap, and improved security outcomes.

Entra SuiteM365 E5Defender
Mid six-figure DEX hunting expansion

Multi-state health system

Secured a Defender Experts for Hunting opportunity by partnering with account leadership on a SOC transformation initiative. Shaped the customer DEX strategy and aligned hunting capabilities to their threat detection priorities.

DEXSOC modernization
Seven-figure Modern IAM displacement

Health system in a regulated environment

Advanced an Entra ID Governance opportunity to displace a legacy IAM tool. Led stakeholder alignment across IAM teams and shaped the vision for lifecycle management, Verified ID, and EHR-integrated identity workflows.

Entra ID GovernanceVerified ID
II
Lift for others

Contributions to the success of teams and field around me.

Multi-part series AI-Transformation security enablement

Field enablement (HLS Americas)

Created and led a security enablement series to help account teams confidently bring security into AI conversations - anchored in identity and real customer scenarios. Also presented on the SE&O call with a practical technique for delivering on-the-fly ESAs.

EnablementAI security
Regional groups AI Red Teaming workshop

Two regional communities

Authored and delivered the AI Red Teaming workshop and extended it into regional user groups. Hands-on labs and CTF-style exercises bridged Security, AppDev, and Data/AI teams.

WorkshopCTFAI red team
Tech Community + GitHub red-team assets

Microsoft community at large

Translated this work into scalable assets - co-authored Tech Community content and contributed GitHub-based red teaming resources that enable repeatable AI security validation. Designed so other teams can pick them up and run them with their own customers.

ContentOpen source
III
Built on the work of others

Results that compound the ideas, motions, or assets of others.

Doubled commitment Sentinel data lake expansion

Health system on a competitive takeout

Built on the Sentinel data lake strategy from product and field leadership to support a competitive takeout motion. Helped the customer evaluate Sentinel against a third-party ingestion path and double their data lake commitment.

SentinelData lake
Bi-weekly cadence GBB / CxE / CSU partnerships

Frontier-customer incubation signals

Partnered with GBBs, CxEs, and CSU to surface incubation signals from frontier customers and present on bi-weekly SE calls - translating strategy into actionable field execution on Entra, A365, DEX, and CIR.

GBBCxEField execution
II
Prompt II

Reflect on recent setbacks - what did you learn and how did you grow?

Specific examples of setbacks, what I learned, and how I improved.

My biggest setback this year was a motivation one. I was assigned a 24-account quota, but I stepped in to help across roughly 60 once I picked up coverage for three additional sellers. I was pivotal on several of the largest closes of the year. The verbal credit was there. The comp credit was not, because I was running an overlay motion. That is a hard rhythm to keep up. Showing up at the same intensity for deals you are not getting paid on is a real motivation test, and there were stretches this half where I felt it. I also understand that org coverage changes, things stay flexible, and the help was the right call every time. I grew, because sixty accounts gives you sixty at-bats. I got exposure to deal shapes, customer archetypes, and SE peers I would not have seen on a 24-account year.

Plan for the future

III
Prompt III

How will your actions and behaviors help you reach your goals?

Connect day-to-day behavior to the longer-term goals in my career development plan.

My H2 goal is to graduate from "the SE who closes the deal" to "the SE who shapes the motion others close." That means three concrete behavior shifts. First, write earlier and write publicly. The one-pager habit from the setback above becomes the default operating mode - every customer engagement starts with a written position, and the strongest of those become Tech Community posts or GitHub assets that other teams can run. Second, multiply through enablement, not heroics. The AI Red Teaming workshop and the security enablement series both proved that a single well-shaped asset reaches more customers than a calendar full of 1:1 calls; H2 is about making more of those, with co-authors, and instrumenting which ones actually move pipeline.

Customer-identifiable details are anonymized. Numbers are estimated finishes for the Oct 2025 - Apr 2026 review window.

Why the Connect frame still works in public

Microsoft asks performance reflection in three prompts: two looking back, one looking forward. The looking-back pair -- "what results did you deliver and how did you do it" and "what setbacks did you learn from" -- is the part most performance reviews stop at. The looking-forward prompt -- "how will your actions and behaviors help you reach your goals" -- is the part that turns a status report into a plan.

I kept that exact shape on purpose. The dossier above is not a re-styled brag sheet, it is my actual answers to those three prompts, written for an external audience. The "what" lives in the prose. The supporting evidence -- specific motions, anonymized segments, and scale indicators -- is collapsed underneath as a drawer because I want the narrative to lead and the metrics to back it up, not the other way around.

The scrubbing rule

Before I let myself touch any of these numbers in public, I made a hard rule for myself:

If a customer can recognize themselves -- or be recognized by a competitor -- it does not go in.

So no customer names. No city names that are small enough to act as a giveaway. No quote attributions, no email screenshots, no Teams transcripts. Segment + scale only. "A pediatric health system" is fair. "A pediatric health system in {city}" is not.

The scale language itself -- TCV ranges, billed-revenue bands, seat bands, and quota summaries -- is reported at an aggregate level. I am not publishing customer-identifiable forecasts, I am publishing a scrubbed version of my own reflection.

What this is for

A few audiences I am writing this for, in order:

  1. Future me. Six months from now I will not remember the shape of this half as cleanly as I do today. The dossier is a save point.
  2. Hiring leaders and partners. If I ever sit on the other side of an interview table, this is the kind of artifact I would want a candidate to walk in with -- specific, structured, scrubbed.
  3. Peers. A few SE friends have asked me how I keep my Connect entries from sounding like a list of activities. The answer is to write the dossier first, then derive the entries from it. Activities live at the bottom of the stack. Outcomes live at the top.

I will be back in October with the next edition.