Building Toward What's Next

From restaurants to infrastructure

Picture a restaurant. A networking tech is running cable while someone watches every move, asking what each port does and why the switch matters. Not another engineer. The general manager. That was me three years ago, and that moment rewired my career. I started building home labs after my shifts, teaching myself the systems I'd spent years walking past. When a former colleague saw my name on a help desk application, he vouched for me without hesitation, zero IT experience and all. Three companies, 350+ users, and countless solved tickets later, I'm ready to move from fixing what's broken to building infrastructure that doesn't break.

Work Examples → Let's Chat Email
350+ Users Supported
2+ Years Experience
3 Companies
T1→T2 Career Growth

What I Bring to Your Team

Core Expertise

  • Microsoft 365 Admin
  • Entra ID / Azure AD
  • Active Directory
  • Exchange Online
  • PowerShell Automation
  • Windows 10/11 & Server

Expanding Skills

  • Linux Server Admin
  • Network Infrastructure
  • FortiGate Firewalls
  • Bash Scripting
  • Prometheus / Grafana
  • Azure Cloud Services

What I Deliver

  • Multi-tenant environments
  • Rapid incident response
  • Enterprise security focus
  • Process documentation
  • Cross-platform support
  • Automation mindset

Experience

Technology Delivery Specialist | Tier 2

Pretium Enterprise Services
2025 - Present
  • Resolve 10-15 escalated tickets daily across identity, endpoint, and access issues, maintaining 99% SLA compliance and consistently ranking top 3 on team for resolution speed
  • Deliver IT onboarding presentations for new employees covering SSPR, VPN setup, MFA enrollment, password policies, and helpdesk contact procedures
  • Restored employee system and network access by using privileged access management tools to retrieve admin credentials, diagnosing failed services, and implementing fixes that returned users to productivity within 15 minutes
  • Audited AD permissions for access requests, identifying overprivileged accounts and coordinating with data owners to tighten access across file shares and applications
  • Resolved printer scan-to-file failures by identifying DNS name resolution issues and reconfiguring scan paths to use IP addresses, including setting up service accounts with proper permissions for network folder access
  • Guided remote users through Intune MDM enrollment without line-of-sight access to their devices, verbally walking non-technical users through profile installation and compliance verification to enable secure access to corporate apps
  • Diagnosed Windows 365 Cloud PC failures across two distinct issue types: traced provisioning failures through the license → Entra ID group → Intune policy scope dependency chain to identify missing group assignments; separately resolved authentication failures by pulling AAD Operational logs from Event Viewer on the local device (Event IDs 1097 & 1241), confirming corrupted TokenBroker cache as the source of HTTP 400 errors during msrdc login

IT Support Specialist | Tier 2

ZenGuard (MSP)
2024 - 2025
  • Supported 350+ users across multiple client environments in fast-paced MSP setting, independently resolving escalated issues while maintaining 99% SLA compliance across macOS, Windows, and Linux
  • Became team's Apple SME after previous admin departed, discovering broken ABM-Addigy token was blocking zero-touch enrollment. Obtained ABM admin access, restored MDM integration, reconfigured tenant enrollment profiles, and created documentation enabling team members to handle Apple device provisioning independently for 200+ devices
  • Troubleshot Hybrid Azure AD Join and Intune enrollment failures blocking Conditional Access, using dsregcmd diagnostics, Azure AD Connect sync verification, and MDM enrollment commands to restore device compliance and M365 access
  • Resolved mailbox capacity issues by connecting to Exchange Online via PowerShell and enabling auto-expanding archive, eliminating recurring storage warnings
  • Configured third-party print agent integration (WithoutWire) requiring static IP assignment, TCP/IP port configuration, and Windows service installation, creating SOP documentation for future deployments
  • Monitored Huntress security alerts and mitigated man-in-the-middle attack by identifying compromised session and revoking access before lateral movement
  • Developed PowerShell script to streamline printer deployment across 4-5 medical office locations (30-40+ printers), replacing manual network path entry with numbered selection menu and automated verification against Get-Printer output, reducing per-device setup time from 5+ minutes to under 1 minute
  • Diagnosed VPN authentication failures affecting 15-20 remote users returning "invalid credentials" errors despite valid AD accounts, traced issue through authentication flow to identify LDAP server misconfiguration, coordinated fix with infrastructure team to update DC targeting, restoring access same-day

Desktop Support Agent

Barrage Systems LLC
2023 - 2024
  • Resolved 8-12 tickets daily providing endpoint support across 200+ users, handling device setup, account provisioning, and Microsoft 365 onboarding
  • Pre-provisioned 10-15 devices weekly with Windows updates, VPN, and standard applications, saving new hires 3-5 hours of setup time and ensuring productivity on day one
  • Documented recurring issues in knowledge base, reducing repeat escalations for common problems

Always Learning

Live
Identity & Access Management

Enterprise SSO Implementation

Deployed forward authentication at the reverse proxy layer using Authentik + Active Directory. Built a reusable pattern that protects ANY web application, eliminating per-app credential management.

View detailed project breakdown →

Active Directory LDAP Authentik nginx Docker
Live
Infrastructure & Reliability

Backup Infrastructure Migration

Migrated from unreliable USB backups to Proxmox Backup Server with chunk-level deduplication. Achieved 100% backup success rate (from 60%) and 85% storage reduction.

View detailed project breakdown →

Proxmox PBS Storage Engineering NFS Linux
Live
Security & Hardening

SSH Hardening Implementation

Implemented enterprise-grade SSH hardening across 6 systems using Ed25519 key-based authentication and fail2ban intrusion prevention. 100% elimination of password-based attack surface with zero downtime.

View detailed project breakdown →

SSH fail2ban Ed25519 Linux
Live
Infrastructure & Observability

Monitoring & Observability Stack

Deployed full-stack observability across a 3-node Proxmox cluster. OS-level metrics, per-VM breakdowns via the Proxmox REST API, and a live-tested alerting pipeline routing to Discord.

View detailed project breakdown →

Prometheus Grafana Loki PromQL Docker Compose
WIP
Certification

RHCSA Preparation

Developing production-grade Linux system administration skills through hands-on labs and practice environments. Building toward Red Hat certification.

Linux System Administration Red Hat
"He never stopped asking questions. I knew that would take him somewhere."
Helpdesk Operations Manager (and former colleague)

I owe a lot to that moment. Still learning, still building.

Let's Chat
Austin, TX based · Always happy to chat about new opportunities.