Hi, I’m Andrew.
I am a Strategic Technical Engineer currently working at Intrasystems LLC, an MSP serving multiple small to mid-size organizations. My main duties relate to technical engineering: taking escalated help desk tickets, adressing high-level technical concerns with clients, and working on projects as needed. I pride myself in my ability to take on anything I’m given, and that’s resulted in a diverse skill set. On any given day I can be solving an issue on a server, building security solutions, addressing IAM concerns, consulting on Entra infrastructure changes, etc. My main focus is Microsoft Modern Work, moving clients to utilizing Intune, SharePoint, Entra ID, and all of the tools that Microsoft brings to the table. I also serve as the administrator for two internal tools: Datto RMM and Keeper Password Manager. My responsibilites include onboarding new clients into Datto, managing a patch program touching over 4k endpoints, and ensuring that we maintain secure storage and access to customer credentials in Keeper.
I am also a student at Western Governors University, pursuing a B.S. in Cloud Computing (Microsoft Specialization), with an expected graduation of April 2026.
What I’m Working On
Right now, I am pivoting my career toward Cloud Engineering and DevOps. My current focus areas are:
- Azure Infrastructure: After obtaining the AZ-400 cert, my focus has turned to IAM and managing permissions across Azure and Entra ID
- Infrastructure as Code: Learning Bicep and Terraform.
- Identity: Managing Entra ID, Azure IAM, and Federation (like the setup of this website!).
- Python: Scripting and automation.
- Building CI/CD Pipelines This site is built locally and pushed to a private Github repository, which triggers a Github Actions build that pushes to an Azure Static Web App.
My Lab
I believe in learning by breaking things. My homelab currently runs:
- Windows Server & Ubuntu (Docker)
- Azure VMs spun up as needed to lab work-related issues
Future Lab Plans
I believe in long term strategic thinking. My lab roadmap includes:
- A Windows Server 2022 DataCenter host running HyperV attached to NAS storage
- A Raspberry Pi cluster for playing with K8s
- Managing my personal machines with Intune after aquiring a Microsoft Business Premium license
- Building a personal network with a Protectli firewall appliance running Opnsense and using Tailscale for my VPN Infrastructure
Offline
When I’m not breaking DNS records, I’m usually:
- Walking my dog, Pebbles.
- Reading Sci-Fi (John Scalzi and Andy Weir are current favorites).
- Lifting heavy things or long distance running.