Andrew Jones

// IT Engineer  ·  MSP  ·  Infrastructure  ·  Homelab
Microsoft 365 Intune / Entra Active Directory pfSense Tailscale PowerShell Linux Docker Ansible CrowdSec
Profile

L2 IT Support Engineer at an MSP, working across Microsoft 365 administration, Intune endpoint management, Active Directory, and UniFi networking for multiple client environments. Day-to-day work covers system administration and helpdesk support with regular exposure to different client infrastructures.

Outside of work I maintain a home lab built around a Netgate 4200 running pfSense, with seven VLANs, multiple VPN implementations, and intrusion detection. I also manage a small fleet of Debian VPS servers with centralised monitoring and security tooling. What I encounter at work, I rebuild in my own environment to understand it properly. The result is tested documentation and practical knowledge rather than surface familiarity.

I publish technical documentation on this blog, maintain a public PowerShell script repository on GitHub, and use Obsidian for knowledge management.

Current Focus
  • pfSense firewall rules and network segmentation
  • Microsoft Defender for Endpoint P2 and Defender for Office 365 P2
  • Conditional Access policy design and migration from Security Defaults
  • PowerShell automation tooling for M365 and web services
  • Python for IT tooling and VPS administration
  • Self-hosted alerting with ntfy over Tailscale HTTPS
Experience
IT Support Engineer Oct 2025 – Present
Informal IT Ltd — London
L2 engineer providing infrastructure management and technical support across multiple client environments, spanning system administration, helpdesk support, and network troubleshooting.
  • Full remote deployment of 10+ machines for an accountancy firm including SAGE and IRIS application installation, migration, and server upgrades.
  • Multiple M365 tenant deployments with full DNS protections, DMARC / DKIM, and domain migrations.
  • Large scale network deployment site surveys.
Active Directory Entra ID M365 Intune Autopilot UniFi pfSense
IT Support Engineer Jan 2024 – Oct 2025
GMA Ltd — London
First and second-line technical support across hardware, software, and physical network infrastructure.
  • Resolved 1,700+ tickets with 95% first-contact resolution rate across 7 months.
  • Administered 100+ M365 tenants with Intune device management for 300+ endpoints including Macs.
  • Daily backup integrity verification across all clients using Veeam.
  • 3CX telephony system management and client support across the full business.
Autotask M365 / Intune Veeam 3CX PowerShell
IT Engineer Sep 2022 – Jan 2024
Testronic Labs — London
Network security, VDI implementation, and SharePoint integration. Physical network preparation for major expansion to Manila supporting high-value IP protection.
  • Architected company-wide SharePoint redevelopment.
  • Completed asset audit of 1,750+ devices over 12 months, integrated into a custom SharePoint site.
  • Deployed Parsec clusters and Azure VDI infrastructure with ongoing support for WFH testers.
  • Developed GPU pass-through solutions using Hyper-V integrated GPU parallelisation.
SharePoint Parsec Azure VDI Hyper-V VLAN CrowdStrike
Projects
ORION Home Lab
Netgate 4200 · pfSense · Seven VLANs
Enterprise-grade home network with full VLAN segmentation, WireGuard, IPsec IKEv2, and OpenVPN remote access. Suricata IDS, pfBlockerNG GeoIP and DNSBL. FreeRADIUS TOTP with Authentik MFA. Active Directory forest with Entra Connect Sync and Intune deployed to real hardware.
pfSenseWireGuardSuricataFreeRADIUSAuthentikHyper-V
VPS Infrastructure
OVH Debian · Ansible · Semaphore
Multi-server Debian environment with defence-in-depth security. CrowdSec blocking 53,000+ malicious IPs, Fail2ban, ntfy self-hosted alerting over Tailscale HTTPS, and Postfix SMTP relay through Microsoft 365.
AnsibleCrowdSecTailscalentfyPostfixDocker
IT-Scripts Toolbox
PowerShell · GitHub · iex launcher
Public PowerShell repository with an iex-compatible menu launcher for on-the-fly script execution from GitHub. Scripts cover Active Directory automation, M365 security posture reporting, Intune packaging, and device setup tasks.
PowerShellActive DirectoryGitHubM365

github.com/StoicTurk182/IT-Scripts
Skills
PowerShell90%
Microsoft 365 / Entra88%
Active Directory85%
Intune / Autopilot82%
pfSense / Networking78%
Linux Administration75%
Docker / Containers68%
Python55%
Education
Bachelor of Computer Science (2:2)
University of Wales Trinity St David  ·  2011–2014
HNC Mechanical Engineering (Merit)
Pembrokeshire College
HND Photographic Studies (Double Merit)
Havering College