Enterprise Infrastructure Management
End-to-end ownership and administration of a full hybrid enterprise environment — covering network infrastructure, server virtualization, cloud identity, endpoint management, and Microsoft 365 services.
Overview
As Senior Network Administrator at a previous employer, I held end-to-end ownership of the entire IT infrastructure — from the physical network layer through to cloud identity and endpoint management. The environment was built on a pfSense firewall and UniFi switching/wireless stack, with a Microsoft-centric cloud platform including Entra ID, Intune, Exchange Online, and Microsoft 365, supported by on-premises Hyper-V and Ubuntu Server infrastructure.
This wasn't a single project — it was full operational ownership of a live enterprise environment, requiring simultaneous management across networking, virtualization, identity, endpoint, and cloud workloads while driving ongoing modernization initiatives.
Infrastructure Areas
Network Infrastructure
- →pfSense firewall management — rules, NAT, VPN (site-to-site and remote access), IDS/IPS
- →UniFi switching and wireless — VLAN configuration, inter-VLAN routing, access point management
- →DNS/DHCP administration across all sites
- →Network segmentation — corporate, server, guest, and IoT VLANs with firewall enforcement
- →Proactive monitoring, performance tuning, and capacity planning
Server & Virtualization
- →Hyper-V virtual machine deployment, configuration, and lifecycle management
- →Ubuntu Server administration — services, updates, security hardening
- →Veeam backup and disaster recovery — backup jobs, retention policies, restore testing
- →Hardware maintenance — physical servers, peripheral devices, and infrastructure upgrades
Identity & Access Management
- →Active Directory and Entra ID (Azure AD) administration in a hybrid identity environment
- →Conditional Access policies enforcing MFA, compliant device, and location-based controls
- →AD Connect sync management between on-premises AD and Entra ID
- →Windows LAPS deployment for local administrator credential management
- →Role-based access control, group policy, and OU structure management
Endpoint & Device Management
- →Intune MDM/MAM for Windows, iOS, and Android device management
- →Windows Autopilot zero-touch provisioning for new device deployment
- →Win32 app packaging and deployment via IntuneWinAppUtil
- →Sophos endpoint protection deployment and policy management
- →Apple Business Manager integration for iOS/macOS enrollment
Microsoft 365 Services
- →Exchange Online administration — mailboxes, distribution groups, mail flow rules
- →SharePoint Online management — site collections, permissions, and content migration
- →Teams administration — policies, calling, and governance
- →M365 licensing automation via PowerShell and Power Automate
- →Proofpoint email security integration and policy management
Automation & Scripting
- →PowerShell automation for user provisioning, reporting, and compliance enforcement
- →Microsoft Graph API integration for cross-platform device and user reporting
- →Power Automate workflows for administrative task automation
- →WPF-based GUI tools for helpdesk-facing provisioning workflows