Josh Askew – Systems & Cloud Engineer

Josh Askew

Systems & Cloud Engineer

Securing, automating, and optimising modern IT environments

About Me Get In Touch
Josh Askew

About Me

I got hooked on IT when I was 10, modding Minecraft and running my own server. That’s where I learned troubleshooting, networking, and how to actually read documentation. RegEdit, config files, hidden Windows features—it all started there.

After finishing my apprenticeship at an M365 MSP, I quickly moved up to service desk lead before stepping back to 2nd line engineer whilst getting security cleared for my current role. Now I work in a secure public sector environment, handling Microsoft 365, Intune, and Azure—tenant hardening, Conditional Access, MFA rollouts, device management.

What keeps me going? Seeing problems actually get fixed, not just closed. When I implement something new from scratch—like setting up Intune or ABM for an entire org—that’s what I’m here for. Outside of work, I run a homelab that keeps pulling me back into programming and experimenting with new tech.

📍 Harrogate, UK
💼 Systems & Cloud Engineer
🕒 GMT (UTC+0)

Certifications

Industry-recognized credentials and qualifications

🔐
SC-900
Microsoft Security
☁️
AZ-900
Microsoft Azure
🛡️
Cyber Essentials
NCSC
🔧
CompTIA A+
CompTIA
☁️
Cloud Ess+
CompTIA
🎓
Level 3 ICT
Distinction

Projects & Work

Enterprise deployments, security implementations, and personal projects

Professional
🔐

M365 Tenant Setup & Securing

Full Microsoft 365 tenant configuration with security hardening, Conditional Access policies, MFA enforcement, and compliance frameworks for secure public sector requirements.

Microsoft 365 Azure AD Conditional Access Security
Learn more

What I Built

  • Complete tenant hardening following Microsoft security baselines and NCSC guidance
  • Multi-layered Conditional Access policies covering device compliance, location, and risk-based access
  • Enforced MFA across all users with phishing-resistant methods
  • Implemented DLP policies and information protection labels

The Challenge

Building a secure M365 environment from the ground up for a public sector organisation with strict compliance requirements whilst maintaining usability for end users.

Impact

Achieved Cyber Essentials Plus certification and established a robust security posture that enabled secure remote working across the entire organisation.

Professional
🛡️

Cyber Essentials Certification

Led organizational Cyber Essentials certification process, implementing required controls, security policies, and documentation to achieve NCSC accreditation.

Cyber Essentials Compliance NCSC Security Policies
Learn more

What I Delivered

  • Gap analysis against CE requirements and remediation planning
  • Firewall configuration and network segmentation
  • Secure configuration of user devices and servers
  • Access control policies and user account management
  • Malware protection deployment and monitoring
  • Patch management processes and documentation

The Process

Managed the entire certification journey from initial assessment through to successful external audit, including policy creation, technical implementation, and staff training.

Professional
📱

Intune Enterprise Management

Enterprise-scale Intune deployment managing 500+ devices with automated provisioning, compliance policies, app deployment, and security baselines.

Intune Autopilot MDM Compliance
Learn more

Implementation Scope

  • Windows Autopilot zero-touch deployment for all new devices
  • Apple Business Manager integration for iOS/macOS management
  • Configuration profiles enforcing security baselines
  • Automated app deployment and update management
  • Compliance policies with automated remediation
  • BitLocker encryption management and key escrow

Results

Reduced device provisioning time from days to hours, improved security posture with 100% compliance, and established a scalable framework for device lifecycle management.

Professional
🎧

Service Desk 2nd Line Support

Lead 2nd line support operations handling complex escalations, system improvements, and resolution tracking with focus on root cause analysis.

Service Desk Escalations ITSM Process Improvement
Learn more

Key Responsibilities

  • Handling complex technical escalations requiring deep Microsoft 365 and Azure knowledge
  • Root cause analysis to prevent recurring issues
  • Mentoring 1st line staff and creating knowledge base articles
  • Improving internal processes and documentation
  • Liaising with vendors for critical issue resolution

My Approach

I don’t just close tickets—I fix problems properly. When users report issues, I dig into the root cause and implement permanent solutions rather than quick workarounds.

Personal
🎬

Media Server Infrastructure

Self-hosted media server with automated content management, transcoding, and remote access built on Docker with reverse proxy and SSL.

Docker Linux Nginx Automation
Learn more

Tech Stack

Docker containers, Nginx reverse proxy with SSL certificates, automated backups, and monitoring. Remote access via secure VPN with hardware transcoding support for optimized streaming.

Personal
🌐

Self-Hosted Site & Services

Complete self-hosted infrastructure including this portfolio site, custom domain management, email hosting, and various web services.

DNS Email Hosting Web Hosting SSL/TLS
Learn more

Services Running

Custom web server, email with SPF/DKIM/DMARC, automated SSL renewal via Let’s Encrypt, DNS management, and monitoring stack. Full control over my data and infrastructure with proper security hardening.

Skills & Technologies

Enterprise cloud platforms, security tools, and automation

Microsoft Cloud & Security

☁️
Microsoft 365
📱
Intune
🔐
Azure AD
🛡️
Conditional Access
🖥️
Azure Virtual Desktop
🔒
MFA
📋
Compliance

Automation & Scripting

PowerShell
🔄
Azure Automation
🐍
Python
🔧
Bash

Infrastructure & Homelab

🐧
Linux
🐳
Docker
🌐
Networking
📊
Monitoring

Get In Touch

Open to consulting, collaborations, and technical projects

mail@jaskew.uk
🕒 Currently in Harrogate, UK (GMT)