Josh Askew

Systems & Cloud Engineer

Securing, automating, and optimising modern IT environments

About Me Get In Touch
Josh Askew

About Me

I got into computing through video games, starting with modding Minecraft, running my own server, and building Discord bots. That led me into troubleshooting, scripting, and understanding how systems actually work. I studied Computer Science at GCSE and A level, along with a Cambridge Technical in IT, before starting my career as an apprentice at a local MSP.

After finishing my apprenticeship at an M365 MSP, I quickly moved up to Service Desk Lead before stepping back to 2nd Line Engineer whilst getting security cleared for my current role. Now I work in a secure confidential role, handling Microsoft 365, Intune, and Azureβ€”tenant hardening, Conditional Access, MFA rollouts, device management.

I care about fixing problems properly, not just closing tickets. Designing and rolling out new systems, like Intune or Apple Business Manager across an organisation, is the work I enjoy most. Outside work, I run a homelab that keeps me hands-on with new tech, infrastructure management and programming.

πŸ“ Harrogate, UK
πŸ’Ό Confidential
πŸ•’ GMT (UTC+0)

Certifications

Industry-recognized credentials and qualifications

πŸ”
SC-900
Microsoft Security
Fundamental understanding of security, compliance, and identity across cloud-based and related Microsoft services.
☁️
AZ-900
Microsoft Azure
Foundational knowledge of cloud services and how those services are provided with Microsoft Azure.
☁️
Cloud Ess+
CompTIA
Essential cloud computing principles and concepts, covering business and technical advice.
πŸ”§
CompTIA A+
CompTIA
The industry standard for establishing a career in IT, covering hardware, software, and troubleshooting.
πŸŽ“
Level 3 Apprenticeship – ICT
Distinction
Advanced level qualification covering broad aspects of Information and Communication Technology.
πŸŽ“
Cambridge Technical in IT
Distinction*
During my time at Sixth Form, I studied the OCR course for a Cambridge Technical Extended Certificate in IT. I scored the best possible grade in every module, ending with a Distinction*.
πŸŽ“
Computer Science
A-level & GCSE
Computer Science at both A-level and GCSE during my time at secondary school.

Projects & Work

Enterprise deployments, security implementations, and personal projects

Professional
πŸ”

M365 Tenant Setup & Securing

Full Microsoft 365 tenant configuration with security hardening, Conditional Access policies, MFA enforcement, and compliance frameworks for secure public sector requirements.

Microsoft 365 Azure AD Conditional Access Security
Learn more

What I Built

  • Complete tenant hardening following Microsoft security baselines and NCSC guidance
  • Multi-layered Conditional Access policies covering device compliance, location, and risk-based access
  • Enforced MFA across all users with phishing-resistant methods
  • Implemented DLP policies and information protection labels

The Challenge

Building a secure M365 environment from the ground up for a public sector organisation with strict compliance requirements whilst maintaining usability for end users.

Impact

Achieved Cyber Essentials Plus certification and established a robust security posture that enabled secure remote working across the entire organisation.

Professional
πŸ›‘οΈ

Cyber Essentials Plus Certification

Led organizational Cyber Essentials & Cyber Essentials Plus certification process, implementing required controls, security policies, and documentation to achieve NCSC accreditation.

Cyber Essentials Compliance NCSC Security Policies
Learn more

What I Delivered

  • Gap analysis against CE requirements and remediation planning
  • Firewall configuration and network segmentation
  • Secure configuration of user devices and servers
  • Access control policies and user account management
  • Malware protection deployment and monitoring
  • Patch management processes and documentation

The Process

Managed the entire certification journey from initial assessment through to successful external audit, including policy creation, technical implementation, and staff training.

Professional
πŸ“±

Intune Enterprise Management

Enterprise-scale Intune deployment managing 500+ devices with automated provisioning, compliance policies, app deployment, and security baselines.

Intune Autopilot MDM Compliance
Learn more

Implementation Scope

  • Windows Autopilot zero-touch deployment for all new devices
  • Apple Business Manager integration for iOS/macOS management
  • Configuration profiles enforcing security baselines
  • Automated app deployment and update management
  • Compliance policies with automated remediation
  • BitLocker encryption management and key escrow

Results

Reduced device provisioning time from days to hours, improved security posture with 100% compliance, and established a scalable framework for device lifecycle management.

Professional
🎧

Service Desk 2nd Line Support

Led 2nd line support operations handling complex escalations, system improvements, and resolution tracking with focus on root cause analysis.

Service Desk Escalations ITSM Process Improvement
Learn more

Key Responsibilities

  • Handling complex technical escalations requiring deep Microsoft 365 and Azure knowledge
  • Root cause analysis to prevent recurring issues
  • Mentoring 1st line staff and creating knowledge base articles
  • Improving internal processes and documentation
  • Liaising with vendors for critical issue resolution

My Approach

When users report issues, I dig into the root cause and implement permanent solutions rather than quick workarounds.

Personal
🎬

Media Server Infrastructure

Self-hosted media server with automated content management, transcoding, and remote access built on Docker with reverse proxy and SSL.

Docker Linux Nginx Automation
Learn more

Tech Stack

Docker containers, Nginx reverse proxy with SSL certificates, automated backups, and monitoring. Remote access via secure VPN with hardware transcoding support for optimized streaming.

Personal
🌐

Self-Hosted Site & Services

Complete self-hosted infrastructure including this portfolio site, custom domain management, email hosting, and various web services.

DNS Email Hosting Web Hosting SSL/TLS
Learn more

Services Running

Custom web server, email with SPF/DKIM/DMARC, automated SSL renewal via Let’s Encrypt, DNS management, and monitoring stack. Full control over my data and infrastructure with proper security hardening.

Skills & Technologies

Enterprise cloud platforms, security tools, and automation

Microsoft Cloud & Security

☁️
Microsoft 365
πŸ“±
Intune
πŸ”
Azure AD
πŸ›‘οΈ
Conditional Access
πŸ–₯️
Azure Virtual Desktop
πŸ”’
MFA
πŸ“‹
Compliance

Automation & Scripting

⚑
PowerShell
πŸ”„
Azure Automation
🐍
Python
πŸ”§
Bash

Infrastructure & Homelab

🐧
Linux
🐳
Docker
🌐
Networking
πŸ“Š
Monitoring

Get In Touch

Open to consulting, collaborations, and technical projects

mail@jaskew.uk
πŸ•’ Currently in Harrogate, UK (GMT)

© 2025 Josh Askew. Securing and optimising modern IT infrastructure.