// La Vergne, TN · Open to Remote

Josh Baker

IT Infrastructure Analyst managing endpoints, identity, and automation across enterprise environments. CompTIA A+, Net+, Sec+, Project+, and Salesforce Certified. Seeking fully remote IT roles.

View My Work LinkedIn ↗

Background

About Me

I'm an IT Infrastructure Analyst managing the full endpoint lifecycle, identity infrastructure, and environment automation across a multi-site manufacturing environment. My day-to-day spans Active Directory, Entra ID, Intune/Autopilot, Hyper-V, Veeam, and PowerShell — from provisioning workstations to building automation that turns hours of manual work into minutes.

I've cut endpoint deployment time from ~6 hours to ~30 minutes wall-clock using Autopilot White Glove pre-provisioning, maintained ~87% patch compliance across 253 Nashville endpoints, and authored 36 SOPs that standardized IT operations across two sites. I hold CompTIA A+, Network+, Security+, and Project+ certifications plus a Salesforce Certified Associate, with MD-102 currently in progress.

265 Managed Endpoints

36 SOPs Authored

87% Patch Compliance

6h→30m Deploy Time

Technical Stack

What I Work With

Identity & Access

Active Directory Entra ID LAPS Group Policy MFA Conditional Access RBAC

Endpoint Management

Intune Autopilot White Glove Endpoint Central MDM PXE Imaging App Packaging

Infrastructure

Hyper-V Veeam B&R Windows Server DHCP/DNS Active Directory DS

Networking

Juniper VLANs pfSense TCP/IP Switching Structured Cabling

Automation

PowerShell CSV Automation .reg Config AD Automation Task Scheduler Bulk DHCP Ops

Cloud & Productivity

M365 Azure AD Exchange Online Teams Admin SharePoint Admin

Built & Delivered

Projects

Windows 10 → 11 Fleet Migration

Migrated 100+ production desktops to Windows 11 across a live warehouse environment. Pivoted mid-rollout from PXE to USB imaging after a domain change — zero warehouse downtime throughout.

Windows 11 PXE Imaging USB Imaging Endpoint Central

Autologin Credential Rotation

Scripted same-day response to a 15-character password policy change across 201 autologin endpoints — generated passwords, pre-staged REG files, CSV-driven AD resets. ~13 hours of manual work completed in under 1 hour.

PowerShell AD Bulk Ops Registry CSV Automation

AD Group Compliance Engine

PowerShell script that audits AD group memberships against defined policy and auto-remediates drift across the CT domain. Eliminates the manual review cycle entirely.

PowerShell Active Directory Automation

Multi-Site AD Domain Migration

Participated in a Virginia-to-CT Active Directory domain migration spanning multiple sites — no user-facing interruption. Coordinated endpoint re-enrollment and identity cutover across the production environment.

Active Directory Entra ID Intune Multi-Site

Memphis Client Launch Response

Drove hardware on-site and cleared 3 simultaneous blockers — unauthorized VM clone, static-IP printer conflict, missing scanner hardware — before a client go-live. Full operations restored within 6 hours.

On-Site Support Hyper-V Networking Hardware

Veeam Backup & Replication

Administers daily Veeam B&R jobs across the Nashville site on a 24-hour RPO. Self-studying enterprise deployment patterns, job configuration, and DR strategy in homelab alongside production exposure.

Veeam Hyper-V Backup/DR 24-hr RPO

DHCP Reservation Automation

PowerShell script to bulk-rename and reconcile DHCP reservations across the environment, enforcing consistent naming conventions at scale via RSAT without manual intervention.

PowerShell DHCP RSAT Networking

Homelab Infrastructure Stack

Self-built lab running pfSense (VLAN segmentation, IP Passthrough), Hyper-V, and an Ubuntu server hosting Docker containers — Nginx, Cloudflare Tunnel, Plex, and a Prometheus/Grafana monitoring stack. Used for hands-on testing outside production.

pfSense Hyper-V Docker Prometheus/Grafana Ubuntu Server

Credentials