IT Support Engineer with deep self-hosted infrastructure experience.
5+ years across SIDA-cleared transportation infrastructure, enterprise mobile deployments, and ServiceNow ITSM — paired with a production-grade self-hosted identity stack at home.
IT Support Engineer | Identity & Access — Boston, MA
Absalom Israel
I'm an IT support engineer based in Boston with a generalist background — hardware diagnostics, network troubleshooting, endpoint lifecycle, and end-user enablement in mission-critical environments including Logan International Airport.
Alongside the day job, I run a production-grade self-hosted infrastructure at home: identity providers (Authentik, Zitadel, Pocket ID), zero-trust network access (NetBird, Pangolin), credential management (Vaultwarden), and a Linux/Docker server fleet running 10+ services. The protocols and patterns are the same ones that underlie Entra ID and Okta — different vendor, same engineering.
I'm looking for an IT Support → Junior Sysadmin role in Greater Boston where I can own more of the stack and grow into Microsoft-environment administration. Comfortable in Windows-primary shops; Linux is what I keep for personal projects.
Core Competencies:
- Endpoint Support: Hardware diagnostics, BIOS/UEFI, imaging & secure wipe, Windows/macOS lifecycle.
- Identity & Access: Authentik, Zitadel, SAML/OIDC, MFA policy, LDAP integration.
- Networking: TCP/IP, DNS, DHCP, VPN, Zscaler, mesh VPN, physical-layer troubleshooting.
Open the complete PDF resume
See the full work history, technical specialties, and detailed experience in one place.
Open Resume PDFProfessional Experience
IT Support Engineer
- General IT support in a SIDA-cleared airport environment — first responder for hardware, software, network, and peripheral issues across Dell, HP, and Apple endpoints.
- Hardware diagnostics and break-fix: root-cause analysis on failing components, BIOS/UEFI and TPM configuration, vendor warranty coordination.
- Network troubleshooting: DNS, DHCP, VPN authentication, Wi-Fi, cable patching and port tracing, physical-layer switch and router work.
- Endpoint lifecycle: deploy pre-imaged devices, walk users through first-time sign-in, execute secure wipes via USB recovery before return-to-lot.
- Own incident lifecycles in ITSM tooling; meet client SLAs on high-priority tickets.
ServiceNow Analyst (Contract)
- Triaged high-volume ServiceNow ticket queues for a major Boston healthcare system; categorized and routed incidents to Level 2/3 engineering teams.
- Authored knowledge base articles and SOPs for recurring issues, reducing repeat escalations.
IT Engineer — Endpoint Deployment
- White-glove rollout of 900+ mobile endpoints — owned end-user onboarding: in-person device handoff, password setup, Outlook Mobile and VPN sign-in verification, and first-time-use validation.
- Captured device IMEIs and serial numbers for MDM decoupling; partnered with the MDM administrator on lifecycle escalations.
- Frontline troubleshooting during deployment cutover — resolved authentication, connectivity, and Zscaler/VPN profile issues on the floor.
- Maintained asset tracking databases with 100% accountability of deployed hardware.
Badging Specialist — Security Operations & Access
- Operated Identity and Access Management (IAM) workflows — credential issuance, physical access provisioning, and reconciliation of access tiers against HR records.
- Partnered with IT Security on compliance audits and onboarding/offboarding process improvements; reduced manual handoff steps.
- Authored training materials and mentored junior staff on access systems and security best practices.
Self-Hosted Infrastructure (Home Lab)
- Identity & access: operate self-hosted identity providers (Authentik, Zitadel, Pocket ID) — SSO via SAML/OIDC/OAuth2, MFA policy enforcement, policy-based access control, LDAP integration.
- Zero-trust network access: deployed NetBird mesh VPN and Pangolin identity-aware reverse proxy — eliminated open ports, bypassed CGNAT, enforced per-identity routing.
- Credential management: Vaultwarden for centralized secrets and MFA across all internal services.
- Mail infrastructure: Mailcow (Postfix/Dovecot) — domain management, MX/SPF/DKIM/DMARC, mailbox provisioning tied to the directory.
- Systems and automation: Debian/Unraid server fleet, 10+ Docker services, automated Bash/Cron backups with off-site replication, internal SSL/TLS PKI.
- Incident response: rebuilt the environment end-to-end after a confirmed endpoint compromise — segmented the network, hardened isolation policies.
Bridging IT support, identity operations, and self-hosted infrastructure.
I support enterprise endpoints by day and run a production-grade self-hosted identity stack at home — combining hands-on operational depth with modern protocol fluency.
Endpoint Support & Lifecycle
Identity & Access
Networking & Remote Access
Systems & Automation
ITSM & Compliance
Core Capabilities
Hands-on operational expertise across endpoint support, identity operations, self-hosted infrastructure, and scripting.
Endpoint Lifecycle & Support
Tier 2 support across Dell, HP, and Apple — hardware diagnostics, imaging, and end-user onboarding.
- Hardware break-fix and component-level diagnostics
- Imaging, secure wipe, and BIOS/UEFI configuration
- In-person device handoff and first-time-use validation
Identity & Access Operations
Self-hosted identity provider administration with the same protocols Entra and Okta run on.
- SSO via SAML, OIDC, and OAuth2
- MFA policy enforcement and audit logging
- LDAP integration and application provisioning
High-Security Environments
SIDA-cleared facilities, federal compliance, and structured ITSM operations.
- Federal security clearance protocols
- Mission-critical operational discipline
- Clean documentation and SOP authorship
Scripting & Automation
I write code when the tools don't exist yet — Bash, Python, PowerShell, and the occasional WordPress plugin.
- Bash and Python automation for self-hosted infra
- Open-source contributions (Jellyfin-WordPress plugin, TA-Organizerr)
- PowerShell fundamentals for Windows administration
Engineering Portfolio
Architecting resilient infrastructure through a blend of physical expertise and AI-accelerated automation.
Let's Connect
Contact
Want to discuss IT Support, Junior Sysadmin, or Identity & Access roles in Greater Boston? Reach out through whichever channel is easiest.
Direct Opportunities
Currently open to IT Support Engineer or Junior Systems Administrator roles in the Greater Boston area.
Generalist IT support background paired with deep self-hosted identity and infrastructure experience — ready to grow into a Microsoft-shop sysadmin role.
- On-Site or Hybrid (Greater Boston)
- IT Support → Junior Sysadmin track
- M365 / Entra environments welcome
Professional Networking
LinkedIn
The best place for networking regarding internal IT roles, corporate systems engineering, and long-term career growth.
Direct Communication
Email
Direct contact for discussing role requirements, technical assessments, or office-wide infrastructure projects.