Ajay Angdembe

IT built for environments that don't blink: regulated, multi-site, 24/7. Identity, cloud, network, endpoint, and perimeter owned end-to-end. Master's in IT, CompTIA Security+ certified, seven years across healthcare, higher ed, and MSP, backed by a production homelab held to the same security bar.

System Administration

Ajay Angdembe

Education Experience

2026

CompTIA Security+Certified May 2026

2024

Technology & Digital Systems Manager

2023

MS Information TechnologyNetworking & Information SecurityMinnesota State University

2023

Network Support Specialist

2022

Desktop Support Specialist

2019

BSc (Hons)Networking & IT SecurityLondon Metropolitan University

2015

IT Consultant · Nepal

IT Systems & Network Professional · 2015 to Present

Ground-up IT build for a 4-clinic healthcare org. No centralized infrastructure, no identity controls, no documentation. One hire to design, build, and run the entire stack.

Cloud Migration

4 sites off legacy file shares to cloud storage with per-department access. Zero data loss, zero patient disruption.

Identity & Access

First identity baseline. 110+ staff from shared passwords to role-based access with tiered licensing.

Compliance

HIPAA and CARF without the controls. Built the policies, ran annual cyber insurance reviews, made compliance auditable.

Operations

Tribal knowledge to 30+ documented procedures. Repetitive work automated. 40-60% ticket reduction across all sites.

Ownership

4 sites · 300+ endpoints · $120K budget · 99.8% uptime · 24/7 regulated. Vendor selection, procurement, executive briefings all ran through one desk.

Healthcare HIPAA CARF Cyber Insurance Multi-Site 24/7 Ops Audit-Ready Identity-First

From Helpdesk to Cloud

CompTIA Security+ May 2026 NEW · CCNA 200-301 in progress · Target Aug 2026

MSP & Multi-Tenant Operations

• Tier 1-3 remote and onsite support across 120+ SMB clients in multiple industries
• 45-minute SLA target with 99.9% client uptime, full ticket lifecycle in ConnectWise
• Networking specialist role: firewall policy, AP, VPN, licensing across multi-tenant
• Break/Fix to Tier 1-3 escalation model, quarterly ATRs and DR drills

120+SMB Clients

99.9%Client Uptime

45 minSLA Target

Tier 1-3Support Stack

View MSP Experience →

IT Support & Endpoint Operations

• Tier 1-3 support across 300+ endpoints under strict SLA
• Autopilot, SCCM, MDT, Intune mass deployments and PXE imaging
• Trend Micro and Webroot endpoint protection, WSUS patch management
• Multi-platform fleet: Windows 10/11, Server 2012-2022, macOS, iOS, iPadOS, Android

Identity, Access & Security

• AD, Entra ID, Group Policy, and SSO across hybrid environments
• MFA, conditional access, RBAC for HIPAA-regulated staff
• Hybrid identity sync via Azure AD Connect, break-glass and trusted-location CA policies
• ZixEncrypt and Defender aligned to Zero Trust

Microsoft 365 & Cloud Infrastructure

• Full M365 tenant for 4 healthcare sites: E3/E5, Exchange Online, Teams, SharePoint Online, OneDrive
• Real-time monitoring of Defender, Entra ID sign-ins, ConnectWise
• DNS, DHCP, domain, file share ops on Windows Server

Backup, Recovery & Automation

• VMware vCenter/ESXi and Hyper-V virtualization, maintenance and recoverability
• Veeam, Acronis, Dropsuite backups with recovery testing
• DR playbooks rehearsed quarterly for realistic RPO/RTO
• PowerShell automation for provisioning and cleanup

Network & Wireless Engineering

• 6-segment VLAN architecture with 802.1Q trunking, L2/L3 switching, pfSense firewall rules
• SonicWall firewall management, Aruba and Cisco AP deployments, Avaya VoIP across 3 sites
• ISP failover coordination, site-to-site WireGuard tunnels, Suricata IDS for perimeter visibility

My Projects

Builds, writing, and videos. The work behind the resume.

Featured Build

Router-on-a-Stick Homelab

A 2024+ weekend build that mirrors enterprise patterns at home. Multi-VLAN segmentation, intrusion detection, VPN failover, and a documented kill-switch policy. Full architecture, switch and firewall manuals, and rack walkthrough live on the inner page.

Hardware Walkthrough Rack tour: cable management, patch panel, and physical layout.

View Full Architecture →

Active Lab

CCNA Lab

Hands-on Cisco IOS labs preparing for the Aug 2026 CCNA exam. VLAN configuration, trunk ports, inter-VLAN routing, and ACL exercises on Catalyst 3560 PoE 8 and Cisco 1900 series router.

Cisco Lab Gear Catalyst 3560 patch panel and 1900 router setup walkthrough.

Watch

View Lab Notes →

Active

Click

Research Articles

Original writing on networking, security, and the work behind the resume. First paper live: Privacy is a Property, Not a Feature: a privacy-first homelab on pfSense with dual-VPN failover, six VLANs, IDS, and a verified kill switch. More papers in the roadmap.

Read research →

Live Tool

Click

Find Jobs

Most H1B job seekers are applying blind. This changes that. A verified database of 65,000 employers, 3.7M+ approvals, 50 states + DC, built from 15 years of official USCIS data (2009 to 2023), organized by state and industry, cap-exempt orgs flagged. Paired with a complete search strategy and workflow.

Open the H1B Database →

Coming Soon

Personal Vlog

Tinkering with networks and electronics at the bench, books on the nightstand, food on the stove. Slow walks through the work and life behind it.

In production

Let's Work Together