Index
005 / 2026
Section
Background
Practice
Systems Administration
Based in
Boston / NYC
Rich Dieu View LinkedIn →
Rich Dieu Systems Administrator & Infrastructure Engineer Founder · Rich Dieu IT Solutions LLC
LinkedIn →

Quiet systems.

§ Bio

An engineer who
keeps learning.

I’m a Systems Administrator & Infrastructure Engineer. I manage servers and devices, steward the cloud, automate the busywork, harden and secure endpoints, meet strict rules, and help users, all in one role.

Story

I work with teams that have strict rules, where uptime, clear notes, security, and careful change all matter. My role is to take messy systems and make them easier to operate, easier to keep safe, and easier to explain in an audit.

The work covers sign-in and zero-trust access, locking down devices, fixing security risks at scale, handling incidents, and keeping things in steady operation. I've led big patch jobs, rolled out threat tools across whole fleets, moved old lab gear off dead Windows without breaking the science, and built safe remote access that ended risky open ports for good.

What ties it together is simple: I won't ship work that only one person can operate. Every job ends with a runbook, a recovery plan, and a clear record the next person can read and use. Rules like NIST 800-53, Zero Trust, GxP, FedRAMP, and CMMC aren't the goal, they're the shared language that keeps the same problem from coming back next quarter.

I keep learning because the tech keeps changing. New rules, new sign-in tools, new threats. The plan stays the same: read the limits honestly, build for the audit you haven't had yet, automate what shouldn't be done twice, and write it all down for the person who comes after me.

Systems & Cloud

  • Managing systems and keeping them available
  • Cloud and mixed setups
  • Automation and clear notes

Security & Devices

  • Locking down and managing devices
  • Finding and fixing security risks
  • Handling incidents and escalations

Rules & Context

  • Audit proof and matching records to rules
  • Labs and big companies with strict rules
01

If it isn’t written down, it didn’t happen.

Every change ships with a guide the next person can operate from cold. No secrets stuck in one head.

02

Automate what shouldn’t be done twice.

Hand work piles up. Scripts and pipelines close tickets instead of making more of them.

03

Build for the audit you haven’t had yet.

Match records to the rules now, so audits are a normal day, not a fire drill.

04

Keep up or fall behind.

The tech keeps moving. New rules, new sign-in tools, new threats. Standing still isn’t a plan.

§ Trajectory

What I’ve been
building, in order.

A few roles from a career spent on regulated, high-stakes systems.

DevOps Engineer & Cloud Administrator · Regulated Compliance Software

Cloud · On-Prem · Collaboration Suite, Present
  • Manage hybrid Windows Server and desktop fleets across Azure, on-prem data centers, and Microsoft 365, with Conditional Access and zero-trust rules turned on.
  • Wire compliance platforms into both cloud and on-prem systems, secure VPN tunnels, Entra ID single sign-on, and control mapping, for enterprise, biotech, and energy clients.
  • Work managed detection and response (MDR) hands-on: triage Microsoft Defender alerts, escalate real threats, and help harden endpoints.
  • Handle incidents end to end in strict settings, R&D labs, energy and electrical sites, and systems that can’t go down.
  • Route everything through formal change control, so every action leaves a clear, provable record for audits.
  • Show up fast at data centers in an emergency: swap hardware, rebuild servers and networks, and recover business-critical systems.

Vulnerability Management Technician · Enterprise Patch Operations

Patch Deployment · SCCM · Intune · WSUS
  • Deploy operating system, application, and firmware patches across the enterprise fleet with SCCM, Intune, and WSUS, packaged and prepared to approved procedures.
  • Test patches in pre-production to catch compatibility or stability issues, then execute deployment in approved maintenance windows, evenings and weekends when needed.
  • Perform post-deployment checks to confirm patches applied cleanly, and investigate failures, conflicts, and rollbacks with system and application owners.
  • Coordinate patching with business and OT operations teams to keep downtime low, following the SLAs and approval workflows set by vulnerability management and security.
  • Document every step, runbook, and outcome, including failed and retried deployments, and hand auditors clear evidence of patch completion.
  • Maintain the patch-management tools, client agents, and server health, monitor deployment jobs, and help test new patching tech and process improvements.

Global Systems Administrator & Security · Pharmaceutical / MedTech R&D

Contract · Regulated R&D Infrastructure
  • Led behind-the-scenes fixes: hardened endpoints, cleaned up config drift, and cleared an inherited vulnerability backlog across GxP-regulated labs.
  • Built and ran desktop images for labs and R&D, giving scientists and engineers stable, secure, fast machines.
  • Managed identity and hybrid sign-in: Group Policy and Entra ID, Conditional Access, multi-factor auth (MFA), and secure workstation baselines.
  • Wrote Intune configuration profiles that lock machines down, speed up provisioning, and stop settings from drifting.
  • Automated patching, validation, and software installs with PowerShell, pushing SLA compliance up.
  • Ran upgrade and migration projects that cut downtime and sped up mission-critical lab machines.

Cybersecurity Engineer · Pharmaceutical Enterprise

Vulnerability Remediation at Scale
  • Cleared a large vulnerability backlog across Linux and Windows using enterprise scanners (Tenable/Qualys) and endpoint protection.
  • Automated fleet-wide patching with PowerShell scripts, cutting hand work a lot.
  • Ran cross-team remediation projects and owned risk tracking from start to finish.
  • Led containment and fixes side by side with the in-house SOC (security operations center).

Technical Support Specialist · Professional Services

Identity Reviews · Tier-3 Support
  • Reviewed federated identity access across business systems and pulled stale or over-broad grants.
  • Resolved hard Tier-3 endpoint and conferencing escalations on time.
  • Tracked endpoint health with analytics and wrote compliance reports for leadership.

Early Career, IT Support & Systems Roles · Progressive Enterprise & Clinical Support

Foundational Experience
  • Grew through IT support roles in healthcare, electronics, and creative work, fixing desktops and apps, imaging and deploying devices, provisioning accounts, and operating the ticketing system.
  • Trained newer support staff, wrote guides for users and the team, and worked with network teams on hard escalations.
  • Built core skills in Windows Server, Active Directory, Microsoft 365, and macOS, plus IT service management, that hold up my senior work today.
GxP
Validated lab, MedTech, and clinical systems under regulatory scrutiny.
Hybrid
Azure, on-prem data centers, and Microsoft 365.
Secure
Hardened endpoints, remediated risk, and audit-ready evidence.
§ Working with me

Bring the problem.
I’ll bring the plan.