Caelan's Domain
About MeBlogKnowledge Base

Hello!

Caelan Drayer portrait

Nice to see you here. I am Caelan, a technology professional based in Vancouver.

Like many people in tech, I have been tinkering with it my whole life. From a very young age I was happily doing things like getting wacky Linux distributions running (cutting my teeth on things like LFS) to hosting my own services.

I spent my early years coaching competitive gymnastics (~10 years!), however when COVID came around it made that field of work a challenge. It was at this point I switched to working in tech.

Working at an MSP, I've worn many hats - with titles like Manager, Solutions Architect, Senior Systems Administrator/Engineer, Cloud Administrator/Engineer, Projects Engineer, Sales Engineer, Systems Specialist, all being appropriate. Engaging clients to discuss solutions, participating in RFPs, scoping out IT solutions of all shapes and sizes, deploying said solutions, taking escalations, resolving frustrations, managing & supporting staff, operationalizing processes, advising on risk, and more.

Have any questions? Need any assistance? Feel free to reach out — either via my LinkedIn or email at caelan@caelandrayer.ca
Check out my knowledge base!
I have been putting together some documentation — happy to share it with the world. Take a look (on the top bar) and see if anything helps you out.

If there is something you are curious about and would like some documentation on, let me know!

Highlights

I have delivered solutions across a wide range of technologies and business needs — from identity and endpoint to networking, cloud infrastructure, and security posture. I provide vCIO-level guidance and executive advisory to key accounts, bridging the gap between technical execution and strategic direction. I have covered just about every type of standard IT infrastructure you can think of, supporting everything from single-site SMBs to multi-region enterprise environments.

Modernization

  • 20+ organizations fully modernized — bringing every component of the IT environment up to current standards, from identity and device management to email, collaboration, and security posture
  • Microsoft Secure Scores at 80%+, with internal processes built to maintain them post-handoff — not just hit them once
  • Tenant hardening runbooks created and applied across 50+ Microsoft 365 environments, making secure configuration repeatable rather than bespoke

Operations

  • Inherited a projects department that was off revenue targets by 209% the previous quarter and brought billing back on track the next quarter
  • Consolidated a bloated tool stack into a standardized environment with meaningful cost savings, reworking the organization's entire tech stack (PSA, RMM, and more)
  • Consistently operated as both sales engineer and account manager on key accounts — the goal was client relationships that outlast individual projects
  • Consolidated alerting and monitoring across numerous platforms — backups, RMM, Azure, PSA, and more — into unified dashboards and actionable workflows
  • Evaluated, selected, and deployed CX platforms and ERP systems for clients

Compliance

  • Developed incident response plans (IRP), recovery time objectives (RTO), and recovery point objectives (RPO) for internal use
  • Assisted clients in building and refining their own IRP, RTO, and RPO documentation to meet compliance and business continuity requirements

Identity

  • Zero-trust identity with multi-factor authentication deployed for 1,500+ users, replacing perimeter-trust models with identity-driven access controls
  • Passwordless authentication at scale using FIDO2, PIV certificates, YubiKeys, and Windows Hello for Business, including configurations with Intune certificate connectors and an internal CA

Endpoint

  • CIS-compliant Intune UEM baseline built from scratch and packaged into a deployment runbook, applied across 25+ separate client environments
  • 1,400+ endpoints deployed across 30+ different environments with 90+ physical locations, all using Autopilot and the full Intune suite to standardize and simplify device management at scale
  • EDR/MDR tools selected and deployed alongside all the operational processes to ensure alerts and issues are actioned quickly and effectively

Infrastructure & Networking

  • Numerous client cloud environments designed and managed in Azure — virtual machines, networking, backup, automation, and monitoring
  • Full network stacks designed and deployed across 15+ unique multi-site environments — firewall, switching, WAP, VPN, DNS, DHCP, IPsec tunnels, SD-WAN
  • 10+ virtual desktop environments (Azure Virtual Desktop, Remote Desktop Services) deployed for clients requiring secure remote access to applications and data
  • 25+ physical server deployments, ranging from single-site hosts to multi-site environments, clusters, and beyond

Data & Collaboration

  • 20+ file share migrations to SharePoint Online, Azure Files, and NTFS — following AGDLP, RBAC, and least-privilege principles
  • 10+ Teams Phone Systems deployed to replace legacy PBX and on-prem telephony

AI

  • Built MCP servers that give the team AI-assisted access to ConnectWise Manage, ITGlue, and NinjaOne
  • Created cAgents — an open-source multi-agent orchestration framework for Claude Code / Cowork, enabling coordinated AI workflows across engineering, creative, and business domains

Technology Stack

These are some of the tools and platforms I have directly worked with and am familiar with. This list is always growing with new technologies!

Solution Type Technology Stack(s)
Azure Subscriptions & Billing, Virtual Machines, VNET, VNG, VWAN, Storage Accounts, Automation Accounts, Log Analytics, App Services, Key Vault, Azure Functions, Azure Backup, Azure CLI, ARM Templates
Identity Providers & Protocols Entra ID, Active Directory, Entra ID Domain Services, OAuth, SAML, OIDC, SCIM, LDAP, Kerberos
Virtual Desktops Azure Virtual Desktop, Remote Desktop Services, Remote Desktop Gateway
Identity Solutions & Security Multi-Factor Authentication, Privileged Identity Management, Privileged Access Management, Just-In-Time Access, Identity Access Management, Single Sign-On, Network Policy Server, Conditional Access, FIDO2/Passkeys, Certificate-Based Authentication
Email Solutions & Security Microsoft Defender for Office 365, SPF/DKIM/DMARC, Exchange Online, Quarantine, DLP, Purview
Endpoint / UEM / MDM Solutions & Security Intune, Group Policy, Registry, Autopilot, LAPS, BitLocker, Windows Update for Business, WSUS, Compliance Policies, App Protection
Network Security Solutions pfSense, Meraki, SonicWall, Sophos, Ubiquiti, FortiGate, IDS/IPS, DNS, IPsec, VPN, SD-WAN, VLAN, NAC, 802.1X, WireGuard, RADIUS
EDR / MDR Solutions Blackpoint, SentinelOne, Microsoft Defender, SOAR, SIEM
RMM Tools LabTech, ScreenConnect, TacticalRMM, RustDesk, NinjaOne
Web Hosting Linux, Reverse Proxies, WordPress, Apache, HAProxy, Caddy, nginx
Data Hosting & Access Solutions SharePoint Online, File Shares, Azure Files, OneDrive, Azure Blob, NAS, DFS
BCDR Azure Backup Suite, Axcient, SkyKick, Veeam, Datto
Microsoft 365 Suite Defender, Purview, Exchange, Entra, Microsoft 365, SharePoint, Power Platform, Teams, Intune, Planner, Bookings, Forms
Data Loss Prevention Microsoft Purview
Automation PowerShell, Microsoft Graph, Bash, Python, Azure CLI, Power Automate, ARM/Bicep
AI Copilot, Copilot Studio, Claude, ChatGPT, MCP Servers, RAG
Virtualization Hyper-V, VMware, Proxmox, Docker, LXC
Monitoring Azure Monitor, Liongard, Zabbix, Grafana, Prometheus, NinjaOne