Available · cloud & security engagements

Cloud infrastructure, engineered to last.

I'm Shawn Tavares — a systems engineer building Azure, endpoint, and identity platforms for organizations that need them to actually work. Independent practice. No layers. No handoffs.

Explore the work Start a conversation
region · canadacentral status · accepting Q3 2026
noltec.infra · topology
live
Entra ID Intune Azure Endpoints
region
canadacentral
status
healthy
uptime
99.98%

/ why noltec

Enterprise IT is rarely broken.
It's just left half-finished.

Most environments don't fail because of bad tools — they fail because nobody owned the last 20%. Migrations stall. Policies drift. Endpoints diverge. Scripts hide under technician desktops.

Noltec exists to finish those last miles, then keep them maintained.

  • Half-migrated identity

    ADFS still answering SAML, Entra ID running alongside, conditional access blocked by legacy claims.

  • Drifting endpoints

    Intune policies competing with GPO, SCCM still pushing legacy installs, Defender baselines never enforced.

  • Audited, not hardened

    ASR rules untuned, certs nearing expiry, conditional access bypassed by old service accounts.

  • Manual everything

    The same console clicks every week, scripts that only one person can read, runbooks that haven't been touched.

/ how we help

Three engagements,
done end-to-end.

A small surface area, deliberately. Each engagement is scoped to a real production outcome — not a deck full of recommendations.

Microsoft 365 & Azure

Tenant architecture, Entra ID consolidation, Azure Virtual Desktop, hybrid identity — done correctly the first time and properly handed off.

Entra IDAzureIntuneM365AVD

PowerShell & Automation

If a task happens twice, it should run itself the third time. Graph-integrated tooling for provisioning, remediation, and reporting.

PowerShellGraph APIAutopilotSCCM

Security & Hardening

Defender ATP, ASR rules, conditional access, certificate infrastructure — engineered to a baseline you can prove, not a checkbox.

Defender ATPASRPKIConditional Access

/ featured infrastructure work

Where infrastructure decisions met production reality.

Endpoint

Endpoint Modernization

Transitioned endpoint management workflows toward modern cloud-first administration using Microsoft Intune, automation tooling, and centralized policy management.

Intune Autopilot Defender ATP PowerShell
Cloud Platform

Azure Infrastructure

Managed scalable Azure Virtual Desktop environments focused on identity integration, performance optimization, and operational reliability.

Azure AVD Nerdio FSLogix Entra ID
Automation

Automation Engineering

Developed PowerShell tooling to streamline technician workflows, Active Directory operations, and infrastructure support tasks.

PowerShell Graph API Active Directory SCCM

/ operating principles

Built on a decade of running production.

15+
Years Enterprise IT Experience
Azure / Intune / SCCM Expertise
Infrastructure Automation Focus
Security & Endpoint Hardening
Cloud Optimization & Governance

/ process

A predictable path
from messy to maintained.

  1. 01

    Discover

    Hands-on assessment of tenants, identity, endpoints, and the workflows that touch them. Findings written up plainly.

    ~ 1 week
  2. 02

    Architect

    A target state designed against your reality, not a reference architecture. Trade-offs surfaced before any change is made.

    ~ 1–2 weeks
  3. 03

    Implement

    Staged rollout with automation by default. PowerShell, Graph, and policy-as-config wherever it makes sense.

    scoped
  4. 04

    Operate

    Documentation, runbooks, and a handoff your team can actually use. Optional retainer for ongoing operations.

    ongoing

/ contact

Have a system that needs to actually work?

No forms. No chatbots. No discovery-call funnel. Send an email and you'll get a reply from the person who'd be doing the work.

shawn@noltec.ca LinkedIn GitHub