Serve as the Subject Matter Expert (SME) for Microsoft Entra ID (formerly Azure AD), managing conditional access, app registrations, and lifecycle management.
Manage Azure resources, including VM maintenance, virtual networking, storage accounts, Azure Monitor, and cost optimization.
Execute the upgrade and maintenance roadmap for SQL Server environments, including Azure SQL databases.
Architect and maintain M365 services including Exchange Online, SharePoint, Teams, and OneDrive for Business.
Optimize M365 licensing, service health monitoring, and tenant-wide configuration management.
Implement Azure governance policies, resource tagging strategies, and subscription management best practices.
Design and maintain Microsoft Intune for all endpoints (Windows/Mac/Mobile).
Implement Windows Autopilot to achieve zero-touch provisioning for new hires.
Create remediation scripts to automatically fix common endpoint issues before they become tickets.
Design, implement, and maintain enterprise network infrastructure including switches, routers, firewalls, and wireless access points.
Monitor network performance and troubleshoot connectivity issues across on-premises and cloud environments.
Oversee Operations Technology (OT) systems, including building management systems, access control, and industrial network components.
Ensure proper network segmentation between IT and OT environments for security and operational integrity.
Hardening of the M365 environment using Defender for Endpoint, Defender for Identity, and Microsoft Defender for Cloud.
Manage vulnerability assessments and patch management strategies across IT, OT, and cloud systems.
Lead Disaster Recovery (DR) planning, documentation, and annual testing, including Azure Site Recovery implementation.
Implement and maintain network security controls including firewalls, Azure Firewall, Network Security Groups (NSGs), IDS/IPS, and network access control (NAC).
Manage M365 compliance features including Data Loss Prevention (DLP), retention policies, and eDiscovery.
Utilize PowerShell and Azure CLI to automate repetitive administrative tasks (user onboarding, reporting, bulk changes, network configuration, Azure resource deployment).
Act as the final point of escalation (L3) for complex technical issues that L1/L2 cannot resolve.
Mentor junior staff on modern IT practices, cloud architecture, and network operations.
Develop and maintain Infrastructure as Code (IaC) using Azure Resource Manager (ARM) templates or Terraform.
Requirements
3-5+ years in Systems Engineering or Administration with demonstrated cloud, network, and operations technology experience.
Deep expertise in the Microsoft ecosystem: Intune, Autopilot, Entra ID, Azure, M365 (Exchange Online, SharePoint, Teams), and Office 365 admin center.
Hands-on experience with Azure IaaS/PaaS services, Azure Active Directory (Entra ID), Azure networking, and hybrid cloud architectures.
Strong hands-on experience with enterprise networking: Cisco/HP/Aruba switches and routers, Palo Alto/Fortinet firewalls, wireless infrastructure, and SD-WAN solutions.
Familiarity with OT/IoT systems, building automation, and industrial network protocols (Modbus, BACnet, etc.).
Intermediate to Advanced proficiency in PowerShell is required; experience with Azure CLI and automation frameworks is preferred.