Key skills
AzureCloudDNSTerraformVaultPowerShellAzure ADLoad BalancingCI/CDCommunication
About this role
Role Overview
Essential Responsibilities****Azure IaaS – Windows Server VM administration
- Provision, configure, and maintain Windows Server VMs in Azure, including sizing, performance tuning, disk/storage management, and availability planning
- Perform daily operational health checks (OS integrity, service availability, CPU/memory/disk trends, scheduled task/job success, and event log review)
- Troubleshoot Windows platform issues (services, certificates, networking, DNS, authentication, resource constraints) and coordinate resolution with stakeholders
Patch management & updates (Azure Update Manager)
- Own VM patching operations using Azure Update Manager (maintenance windows, classification-based patching, phased rollouts, restart coordination)
- Monitor patch compliance and remediate failed deployments and “no update data” scenarios
- Communicate scheduled maintenance to stakeholders and execute updates in a controlled, auditable manner
Backup & recovery (Azure Backup)
- Implement and operate Azure Backup for Azure VMs (policy configuration, monitoring, retention governance)
- Perform and document periodic restore tests and recovery procedures to ensure operational readiness
Identity & directory services (AD DS + Azure AD Connect)
- Administer AD DS hosted on Azure VMs (domain controllers): users/groups, OUs, Group Policy (GPO), security groups, and delegated access
- Maintain domain controller health and dependencies (DNS, replication health, time synchronization, patching coordination, operational runbooks)
- Operate and maintain Azure AD Connect (hosted on a Windows VM in Azure): monitor sync health, troubleshoot sync failures, manage scope/filtering, and support upgrades/maintenance
- Maintain documentation/runbooks for configuration, troubleshooting, and recovery procedures
Web and file services (IIS + File Servers)
- Administer and troubleshoot IIS (site/app configuration, bindings/certs, app pools, logging, performance troubleshooting)
- Administer and support Windows File Servers (SMB shares, NTFS/share permissions, access controls, troubleshooting access/performance issues)
Security posture & vulnerability management (Defender for Cloud)
- Use Microsoft Defender for Cloud to monitor security posture, address recommendations, and remediate vulnerabilities
- Contribute to baseline hardening and security improvements aligned to organizational standards
Monitoring, incident response & continuous improvement
- Participate in an on-call rotation; support incident response, service restoration, root cause analysis, and preventative improvements
- Automate repeatable administrative work using PowerShell and Azure-native tooling
- Create and maintain operational documentation (runbooks/SOPs/diagrams/inventories)
Requirements
Qualifications (Must have)
- 3+ years administering Windows Server in production, including Windows Server VMs in Azure
- Hands-on experience with Azure VM operations (provisioning, troubleshooting, performance tuning, lifecycle management)
- Hands-on experience with Azure Update Manager (maintenance windows, phased patching, compliance tracking)
- Hands-on experience with Azure Backup (policy setup, monitoring, restores, retention)
- Hands-on experience with Microsoft Defender for Cloud (recommendations, vulnerability remediation, posture management)
- Hands-on experience administering AD DS (users/groups/OUs, GPO, permissions) on domain controllers running on Azure VMs
- Hands-on experience with Azure AD Connect (monitoring, troubleshooting sync issues, scope/filtering, maintenance/upgrades)
- Hands-on experience administering and troubleshooting IIS
- Hands-on experience administering Windows File Servers (SMB shares + permissions)
- Strong documentation and communication skills; ability to collaborate across IT, engineering, and security teams
Nice to have
- Load balancing experience (design/support/troubleshooting)
- Microsoft Failover Clustering experience (design/support/troubleshooting)
- Azure PaaS experience (e.g., App Services, Functions, Storage, Key Vault, managed databases, etc.)
- Infrastructure as Code experience (Terraform/Bicep/ARM)
- CI/CD operational support experience
- Endpoint/device management tooling experience (Intune / ConfigMgr)
- Certificate lifecycle management and secrets management practices
- Relevant certifications (optional): AZ‑104, Windows/Identity certifications, security-focused certifications
Tech Stack
- Azure
- Cloud
- DNS
- Terraform
- Vault
Benefits
How We Will Take Care of You
- Robust benefit package that includes medical, dental, and vision that start on date of hire.
- Paid Time Off, to include vacation, sick, holidays, and floating holidays.
- 401(k) plan with employer match.
- Company-funded “lifestyle account” upon date of hire for you to apply toward your physical and mental well-being (i.e., ski passes, retreats, gym memberships).
- Tuition Reimbursement Program.
- Voluntary benefits, to include but not limited to Legal and Pet Discounts.
- Employee Assistance Program (available at no cost to you).
- Company-sponsored and funded “Culture Team” that focuses on the Physical, Mental, and Professional well-being of employees.
- Community Give-Back initiatives.
- Culture that focuses on employee development initiatives.