Indigo Beam Consulting is seeking a Senior Systems Engineer specializing in Microsoft 365 Architecture, Identity & Migrations. This role involves architecting, administering, and optimizing Microsoft 365 services, leading complex initiatives such as tenant migrations and ensuring security and performance while collaborating with various stakeholders.
Responsibilities:
- M365 Architecture & Tenant Engineering: Define and implement Microsoft 365 tenant architecture, governance, and standards across Exchange Online, Teams, SharePoint Online, and OneDrive to ensure scalability, performance, and strong end-user experience
- Entra ID (Azure AD) & Access Controls: Administer Entra ID with emphasis on Conditional Access, MFA, role-based access controls, and audit-aligned access policies
- Hybrid Identity: Support and optimize hybrid identity environments including Active Directory (on-prem), ADFS, and Azure AD Connect / Entra Connect (sync health, staging, filtering, troubleshooting)
- Migration & Tenant Work (primary focus): Lead M365 migrations and consolidations including tenant-to-tenant, Exchange mailbox migrations (cutover/staged/hybrid), and SharePoint/OneDrive migrations, including domain cutovers and identity mapping to ensure service continuity
- Migration Tools & Vendor Management: Plan and execute migrations using BitTitan, Quest, and ShareGate; coordinate with vendors and Microsoft support to resolve issues and optimize outcomes
- Exchange & Email Security: Manage mail flow, connectors, and email security controls including SPF/DKIM/DMARC and Defender capabilities (as applicable)
- Security & Compliance: Configure and maintain M365 compliance features (DLP, retention, eDiscovery, litigation hold) and support audits (e.g., SOX)
- Automation: Build and maintain PowerShell automation for administration, identity lifecycle workflows, reporting, and pre/post-migration validation
- Collaboration & Mentorship: Serve as a technical escalation point and mentor team members on M365, identity, and migration best practices
Requirements:
- Strong experience with Microsoft 365 architecture and tenant engineering (Exchange Online, Teams, SharePoint Online, OneDrive)
- Deep expertise in Entra ID (Azure AD) and identity/access controls, including Conditional Access and MFA
- Hands-on experience with Active Directory (on-prem) and hybrid identity patterns
- Experience supporting ADFS and federated authentication flows (as applicable)
- Strong experience with Azure AD Connect / Entra Connect (sync configuration, filtering, staging mode, troubleshooting)
- Proven experience executing Microsoft 365 migrations, including: Tenant-to-tenant migration and tenant consolidation, Exchange mailbox migrations (cutover / staged / hybrid), SharePoint / OneDrive migrations, Domain cutover and identity mapping
- Experience with migration tooling such as BitTitan, Quest, and ShareGate
- Proficiency in PowerShell scripting for Microsoft 365 administration, automation, and reporting
- Solid understanding of email security standards (SPF, DKIM, DMARC) and Microsoft Defender (as applicable)
- Familiarity with M365 compliance capabilities (eDiscovery, retention, DLP) and SOX-related IT controls
- Strong understanding of network and DNS concepts as they relate to cloud services (DNS, TCP/IP, VPN), especially for mail flow and domain cutover scenarios