Role Overview

We are seeking a Microsoft 365 IT Systems Administrator to own, operate, and continuously improve our Microsoft cloud productivity and identity platforms. This role is responsible for the secure, reliable, and scalable operation of Microsoft 365 services across the organization, with particular emphasis on Entra ID (Azure AD), Exchange Online, Intune, Defender, Purview, and endpoint compliance.

This is not a help-desk role. The successful candidate will be an experienced administrator who understands Microsoft 365 as an integrated security and identity platform, not merely a collection of applications. You will be expected to make architectural decisions, implement security controls, automate operational tasks, and serve as a technical authority for the environment.

Key Responsibilities

Microsoft 365 Administration

• Administer and maintain Microsoft 365 tenant services including Entra ID, Exchange Online, SharePoint Online, OneDrive, Teams, and Microsoft 365 Apps
• Manage licensing, service health monitoring, feature rollouts, and tenant configuration
• Serve as escalation point for complex Microsoft 365 issues

Identity and Access Management

• Design and manage Entra ID identity architecture, including user lifecycle, groups, dynamic group rules, and role assignments
• Implement and maintain Conditional Access policies, MFA enforcement, authentication methods, and identity protection controls
• Manage Privileged Identity Management (PIM) and least-privilege access models

Endpoint and Device Management

• Administer Microsoft Intune for Windows, macOS, iOS/iPadOS, and Android devices
• Create and maintain configuration profiles, compliance policies, application deployments, and update rings
• Enforce device security baselines and compliance reporting aligned with industry benchmarks (e.g., CIS)

Security and Compliance

• Configure and operate Microsoft Defender for Endpoint, Defender for Office 365, and Defender for Cloud Apps
• Implement data protection controls using Microsoft Purview, including DLP, sensitivity labels, and retention policies
• Support security audits, investigations, and incident response activities related to Microsoft 365

Automation and Operational Excellence

• Develop and maintain automation using PowerShell, Microsoft Graph, and related tooling
• Reduce manual administration through scripting, policy-driven configuration, and repeatable processes
• Maintain technical documentation, runbooks, and standard operating procedures

Collaboration and Advisory

• Partner with Security, IT, and business stakeholders to align Microsoft 365 capabilities with organizational needs
• Provide technical guidance on new features, risks, and best practices
• Participate in architecture reviews and roadmap planning

Required Qualifications

• 5+ years of hands-on experience administering Microsoft 365 in an enterprise or regulated environment
• Strong expertise with Entra ID (Azure AD), including Conditional Access and identity security
• Proven experience managing Intune for Windows and Apple platforms
• Advanced PowerShell skills, including Microsoft Graph-based automation
• Deep understanding of Microsoft 365 security services (Defender, Purview, Secure Score)
• Experience supporting compliance frameworks (CIS, NIST, ISO 27001, SOC 2, or similar)
• Strong troubleshooting skills across identity, endpoint, and cloud service layers

Preferred Qualifications

• Microsoft certifications (e.g., MS-102, SC-300, MD-102, SC-400)
• Experience in zero-trust architecture implementation
• Prior experience in security-focused or highly regulated industries
• Familiarity with macOS and iOS management at scale
• Experience with cross-tenant collaboration, B2B, or multi-tenant environments

Work Environment and Expectations

• Production environment with high availability and security requirements
• Planned change management and documented operational processes
• Occasional after-hours work for maintenance or incident response (compensated)
• Emphasis on automation, auditability, and long-term maintainability