Cloud Systems Specialist & IT Lead

About The Position

Requirements

• 3+ years of experience in IT systems administration and cybersecurity with heavy exposure to Azure and Microsoft security tools
• Experience with cloud migrations and infrastructure projects
• Hands on experience with Azure Front Door, WAF, VPN Gateway, Azure SQL DB/Managed SQL DB, Entra ID, Intune, Defender for Endpoint
• Knowledge of compliance frameworks (ISO 27001, ISO 27701, SOC 2 Type II, PCI DSS 4.01)
• Strong written and verbal communication skills
• Experience with vulnerability management tools (Qualys, Vulnscan, etc.)

Nice To Haves

• ISO 27001, 27701, PCI DSS 4.01, SOC 2 Type II implementation experience
• Experience with cloud modernization and Azure SQL Managed Instance
• ISC2 SSCP or equivalent certifications
• SOC provider management experience
• Experience with Zero Trust Architecture and conditional access implementation

Responsibilities

• Manage and maintain Azure cloud environment including Front Door, WAF, VPN Gateway, NSG, AKS and Private Link
• Lead cloud infrastructure projects including migrations, cost optimizations initiatives, and new service deployments
• Manage Azure SQL databases and lead ongoing IaaS to Azure SQL Managed Instance migration.
• Modernize legacy cloud IaaS infrastructure
• Administrator Microsoft 365 and Google Workspace environments
• Monitor and maintain Microsoft Defender for Endpoint across all organizational devices
• Create detailed incident reports including root cause analysis, impact assessment, and remediation actions
• Identity and remediate shadow IT risks across the organization
• Coordinate with penetration testing and external vendors; scanning and findings review with CISO, CTO, and software engineers
• Implement and maintain Data Loss Prevention (DLP) systems
• Manage Microsoft Entra ID, Google Cloud Identity, and Conditional Access Policies
• Implement and maintain Zero Trust Architecture (ZTA) across the organization
• Manage, maintain, and implement Just in time Access (JIT) and Privileged Identity Management (PIM)
• Conduct access reviews across identity, endpoint, cloud, and SaaS platforms
• Manage device compliance baselines and Autopilot provisioning through Microsoft Intune
• Manage and on-board users to passkey
• Provision, configure, and maintain Windows and macOS endpoints across the organization
• Serve as the escalation point of contact for employee desktop support issues regarding hardware, software, and connectivity problems with minimal disruption to end users
• Administer and enforce endpoint security policies via Intune
• Manage user accounts, access provisioning, and role-based permissions across core systems including Microsoft 365, Google G Suite, SSO and SaaS applications
• Maintain accurate asset inventory and documentation for all endpoints, peripherals, and licensed software, supporting audit readiness and procurement planning
• Travel to customers events as required to provide onsite technical support to our teams
• Test, pack and reimage onsite hardware kits (as needed) ahead of each show
• Own the full lifecycle of event hardware, from procurement and deployment through refresh and decommissioning
• Maintain an audit-ready inventory of event hardware and software with chain of custody as gear moves between shows and storage in collaboration with logistics
• Support and maintain company ISMS initiatives aligned with ISO 27001, ISO 27701, SOC 2 Type, and PCI DSS
• Conduct vendor security assessments and facilitate awareness sessions for organization
• Prepare and deliver monthly IT and Security reports to leadership covering endpoint protection, identity posture, incidents, and emerging risks
• Manage relationship with 24/7 SOC provider
• Review and action SOC alerts and escalations
• Continuously tune deduction rules and responses playbooks