IT Systems Engineer (Cloud, Security, Automat

About The Position

Requirements

• Experience: 3-5+ years in Systems Engineering or Administration with demonstrated cloud, network, and operations technology experience.
• Core Tech Stack: Deep expertise in the Microsoft ecosystem: Intune, Autopilot, Entra ID, Azure, M365 (Exchange Online, SharePoint, Teams), and Office 365 admin center.
• Azure Expertise: Hands-on experience with Azure IaaS/PaaS services, Azure Active Directory (Entra ID), Azure networking, and hybrid cloud architectures.
• Network Technologies: Strong hands-on experience with enterprise networking: Cisco/HP/Aruba switches and routers, Palo Alto/Fortinet firewalls, wireless infrastructure, and SD-WAN solutions.
• Operations Technology: Familiarity with OT/IoT systems, building automation, and industrial network protocols (Modbus, BACnet, etc.).
• Scripting: Intermediate to Advanced proficiency in PowerShell is required; experience with Azure CLI and automation frameworks is preferred.
• Networking: Solid understanding of DNS, DHCP, VPN, firewall configurations, routing protocols (BGP, OSPF), Azure networking (VNets, NSGs, ExpressRoute), and network monitoring tools.
• Soft Skills: Ability to explain complex technical risks to non-technical stakeholders.

Nice To Haves

• Certifications (Preferred): Microsoft Certified: Azure Administrator Associate, Azure Solutions Architect Expert, M365 Certified: Enterprise Administrator Expert, or equivalent networking certifications (CCNA, CCNP).

Responsibilities

• Cloud Infrastructure & Identity (Azure/M365)
• Serve as the Subject Matter Expert (SME) for Microsoft Entra ID (formerly Azure AD), managing conditional access, app registrations, and lifecycle management.
• Manage Azure resources, including VM maintenance, virtual networking, storage accounts, Azure Monitor, and cost optimization.
• Execute the upgrade and maintenance roadmap for SQL Server environments, including Azure SQL databases.
• Architect and maintain M365 services including Exchange Online, SharePoint, Teams, and OneDrive for Business.
• Optimize M365 licensing, service health monitoring, and tenant-wide configuration management.
• Implement Azure governance policies, resource tagging strategies, and subscription management best practices.
• Endpoint Engineering (Intune/Autopilot)
• Design and maintain Microsoft Intune for all endpoints (Windows/Mac/Mobile).
• Implement Windows Autopilot to achieve zero-touch provisioning for new hires.
• Create remediation scripts to automatically fix common endpoint issues before they become tickets.
• Network Infrastructure & Operations Technology
• Design, implement, and maintain enterprise network infrastructure including switches, routers, firewalls, and wireless access points.
• Manage VPN configurations, VLAN segmentation, Azure Virtual Network (VNet) peering, and hybrid connectivity solutions (ExpressRoute, Site-to-Site VPN).
• Monitor network performance and troubleshoot connectivity issues across on-premises and cloud environments.
• Oversee Operations Technology (OT) systems, including building management systems, access control, and industrial network components.
• Ensure proper network segmentation between IT and OT environments for security and operational integrity.
• Security & Compliance
• Hardening of the M365 environment using Defender for Endpoint, Defender for Identity, and Microsoft Defender for Cloud.
• Manage vulnerability assessments and patch management strategies across IT, OT, and cloud systems.
• Lead Disaster Recovery (DR) planning, documentation, and annual testing, including Azure Site Recovery implementation.
• Implement and maintain network security controls including firewalls, Azure Firewall, Network Security Groups (NSGs), IDS/IPS, and network access control (NAC).
• Manage M365 compliance features including Data Loss Prevention (DLP), retention policies, and eDiscovery.
• Automation & Escalation
• Utilize PowerShell and Azure CLI to automate repetitive administrative tasks (user onboarding, reporting, bulk changes, network configuration, Azure resource deployment).
• Act as the final point of escalation (L3) for complex technical issues that L1/L2 cannot resolve.
• Mentor junior staff on modern IT practices, cloud architecture, and network operations.
• Develop and maintain Infrastructure as Code (IaC) using Azure Resource Manager (ARM) templates or Terraform.

Benefits

• Time Off: PTO, Safe & Sick Time, and Paid Holidays.
• Health Benefits: Medical, vision, dental, HRA and voluntary disability benefits.
• Financial Benefits: 401(k) + employer match and life insurance.