Systems Engineer II - Microsoft

About The Position

Requirements

• Proven hands on expertise designing and implementing: o Azure AD Connect / Cloud Sync topologies, Hybrid Join, federation models. o Intune MDM/MAM, Windows Autopilot, and GPO to Intune migration. o Proofpoint PPS & TAP secure mail gateways, including DMARC/DKIM/SPF tuning. o Entra ID SSO, SCIM provisioning, SAML 2.0, OAuth/OIDC, and Conditional Access.
• Strong PowerShell / Graph automation skills; ability to create JSON/Win32 and Proactive Remediation scripts.
• Excellent analytical and root cause troubleshooting skills for multi discipline issues (identity, mail flow, endpoint, security).
• Effective project management, task prioritization, and stakeholder communication abilities.
• Clear, concise verbal and written communication and documentation skills.
• Level II: 5 - 8 years hands on engineering of hybrid AD DS/Azure AD, Intune/Autopilot, Proofpoint (or equivalent), and Microsoft 365 platforms.
• A 4-year college degree in Information Systems, Computer Engineering, or a related academic area, or equivalent experience, is required

Nice To Haves

• Microsoft 365 Enterprise Administrator Expert (MS 102)
• Entra ID Administrator Associate (SC 300) or Intune Administrator Associate (MD 102)
• Proofpoint Certified Specialist (PPS/TAP); CISSP, CISM, or similar.

Responsibilities

• Active Directory Engineering – Administer multi site, multi forest AD DS; design replication, schema/forest upgrades, delegated OU structures, and PKI/CA integration.
• Hybrid Identity & Entra ID – Plan, deploy, and maintain Azure AD Connect / Cloud Sync, Hybrid Join, Conditional Access, PIM, and SSO integrations (SCIM, SAML, OAuth/OIDC).
• Intune / Autopilot / Endpoint Security – Build and maintain Intune tenant, migrate legacy GPOs to Intune, create Autopilot deployment rings, publish compliance & configuration profiles, implement Defender for Endpoint and Proactive Remediations.
• Proofpoint Administration – Install, configure, and tune PPS/TAP clusters; manage policies, mail flow connectors, quarantine, and threat intel; troubleshoot end to end message delivery.
• Microsoft 365 Services – Administer Exchange Online (hybrid mail flow, EOP), SharePoint Online, OneDrive, and Teams retention/eDiscovery.
• Automation & Scripting – Develop PowerShell / Graph scripts for deployment, reporting, and proofpoint/intune automation; maintain CI/CD pipelines where applicable.
• Technical Support – Provide Tier III response and on call escalation for identity, device management, mail security, and collaboration platforms.
• Project Participation – Lead or contribute to IT projects, create charters, timelines, and deliverables, and coordinate with cross functional teams.
• Documentation – Produce and maintain high level/low level designs, runbooks, SOPs, and change control artifacts.
• Security & Compliance – Enforce SCCU security baselines and FFIEC/NCUA requirements; participate in audits and risk assessments.
• Vendor Liaison – Act as primary contact with Microsoft, Proofpoint, and other vendors for support cases, roadmap alignment, and licensing.
• Continuous Improvement – Track emerging Microsoft and Proofpoint capabilities; recommend and pilot new features to enhance resilience, security, and user experience.

Benefits

• Health & Wellness: Medical, dental, and vision insurance, plus an Employee Assistance Program.
• Financial Perks: 401(k) match (5%), HSA match, and SCCU-paid insurance (short/long-term disability, life insurance).
• Education Support: Tuition reimbursement after one year of service.
• Generous Time Off: 20+ days of PTO, birthday PTO, and 11 federal holidays.
• Exclusive Discounts: Lower rates on loans, credit cards, and no fee SCCU accounts!