Summary:
This individual will be responsible for the maintenance, management, and support of all aspects of the Microsoft Windows Server, Entra ID and Active Directory (AD) infrastructure, ensuring the security, integrity, and availability of authentication, authorization, and LDAP related services. This individual will also be responsible for the build, testing and upgrade initiatives for the AD and Windows Server infrastructure.
Essential Duties & Responsibilities:
Security & Compliance
- Scheduled vulnerability scans and patching on a monthly and as needed basis.
- Implement security best practices and monitoring.
- Manage, maintain, and adhere to department SOPs.
- Remove/Upgrade EOL and nearing EOL Operating Systems.
- Coordinate with other departments on security related tasks and procedures.
Support/Maintenance
- Provide capacity planning and performance monitoring to sustain and improve server availability and efficiency.
- Coordinate service/support needs with vendors and other areas of IT through effective collaboration and communication.
- Provide 3rd level support for Windows Server, Azure Active Directory (Entra ID) and Active Directory for end users, application web and infrastructure teams.
- Provide on call support for severity-1 issues that can arise 24X7 on a rotational basis.
- Maintain daily backups of Windows servers, Entra ID, M365 and Active Directory.
- Perform all activities needed to maintain the stability and security of Windows Servers in a Hybrid Azure environment. This includes functions such as monitoring AD and its components, CPU, RAM, disk space and critical services, performing periodic system health checks, managing configurations, objects, and structures, performing patching, performing upgrades (hardware and software), and creating and maintaining scripts.
- Implement changes to Active Directory/ Entra ID to support the needs of a project or new system.
Documentation & Procedure
- Follow best practices and processes based on industry and vendor published best practices.
- Provide Change Control Requests for the deployment of new applications or infrastructure related changes.
- Help to enhance existing documentation and disaster recovery processes for major systems.
- Physical and Virtual server provisioning based on standards and templates.
Project Work
- Plan, Architect and Implement major projects as assigned by your Manager.
- Perform EOL hardware and Operating System refreshes.
- Assist teams in all mergers and acquisitions.
- Windows Server Builds, Upgrades/Cloud migrations.
Administration & Management
- Maintain a Hybrid Entra ID/Active Directory Identity infrastructure for the enterprise including Group Policy, Intune and Defender.
- Support of a highly available AD/Entra ID infrastructure.
- Support and manage Azure Virtual Desktops.
- Support and manage Microsoft 365 environment consisting of Exchange Online, SharePoint Online, Teams, OneDrive, Viva, Intune, Conditional Access Policies, and MFA.
- Engineer, assess, and review future directory architecture solutions, 3rd party directory management tools/applications and implement life cycle maintenance processes.
- Some Data Center management and proper labeling of equipment.
Communication & Team Work
- Coordinate service/support needs with vendors or various other departments through effective partnership, collaboration, and communication.
- Participate in security and application troubleshooting and incident problem resolutions with other infrastructure team members.
Education & Experience:
- 3+ years of experience managing Azure resources (virtual machines, virtual networks, subscriptions, resource groups).
- 5+ years of experience managing and securing Active Directory, Azure AD (Entra ID) and the Microsoft 365 E5 Suite of products.
- Bachelor’s Degree in Computer Science or related field.
- Technical certifications such as MSCA, MSCE, and MCITP and Microsoft Certified Azure Specialists preferred.
Technical Skills:
- Solid understanding of Microsoft Active Directory and Group Policy design and management.
- Solid understanding of DNS, DHCP, DFSR, PKI, TCP/IP, WSUS, and SMTP.
- Solid understanding of Microsoft Exchange Online, SharePoint Online, Teams, OneDrive and Office 365 apps
- Solid understanding of Azure Active Directory (Entra ID) (PIM, Identity Protection, MFA, Conditional Access Policies)
- Experience managing an Azure Infrastructure and Azure Virtual Machines (incl Azure Arc)
- Experience with Microsoft Endpoint Configuration Manager (MECM) management and patching.
- Experience with Intune management and policies.
- Experience administering and managing Windows Servers.
- Solid understanding of networks, firewalls, ports and protocols.
- Experience building and supporting virtual servers using VMware ESX and Hyper-V.
- Experience with HP or Dell Server hardware maintenance and administration.
- Good understanding of Microsoft SQL Server.
- Experience with Azure Virtual Desktops a major plus.
- Experience with advanced patch management solutions.
- Experience with Terraform a plus
- Experience scripting system administration tasks in PowerShell or VBScript.
- Strong troubleshooting skills with the ability to apply them during business impacting incidents.
- Strong oral and written communication skills and the ability to transform technical knowledge into business language.
- Ability to work successfully with others in large and small teams.
- Ability to multi-task, work independently, manage deadlines and keep sight of overall objectives.
The expected salary range for this position is $120,000-$140,000. The actual compensation will be determined by experience and other factors permitted by the law.
California residents – please see our California Privacy Rights Notice for Job Applicants.