Jobs search

Senior System Administrator

Insight Global • san francisco, ca, us • 3h ago

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Microsoft Exchange Administration

Manage, monitor, and maintain the hybrid Exchange 2016 and Exchange Online infrastructure.
Perform advanced troubleshooting to diagnose and resolve complex technical issues related to Microsoft Entra Connect, mail flow, connectivity, and third-party services such as Expensify, NetSuite, ADP and Lever.
Ensure compliance with data protection regulations and company policies.
Collaborate with the IT team to plan and execute system upgrades, patches, and configuration changes.
Oversee current email security measures to block spam, malware and phishing attacks.
Research, deploy, and manage email security solutions to strengthen the organization's defense against threats.

Management of hybrid Active Directory and Entra ID environments.

Install and configure Domain Controllers (DCs).
Configure of audit policies to align with company security requirements.
Configure and deploy GPOs for security and administrative settings.
Auditing of logs for suspicious activity or potential security incidents.
Develop and regularly test AD recovery plan to ensure data integrity.
Configure and manage domain and forest trusts for cross-domain resource sharing.
Management of conditional access policies for secure sign-ins.
Managing Azure AD Connect for synchronization between on-premises AD and Azure AD.
Integrating Azure AD with other Microsoft 365 services and external applications.

Responding to security incidents promptly by analyzing reports and logs.

Microsoft Intune and SCCM Administration

Deploy and manage devices and applications using Microsoft Intune and System Center Configuration Manager (SCCM).
Device Enrollment and Management (MAM) - Creating and enforcing configuration profiles for device settings, security, and compliance.
Integrating Intune with Microsoft 365 services for comprehensive device and data management.

Scripting and Automation

Develop new and maintain existing automation scripts using PowerShell and Python to streamline system administration tasks and improve operational efficiency while adhering to company defined coding standards and security best practices.
Integrate with other Microsoft services such as Microsoft 365 and Entra ID for user, group and license management.
Create scripts that integrate with our Jira ticketing system to help automate the completion of user support requests.

Microsoft Defender for Endpoints

Configure and manage of endpoint security policies in Group Policy and Security Portal.
Monitoring and responding to security alerts and incidents.
Performing threat analysis and implementing appropriate responses in accordance with company defined cyber-incident SOPs and guidance from the Enterprise IT Architect.
Documentation of virus and malware incidents in Jira helpdesk ticketing system.Implement best practices for endpoint protection and threat prevention.
Work with IT Team to methodically remediate vulnerabilities that have been identified by Defender for Endpoints.

Generate vulnerability reports and document progress in Jira/Confluence.Perform vulnerability scans against network devices including firewalls, routers, and switches.Work with Microsoft and Third-Party SMEs to troubleshoot problems with Microsoft Defender.

Windows Server Administration

Automate and standardize the deployment of physical and virtual Windows Servers to support the IT Team and other Departments.
Backups - Work with System Administrator to ensure mission critical servers are protected and are recoverable within recovery time objectives (RTOs) and recovery point objectives (RPOs)
Manage the existing Active Directory Certificate Services (AD CS) implementation for securing network communications. Assist in troubleshooting the installation of certificates onto IT Systems.
Intel AMT/vPro Server Management - Administer the Intel AMT/vPro servers to ensure secure, remote management of workstations and troubleshoot any issues that arise. Test new hardware models to mitigate possible performance and configuration issues. Work with vendors to troubleshoot and diagnose problems.Provision and maintain access control for Windows systems and File Shares.

Work with vendors to setup Proof of Concepts to test and evaluate new products.

BACKUP/COVERAGE RESPONSIBILITIES:

Dell PowerScale (Isilon) Cluster Administration Coverage:

Create and manage file shares and quotas according to SOPs.
Troubleshoot and remediate hardware failures, performance issues, and connectivity issues.

S2 Lenel Administration Coverage:

Work with access control vendors and IT staff in satellite offices to troubleshoot problems with physical access control.
Prompt review of potential physical security incidents when the primary designated person is unavailable.

EXPERIENCE AND QUALIFICATIONS REQUIRED FOR THIS POSITION:

Reliable communications in case of urgent infrastructure needs.
Ability to keep tickets updated in a detailed and timely manner.
Ability to learn new technologies and applications.
Ability to write clear and concise technical documentation.
Advanced experience working in an MS Windows based office environment.
Excellent verbal and written communication skills.
Attention to detail and highly motivated.
Good planning and organization skills.
Ability to work within deadlines and SLAs.
Can successfully work independently with minimal guidance.
Able to determine priorities and appropriate level of escalation.
Able to accurately relay information between IT staff and other points of contact.
US citizenship or permanent residency due to work with export-controlled material.

DESIRED COMPETENCIES:

Experience in a help desk escalation role supporting over 150 end-users.
Strong time management skills and the ability to work under pressure in a fast-paced environment; ability to coordinate multiple tasks concurrently and meet deadlines.
Experience with issue tracking systems such as JIRA, etc.
Experience with version control systems such as Perforce, Git, etc.

Relevant certifications such as but not limited to theWindows Server Hybrid Administrator Associate.

REQUIRED EDUCATION, ELIGIBILITY AND EXPERIENCE:

Bachelor’s Degree in Computer Science, IT, or Cybersecurity, or a minimum 6 years’ experience in a related field.
Minimum of 5 to 7 years of experience managing Hybrid Microsoft Exchange Server and Microsoft Exchange Online environments.
Minimum of 5 to 7 years of experience supporting hybrid Microsoft Active Directory (AD) and Entra ID hybrid environments.
Minimum of 5 to 7 years of experience managing Intune or SCCM. Experience with setting up and co-management between Intune and SCCM for hybrid environments and integration with other M365 services e.g., Microsoft Defender for Endpoints).
Experience developing PowerShell or Python scripts for task automation such as Active Directory and Microsoft 365 Managment.
Experience with managing endpoint security solutions, preferably Microsoft Defender for Endpoints.
Experience with installing hardware in a Colocation Facility or Datacenter.