Our direct client is looking for a Microsoft Server & Azure IaaS Administrator (AD/GPO/IIS) for a 100% Remote Long Term Contract in Columbus, OH.
J0B DESCRIPTION:
- This Microsoft infrastructure administrator will assist with the management of Windows Server, Active Directory, Group Policy, IIS, and Azure IaaS resources.
- This role will be responsible for day-to-day operations, security hardening, automation, and high-availability support across on?premises and cloud environments.
- This position will partner closely with network, security, and application teams to ensure reliable service delivery and continuous improvement.
Key Responsibilities:
- Windows Server Administration: Configure and maintain Windows Server (20162025); manage roles/features (AD DS, DNS, DHCP, DFS, File Services), patching, performance tuning, and capacity planning.
- IIS Administration: Configure and support IIS websites and applications, including application pools, bindings, SSL/TLS certificates, URL Rewrite/ARR, security hardening, and log analysis; optimize availability and performance.
- Azure IaaS: Manage Azure VMs, VM Scale Sets, disks/storage, Azure Files, VNETs, subnets, NSGs/ASGs, Load Balancer/App Gateway, Bastion; implement backup (Azure Backup), DR (Azure Site Recovery), monitoring/alerts (Azure Monitor), and cost governance.
- Active Directory (AD): Maintain domain health and replication; manage OU structure, users, groups, GMSAs, service accounts, and delegated permissions; troubleshoot authentication/Kerberos/NTLM issues.
- Monitoring & Troubleshooting: Use native tools and platforms (Event Viewer, PerfMon, Azure Monitor, Log Analytics) to proactively detect and resolve issues impacting availability, performance, or security.
- Group Policy (GPO): Design, implement, and maintain GPOs for security baselines, server configurations, and compliance; perform impact testing and change control.
- Security & Compliance: Apply CIS/Microsoft security baselines, TLS configurations, vulnerability remediation, endpoint hardening, and log review; partner with security for audits and incident response.
- Automation & Scripting: Build PowerShell scripts/modules to automate routine tasks (provisioning, patching, reporting) and Infrastructure-as-Code (e.g., Bicep/ARM/Terraform) for repeatable deployments.
- Documentation & Change Management: Produce and maintain SOPs, diagrams, inventories, and runbooks; follow ITIL change/incident processes; contribute to knowledge base.
- Collaboration & Support: Serve as escalation point for server/web platform issues; coordinate with app owners on deployments, certificates, and integration.
- Lifecycle & Projects: Lead or support upgrades, migrations, re-platforming, and cloud adoption initiatives; drive standardization and modernization.
- IRS 1075 Compliance: Provide answers and documentation, and implement changes required as part of IRS audit findings.
Required Qualifications:
- Process & Practices: Strong documentation, change control, and incident/problem management (ITIL).
- Soft Skills: Clear communicator, collaborative, organized, and able to prioritize across multiple stakeholders and deadlines.
Preferred Qualifications:
- Certifications:
-- Microsoft Certified: Azure Administrator Associate (AZ?104), Windows Server Hybrid Administrator Associate (AZ?800/AZ?801)
-- PlNice to Have: Azure Network Engineer (AZ?700)
- Enterprise Tools: Experience with MCM/ConfigMgr, WSUS, Defender for Cloud, Sentinel, Splunk/ELK, ServiceNow/Jira.
- Networking: Solid understanding of TCP/IP, DNS, routing, VPN, firewall rules, load balancing, private endpoints.
- Web/App Integration: Familiarity with .NET application hosting, SSO (SAML/OIDC), App Gateway/WAF, certificate pinning, mutual TLS.
- Infrastructure-as-Code & Config: Experience with Bicep/ARM/Terraform, DSC, or Ansible; Azure Policy/Blueprints.
-- Azure DevOps: Experience with server-side configurations
SKILL MATRIX:
- 7+ years administering Windows Server, AD, GPO, and IIS in mid to large enterprise environments - Required
- Group Policy design and troubleshooting (RSOP, GPMC, GPResult) - Required
- Windows Server (20162025), AD DS, DNS, restores - Required
- IIS configuration, SSL/TLS, bindings, app pools, URL Rewrite/ARR, logging - Required
- Azure IaaS (VMs, VNETs, NSGs, Load Balancer/App Gateway, Azure Backup/ASR, Azure Monitor, Log Analytics) - Required
- PowerShell scripting (automation, modules, REST/Graph, CLI) - Required
- Azure Administrator Associate (AZ 104), Windows Server Hybrid Administrator Associate (AZ 800/AZ 801) - Required
- Azure Network Engineer (AZ 700) - Nice to have
- Experience with MCM/ConfigMgr, WSUS, Defender for Cloud, Sentinel, Splunk/ELK, ServiceNow/Jira - Required
- Solid understanding of TCP/IP, DNS, routing, VPN, firewall rules, load balancing, private endpoints - Required
- Familiarity with .NET application hosting, SSO (SAML/OIDC), App Gateway/WAF, certificate pinning, mutual TLS - Required
- Experience with Bicep/ARM/Terraform, DSC, or Ansible; Azure Policy/Blueprints - Required
Question 1: Do you understand, and will abide by, the provision in your subcontract with OST that it is PROHIBITED for government equipment to be taken or used outside of the United States by your contractors? The consequences of this occurring can and will result in repercussions to you, the prime vendor, regardless if the candidate works for a sub-vendor of yours. It will also result in immediate termination of the contractor, and make them ineligible for rehire in the program.
Question 2: Where is your candidate currently located? City, State
Location: 100% Remote, (Client in Columbus, OH)
Type: Long Term Contract