System Administrator

Overview

The System Administrator is responsible for the stability, security, and operational maturity of on-prem and cloud infrastructure across a multi-site enterprise environment. This role emphasizes Windows Server, Microsoft Azure, identity and access management, endpoint management, monitoring, and security operations. As IT functions are increasingly insourced, there is a strong focus on standardization, auditability, automation, and disciplined execution. This is a hands-on operational role best suited for detail-oriented administrators who are comfortable in regulated, acquisition-heavy enterprise environments and who value reliability, documentation, and ownership of critical systems.

Responsibilities

Systems Administration (Windows & Virtualization)

Administer and support Windows Server environments including Active Directory, Group Policy, DNS, DHCP, and certificate services. Manage virtualization platforms (Hyper-V and/or VMware), including VM lifecycle, performance monitoring, and capacity planning. Support Remote Desktop Services (RDS) and virtual desktop environments across corporate and site operations. Execute system patching, backup validation, and disaster recovery testing in alignment with audit and compliance requirements.

Cloud & Azure Platform Administration (Core Requirement)

Provide hands-on operational administration of Microsoft Azure environments (non-theoretical experience required). Manage Azure Virtual Machines, resource groups, storage accounts, and network dependencies including VNets, NSGs, and routing. Understand and apply appropriate Azure service usage (VMs vs App Services, storage types, Azure SQL fundamentals). Manage backups, availability, resiliency, and recovery strategies for Azure workloads. Maintain operational stability using Azure Monitor, Log Analytics, and Service Health to ensure systems remain functional and performant.

Identity & Access Management (Entra ID / Microsoft 365)

Administer Microsoft Entra ID (Azure AD), including user lifecycle management, roles, RBAC, and group structures. Implement and maintain Conditional Access policies, MFA enforcement, SSO, and B2B collaboration access. Support identity integration across Microsoft 365, Intune, and third-party SaaS applications. Manage Exchange Online, SharePoint Online, and Microsoft Defender configurations as part of the broader identity ecosystem.

Endpoint & Device Management

Manage endpoint provisioning, configuration, compliance, and patching using Microsoft Intune and/or SCCM. Support device lifecycle management, imaging, and corporate endpoint standards for both office and field users.

Automation & Scripting

Utilize PowerShell for Azure and Microsoft 365 administration tasks. Maintain, modify, and troubleshoot existing scripts to support automation and operational efficiency. Support efforts to standardize repetitive administrative tasks through scripting and automation.

Security & Operational Monitoring

Apply a security-first mindset across infrastructure and identity systems. Understand and support Microsoft Defender for Cloud and Microsoft Defender for Endpoint. Secure virtual machine access through access control, hardening, and least privilege. Secure identity systems through RBAC, role separation, and MFA enforcement. Secure storage systems through encryption, access controls, and secure configuration. Support monitoring, alerting, and incident awareness using Azure-native tools and security dashboards.

Process, Documentation & Audit Readiness

Maintain accurate, audit-ready documentation for systems, configurations, and operational procedures. Follow and improve standardized operating procedures (SOPs) to reduce operational risk and rework. Participate in change management processes ensuring traceability, accountability, and approval workflows. Ensure all infrastructure changes are documented and compliant with internal and external audit requirements.

Collaboration & Support

Partner with infrastructure, security, applications, and operations teams to resolve issues and implement improvements. Support ServiceNow workflows for incident, change, and asset management. Mentor junior IT staff and contribute to the continued maturation of insourced IT capabilities.

Required Qualifications

3+ years of experience as a System Administrator or similar role in a Windows-centric enterprise environment. Strong hands-on experience with Windows Server (Active Directory, Group Policy, patching). Hands-on experience administering Microsoft Azure infrastructure (VMs, networking, storage, and resource management). Working experience with Microsoft Entra ID (Azure AD), including identity and access management. Experience supporting RDS and/or virtual desktop environments. Hands-on experience with Microsoft Intune and/or SCCM. Strong PowerShell scripting capability for automation and administration. Strong documentation skills with a focus on accuracy, auditability, and standardization.

Preferred Qualifications

Exposure to FortiGate firewalls and security event triage. Experience with Microsoft Defender security tooling (Defender for Endpoint / Defender for Cloud). Familiarity with Cisco Umbrella or similar DNS/security platforms. Experience in multi-site, acquisition-driven enterprise environments. Experience with Microsoft Sentinel for monitoring and incident investigation. Familiarity with ITSM platforms such as ServiceNow.

Education

Bachelor s degree in Information Technology, Computer Science, or related field, or equivalent practical experience.