Senior Systems Administrator - IT

Job summary

Seeking an experienced Systems Administrator to manage the daily operations, security, and reliability of a Windows-based, hybrid-cloud IT environment. This senior role involves Active Directory, Microsoft 365 / Entra ID, server and endpoint management, security hardening, monitoring, co-managed network infrastructure, and backup/disaster recovery across multiple sites. The ideal candidate possesses deep Windows Server and Active Directory expertise, a security-first mindset, and discipline in documentation and change management.

Benefits

Qualifications

• 4+ years of Windows Systems Administration experience in a production environment.
• Deep, hands-on Active Directory expertise, including GPO, DNS, DHCP, replication, FSMO, and AD security.
• Strong PowerShell scripting and automation skills.
• Solid Microsoft 365 / Entra ID administration experience, including Exchange Online, Conditional Access, and MFA.
• Working knowledge of Windows Server, Hyper-V, and core networking (DNS, DHCP, VPN, firewalls).
• Security fundamentals, including hardening, least privilege, certificate/PKI basics, and patch management.
• Comfort with version control (Git) and documentation discipline.

Responsibilities

• Administer on-prem Active Directory, including domain controllers, replication health, FSMO roles, Sites & Services, DNS, and Group Policy.
• Manage hybrid identity, including Entra Connect sync, ADFS, hybrid Azure AD join, and troubleshooting.
• Administer Microsoft 365 / Entra ID, including user lifecycle, licensing, Conditional Access, MFA enforcement, and Privileged Identity Management.
• Maintain service-account hygiene, privileged-group reviews, and least-privilege access.
• Drive security hardening initiatives.
• Remediate penetration-test findings and apply security baselines.
• Manage Windows Firewall policy centrally via GPO and maintain internal PKI/certificate lifecycle.
• Maintain audit trails and operator attribution for sensitive actions.
• Manage the Hyper-V virtualization fleet, server lifecycle, and storage.
• Administer multi-site network infrastructure, including Fortigate VPN tunnels, UniFi wireless/switching, DHCP/DNS.
• Plan and deploy Windows Updates fleet-wide, including monitoring and orchestration.
• Own backup and disaster recovery, including validating jobs, managing retention, and testing restores.
• Operate and tune the Graylog SIEM and event-log pipeline; triage alerts across security platforms.
• Develop and maintain PowerShell automation.
• Maintain and extend internal operations tooling, including custom dashboards and automated reporting.
• Use Azure DevOps for source control, CI/CD pipelines, work tracking, and documentation.
• Maintain operational runbooks, change logs, and a knowledge-base wiki.
• Follow a methodical, change-managed approach for high-risk changes.
• Provide escalation support for endpoint, identity, email, and access issues; partner with help-desk operations on SLA-tracked tickets.

Skills

Relocation