Systems Administrator

Systems Administrator (Mid-Level)

Overview

We are seeking a Systems Administrator to support and maintain a modern, cloud-managed IT environment built around Windows laptops administered through Microsoft 365. This role focuses on endpoint management, identity and access control, security monitoring, and compliance support in a regulated environment.

The ideal candidate has strong experience with Microsoft 365, Intune, and endpoint security, is comfortable operating in a zero-trust, cloud-native model, and produces clear, audit-ready documentation.

Key Responsibilities

Endpoint & Device Management

• Administer and support Windows 11 laptops managed through Microsoft 365 and Microsoft Intune.
• Configure and maintain Intune policies for device compliance, configuration profiles, security baselines, platform scripts, and update management.
• Manage the full device lifecycle: provisioning, enrollment, maintenance, troubleshooting, and secure decommissioning.
• Support  secure remote workforce operations with cloud-managed endpoints.

Microsoft 365 & Identity Administration

• Administer Microsoft 365 services including Entra ID (Azure AD), Exchange Online, Teams, SharePoint, and OneDrive.
• Manage user identities, access controls, conditional access policies, and role-based access.
• Support Cisco Duo as a third-party MFA provider integrated with external cloud services such as Entra.

Security Operations & Monitoring

• Utilize  Microsoft Defender (e.g., Defender for Endpoint) to monitor endpoint health, investigate alerts, and support remediation activities.
• Leverage Microsoft Purview for data protection, sensitivity labeling, and  compliance-related controls.
• Review logs and security signals in Microsoft Sentinel, escalating or coordinating response actions as appropriate.
• Apply security best practices including least privilege, device hardening, and zero-trust access principles.

Network & Remote Access (Cloud-Managed)

• Support    secure network access using SASE for VPN and remote connectivity.
• Coordinate with networking teams on Fortinet firewalls, switches, and wireless infrastructure as it relates to endpoint access and security controls.
• Assist with access segmentation, secure connectivity policies, and network-related incident response.

Compliance & Documentation

• Create and maintain clear, accurate technical documentation, including  system configurations, procedures, diagrams, and standard operating guides.
• Support organizational CMMC 2.0 (NIST Rev 2) compliance efforts,  including control implementation, evidence gathering, and audit preparation (scope varies by seniority).
• Ensure      operational practices align with internal security policies and compliance requirements.

Operations & Continuous Improvement

• Troubleshoot endpoint, identity, access, and security issues across the Microsoft 365 ecosystem.
• Perform root-cause analysis and implement preventative improvements.
• Participate in system enhancements, security improvements, and process optimization initiatives.
• Collaborate with IT support, security, and compliance stakeholders to ensure a stable and secure environment.

Required Qualifications

• Experience supporting Windows endpoints in a cloud-managed, Microsoft 365–centric environment.
• Hands-on administration of Microsoft 365 services, including Entra ID and Intune.
• Practical experience with endpoint security and compliance tooling (e.g., Defender, device compliance policies).
• Strong technical documentation skills with attention to accuracy and audit readiness.
• Ability to work independently, manage competing priorities, and operate effectively in a remote-capable environment.
• Strong troubleshooting and analytical problem-solving skills.
  • CMMC Experience

· Strong working knowledge of CMMC 2.0 and alignment to NIST Rev 2 controls.

· Experience supporting compliance initiatives, audits, SSP-related activities, and documentation development.

· Willingness and ability to grow into deeper compliance responsibilities over time.

Preferred / Nice-to-Have Skills

• Experience with Microsoft Sentinel or other SIEM platforms.
• Familiarity with SASE/VPN solutions.
• Exposure to Fortinet network environments from an endpoint or access-control perspective.
• PowerShell or automation experience for endpoint and tenant administration.
• Experience working in regulated or compliance-driven environments (e.g., defense, government contractors, healthcare).
• Demonstrates initiative and the ability to work independently with minimal supervision
• Comfortable operating in a fast-paced, dynamic environment with shifting priorities
• Capable of managing multiple tasks simultaneously while maintaining attention to detail
• Adapts quickly to new challenges, technologies, and evolving problem sets
• Applies strong analytical and critical-thinking skills across a wide range of technical issues
• Effectively prioritizes workload to balance planned work and unplanned operational demands
• Communicates clearly and collaborates effectively across technical and non-technical teams