Microsoft 365 & Azure Systems Engineer

Role Overview

This is not a basic System Administrator or Helpdesk role. This position is for a Senior Managed Services Engineer (Level 3) responsible for advanced cloud, infrastructure, and Microsoft 365 engineering across a multi-client Managed Services Provider (MSP) environment.

The role requires deep technical ownership across identity, endpoint management, cloud infrastructure, automation, and escalated support. You will be expected to design, implement, and maintain secure, scalable environments—not simply support existing systems.

Key Responsibilities

• Advanced administration of Microsoft 365, including:
• Exchange Online
• Microsoft Teams
• SharePoint Online
• OneDrive for Business
• Design and management of tenant configurations and governance policies
• Troubleshooting complex cross-service issues across Microsoft 365 workloads

• Full lifecycle management of identities using Microsoft Entra ID (Azure AD)
• Design and implementation of Conditional Access policies
• Administration of Privileged Identity Management (PIM)
• Identity governance, Role-Based Access Control (RBAC), and security hardening

• Design and administration of Microsoft Intune environments
• Device onboarding and provisioning using Windows Autopilot
• Management of:
• Configuration policies
• Compliance policies
• Application deployment
• Endpoint security and device lifecycle management

• Administration of Microsoft Azure infrastructure, including:
• Virtual Machines (VMs)
• Virtual Networks (VNets), subnets, routing, and DNS
• Storage accounts and Azure data services
• Resource governance and cost optimization
• Support and troubleshooting of hybrid cloud environments

• Administration of Windows Server environments
• Active Directory management and maintenance
• Group Policy Object (GPO) design, implementation, and troubleshooting
• Hybrid identity integration between on-premises and cloud environments

• Management of backup solutions such as Acronis and/or Kaseya
• Design, implementation, and testing of disaster recovery strategies
• Restoration testing and business continuity planning

MSP Tools & Service Delivery Platforms

Experience with MSP tools, including:

• Datto RMM
• IT Glue
• Halo PSA

Responsibilities include:

• Documentation management
• Asset management
• Service workflow alignment across multiple client environments

• Strong proficiency in PowerShell scripting, including:
• Script creation
• Modification
• Troubleshooting
• Exposure to Microsoft Graph API and REST API automation (highly desirable)
• Automation of repetitive administrative tasks and reporting processes

• Act as the final escalation point for complex technical incidents
• Support multiple client environments with competing priorities
• Conduct root cause analysis and implement permanent resolution strategies
• Collaborate with L1 and L2 teams while mentoring junior engineers

Critical Requirements (Non-Negotiable)

Candidates must have direct, hands-on experience with the creation, configuration, and deployment of:

• Microsoft Intune environments (from initial setup or major implementation)
• Conditional Access policies in Microsoft Entra ID
• Group Policy Objects (GPOs) in Active Directory

Candidates must demonstrate real-world experience (not theoretical knowledge) in:

• Multi-tenant or MSP environments
• End-to-end Microsoft 365 administration
• Identity and endpoint architecture design

• Strong background in MSP or enterprise IT environments
• Proven experience as a Senior Systems Engineer, Infrastructure Engineer, or Cloud Engineer
• Comfortable operating in fast-paced, multi-client environments
• Strong troubleshooting and problem-solving mindset with deep technical ownership
• Highly organized, documentation-driven, and process-oriented
• Able to balance project delivery, escalations, and operational responsibilities effectively