System Administrator - Windows & Hybrid Cloud Specialist

Role Overview:

As a System Administrator, you will be a critical part of our IT operations team, responsible for the seamless functioning and security of our hybrid identity environments. Your expertise will be vital in managing Windows Active Directory and Azure environments, deploying and maintaining endpoint security solutions, and implementing efficient backup and disaster recovery strategies. A strong focus on automation through PowerShell and Bash scripting will be key to your success in this role.

Key Responsibilities:

1. Active Directory (AD) & Azure AD Management:

• Administer, maintain, and optimize our on-premises Windows Active Directory and Azure AD environments, ensuring high availability and performance.
• Develop, manage, and troubleshoot Group Policies (GPOs) to enforce security settings and streamline user environments.
• Oversee user authentication, authorization, and access controls across hybrid environments.
• Configure, implement, and troubleshoot RADIUS authentication for secure network access for various devices and users.

2. Azure AD Connect & Hybrid Identity Management:

• Design, deploy, configure, and maintain Azure AD Connect, ensuring seamless and reliable hybrid identity synchronization between on-premises AD and Azure AD.
• Proactively identify and troubleshoot complex Azure AD Sync issues, including password hash synchronization, pass-through authentication, and federation services.
• Implement and enforce hybrid identity security best practices, including Conditional Access policies, Multi-Factor Authentication (MFA), and Privileged Identity Management (PIM).

3. WSUS & Print Server Administration:

• Manage the full lifecycle of security updates and patches by configuring and deploying them via Windows Server Update Services (WSUS) across the organization.
• Maintain, optimize, and troubleshoot Print Server infrastructure to ensure reliable printing services across multiple geographical locations.

4. Endpoint & Security Management:

• Plan, deploy, and manage Microsoft Intune for comprehensive device compliance, mobile device management (MDM), and mobile application management (MAM) policy enforcement.
• Configure, monitor, and respond to alerts from SentinelOne endpoint security solutions, ensuring robust protection against advanced threats.
• Actively contribute to implementing zero-trust security principles and ensuring strict compliance with internal IT security policies and industry regulations.

5. Backup & Disaster Recovery:

• Configure, manage, and monitor Veeam Backup & Replication for the protection of critical data, virtual machines, and applications.
• Develop, document, and regularly test disaster recovery strategies and business continuity plans to minimize downtime and ensure rapid data restoration.

6. Automation & Scripting:

• Develop, maintain, and optimize robust PowerShell scripts for automating routine system administration tasks, including Active Directory management, user provisioning/ deprovisioning, and software deployments.
• Identify opportunities for automation to improve operational efficiency, reduce manual workloads, and enhance system reliability.
• (Optional: If applicable) Utilize Bash scripting for managing Linux-based systems or hybrid automation tasks.

7. Policy Development & Compliance:

• Collaborate with IT leadership to create, implement, and enforce comprehensive IT policies related to security, access control, data protection, and acceptable use.
• Ensure ongoing compliance with industry standards, regulatory requirements, and internal best practices.

Required Skills & Qualifications:

• Experience:

  Minimum of 3+ years of hands-on experience in a System Administrator role with a strong focus on Windows environments.

• Core Technologies:

  Proven expertise in Windows Active Directory, Azure AD, Azure AD Connect, WSUS, Print Server, and Microsoft Intune.

• Hybrid Identity:

  Strong expertise in Azure AD Connect configuration, troubleshooting, and comprehensive hybrid identity management.

• Endpoint Security:

  Hands-on experience with Microsoft Intune and SentinelOne endpoint security solutions.

• Scripting:

  Demonstrated proficiency in PowerShell scripting for automation in complex Windows environments.

• Backup & DR:

  Solid knowledge of Veeam Backup & Replication and experience in developing and implementing disaster recovery strategies.

• Networking:

  Familiarity with RADIUS authentication and foundational network security protocols.

• Problem-Solving:

  Excellent troubleshooting, analytical, and problem-solving skills with a methodical approach.

• Communication:

  Strong documentation and communication skills, with the ability to articulate technical concepts clearly to both technical and non-technical audiences.

Preferred Certifications (A Strong Plus):

• Microsoft Certified: Azure Administrator Associate (AZ-104)
• Microsoft 365 Certified: Identity and Access Administrator (SC-300)
• Veeam Certified Engineer (VMCE)