OVERVIEWWe are seeking a hands-on, detail-oriented Systems Engineer focused on IAM and hybrid infrastructure. This role is operationally focused, with primary responsibility for identity platforms, access controls, and core infrastructure services across cloud and on-premises systems.
RESPONSIBILITIES
KEY RESPONSIBILITIES
Identity & Access Management
- Administer Microsoft Entra ID and Active Directory, including user and group lifecycle management
- Configure and maintain Conditional Access policies, MFA, and authentication controls
- Support enterprise applications, SSO integrations, and app registrations
- Manage role-based access controls (RBAC), privileged identity management (PIM), and least-privilege access
- Troubleshoot authentication and access issues using logs and monitoring tools
- Manage and support certificate-based services, including PKI/CA operations, issuance, renewal, and troubleshooting of certificates used for authentication, encryption, and application access
Cloud & Infrastructure Operations
- Support day-to-day operations across Entra, Azure and on-premises infrastructure
- Support cloud adoption and governance initiatives, including expanding Microsoft utilization, transitioning workloads to cloud-native services, and contributing to security posture.
- Monitor and maintain system performance, availability, and reliability
Automation & Configuration
- Develop and maintain PowerShell scripts to automate operational tasks
- Identify opportunities to improve efficiency through automation and standardization
- Support configuration management and policy enforcement across systems
- Support and contribute to modern endpoint management initiatives, including Intune and Autopilot.
Operational Maintenance & Security
- Perform system maintenance, upgrades, and patching coordination
- Partner with IT Security to review and remediate vulnerabilities and findings
- Administer file services, including permissions, DFS namespaces, and replication
- Participate in on-call rotation and provide responsive escalation support
Documentation & Continuous Improvement
- Maintain accurate system documentation, diagrams, and disaster recovery runbooks
- Contribute to process improvement and operational best practices
- Support knowledge sharing and cross-training across the team
- Recommend enhancements to standards, policies, and workflows
QUALIFICATIONS
QUALIFICATIONSRequired:
- 5+ years of experience in Microsoft enterprise infrastructure or systems administration
- Strong understanding of and hands-on experience with:
-
- Microsoft Entra ID, including Conditional Access, RBAC, and PIM
- Active Directory, Group Policy, and hybrid Azure administration
- Authentication methods including MFA, SSO, and modern authentication protocols
- Federated identity scenarios (e.g., ADFS, SAML, OAuth/OIDC)
- Certificate services, PKI/CA operations, and certificate lifecycle management
- Windows Server administration and enterprise system troubleshooting
- PowerShell scripting and automation
- File services including DFS namespaces, DFSR, and permissions management
Preferred:
- Microsoft certifications (e.g., Azure Administrator, Identity and Access Administrator, Microsoft 365)
- Experience in a security-focused or regulated environment
- Exposure to identity governance and access review processes
This position is located in our New York office, and currently has a hybrid work schedule, but that is subject to change. The estimated salary range for this position is $140,000 to $165,000. The actual salary offered will be based on a wide range of factors, including relevant skills, training, experience, education, and where applicable, licensure or certification obtained. Market and Firm factors are also considered. In addition to base salary and discretionary bonus(es), we offer a generous employee benefits package including, but not limited to, paid time off, medical, dental, vision care, 401(k) and substantial health club discounts.
