IT Systems Administrator

Microsoft 365 tenant administration:

• Operate and improve Exchange Online, Teams, SharePoint Online, OneDrive, and Copilot for M365. 
• Manage licensing, capacity, reporting, and cost optimization. 
• Govern collaboration: Teams/SharePoint provisioning, lifecycle, guest access, and external sharing. 

Identity & Access (Microsoft Entra ID):

• Own JML processes and group-based access; manage SSO for key SaaS apps (e.g., Miro, Mavenlink/Kantata, Paylocity, PerformYard, HubSpot, Figma, and others). 
• Implement and refine Conditional Access, MFA, PIM, access reviews, and entitlement management. 
• Support SAML/OIDC integrations and email authentication hygiene (SPF/DKIM/DMARC). 

Endpoint & device management (Intune):

• Administer Windows 10/11 baselines, Autopilot, compliance/configuration profiles, and patching. 
• Support macOS basics, and manage iOS/Android with Intune MDM. 
• Standardize disk encryption (BitLocker/FileVault) and software distribution. 

Security & compliance:

• Operate Defender for Office 365 (Safe Links/Attachments, anti-spam/phish), investigate alerts, and tune policies. 
• Configure Purview (sensitivity labels, DLP, retention, audit, eDiscovery) to support AI readiness and secure collaboration. 
• Contribute to aligning security controls with NIST recommendations and to ISO 9000-aligned processes in AR. 

Automation, tooling, and observability:

• Build and maintain PowerShell/Graph scripts and Power Automate flows for provisioning, audits, and remediation. 
• Monitor service health and Message Center advisories; maintain runbooks and SOPs. 
• Work tickets and changes in Freshservice; keep KBs and user guides current. 

Support & enablement:

• Act as L2/L3 escalation for Microsoft 365, identity, and endpoint issues; drive root cause and problem management. 
• Enable and train users on secure sharing, Teams governance, and Copilot adoption and best practices. 
• Coordinate with vendors (including Microsoft) on complex cases and roadmap items. 

Hard Skills

• 3–5+ years in IT support/administration, including 2+ years administering Microsoft 365 tenants at 200+ user scale. 
• Strong hands-on experience with: 
• Entra ID: Conditional Access, MFA, PIM, SSO (SAML/OIDC), access reviews. 
• Exchange Online, Teams, SharePoint Online, OneDrive administration and governance. 
• Intune for Windows endpoint management; Autopilot, compliance/configuration profiles, encryption. 
• Microsoft 365 security and compliance: Defender for O365, Purview (DLP, labels, retention), audit/eDiscovery basics. 
• PowerShell proficiency for admin automation; familiarity with Microsoft Graph. 
• Solid understanding of networking/DNS, identity protocols, email security (SPF/DKIM/DMARC), and endpoint security fundamentals. 
• Excellent communication and documentation; fluent in Spanish and English. 
• Comfortable collaborating across US/LATAM/India time zones; occasional after-hours for planned changes if needed. 

Nice to have skills:

• Power Platform admin basics and governance (Power Automate, Power Apps). 
• Teams Phone administration. 
• Experience with NIST CSF/800-53/800-171 mappings and ISO 9000-aligned process documentation. 
• Certifications: MS-102: Microsoft 365 Administrator, SC-300: Identity and Access Administrator, MD-102: Endpoint Administrator, SC-200: Security Operations Analyst, or AZ-104: Azure Administrator.