IT Systems Administrator

Allata is a global consulting and technology services firm with offices in the US, India, and Argentina. We help organizations accelerate growth, drive innovation, and solve complex challenges by combining strategy, design, and advanced technology. Our expertise covers defining business vision, optimizing processes, and creating engaging digital experiences. We architect and modernize secure, scalable solutions using cloud platforms and top engineering practices.

Allata also empowers clients to unlock data value through analytics and visualization and leverages artificial intelligence to automate processes and enhance decision-making. Our agile, cross-functional teams work closely with clients, either integrating with their teams or providing independent guidance—to deliver measurable results and build lasting partnerships.

We’re expanding our lean, high-impact Internal IT Operations team with a Semi-Senior IT Systems Administrator specializing in Microsoft 365 and Entra. In this role, you’ll help operate and continuously improve a cloud-native, SaaS-first environment supporting 300+ Allatians across the US, LATAM, and India. We rely heavily on Microsoft 365 (including Copilot), manage endpoints through Intune, and use Freshservice as our ITSM platform.

Main Resposibilities:

• Operate and improve Exchange Online, Teams, SharePoint Online, OneDrive, and Copilot for M365. 
• Manage licensing, capacity, reporting, and cost optimization. 
• Govern collaboration: Teams/SharePoint provisioning, lifecycle, guest access, and external sharing. 

• Own JML processes and group-based access; manage SSO for key SaaS apps (e.g., Miro, Mavenlink/Kantata, Paylocity, PerformYard, HubSpot, Figma, and others). 
• Implement and refine Conditional Access, MFA, PIM, access reviews, and entitlement management. 
• Support SAML/OIDC integrations and email authentication hygiene (SPF/DKIM/DMARC). 

• Administer Windows 10/11 baselines, Autopilot, compliance/configuration profiles, and patching. 
• Support macOS basics, and manage iOS/Android with Intune MDM. 
• Standardize disk encryption (BitLocker/FileVault) and software distribution. 

• Operate Defender for Office 365 (Safe Links/Attachments, anti-spam/phish), investigate alerts, and tune policies. 
• Configure Purview (sensitivity labels, DLP, retention, audit, eDiscovery) to support AI readiness and secure collaboration. 
• Contribute to aligning security controls with NIST recommendations and to ISO 9000-aligned processes in AR. 

• Build and maintain PowerShell/Graph scripts and Power Automate flows for provisioning, audits, and remediation. 
• Monitor service health and Message Center advisories; maintain runbooks and SOPs. 
• Work tickets and changes in Freshservice; keep KBs and user guides current. 

• Act as L2/L3 escalation for Microsoft 365, identity, and endpoint issues; drive root cause and problem management. 
• Enable and train users on secure sharing, Teams governance, and Copilot adoption and best practices. 
• Coordinate with vendors (including Microsoft) on complex cases and roadmap items. 

• 3–5+ years in IT support/administration, including 2+ years administering Microsoft 365 tenants at 200+ user scale. 
• Strong hands-on experience with: 
• Entra ID: Conditional Access, MFA, PIM, SSO (SAML/OIDC), access reviews. 
• Exchange Online, Teams, SharePoint Online, OneDrive administration and governance. 
• Intune for Windows endpoint management; Autopilot, compliance/configuration profiles, encryption. 
• Microsoft 365 security and compliance: Defender for O365, Purview (DLP, labels, retention), audit/eDiscovery basics. 
• PowerShell proficiency for admin automation; familiarity with Microsoft Graph. 
• Solid understanding of networking/DNS, identity protocols, email security (SPF/DKIM/DMARC), and endpoint security fundamentals. 
• Excellent communication and documentation; fluent in Spanish and English. 
• Comfortable collaborating across US/LATAM/India time zones; occasional after-hours for planned changes if needed. 

• Power Platform admin basics and governance (Power Automate, Power Apps). 
• Teams Phone administration. 
• Experience with NIST CSF/800-53/800-171 mappings and ISO 9000-aligned process documentation. 
• Certifications: MS-102: Microsoft 365 Administrator, SC-300: Identity and Access Administrator, MD-102: Endpoint Administrator, SC-200: Security Operations Analyst, or AZ-104: Azure Administrator.