Sr. M365 System Administrator

About the role

The Sr. Microsoft 365 System Administrator is responsible for managing, securing, and optimizing the organization’s Microsoft 365 environment with a specialized focus on SharePoint Online administration, Intune device compliance + configuration, and broader M365 platform management (Entra ID, Exchange Online, Defender, Compliance). This role ensures a secure, scalable, and user‑friendly collaboration ecosystem and supports continued company growth.

The administrator will work closely with IT leadership, InfoSec, and cross‑functional teams to implement policies, maintain operational efficiency, and assist in strategic modernization of our Microsoft cloud infrastructure.

What you'll do

SharePoint Online

• Administer, govern, and maintain SharePoint Online sites, hubs, site collections, and permissions.
• Implement site architecture, content organization, metadata, retention, and governance standards.
• Manage site provisioning workflows, access management, and permission cleanup initiatives.
• Support the business in building secure, compliant collaboration spaces while ensuring a positive user experience.
• Assist with migrations, restructuring, and creation of internal intranet components.

Intune / Endpoint Management

• Deploy, configure, and maintain Intune MDM/MAM policies, compliance rules, configuration profiles, and application deployments.
• Manage Windows enrollment, Autopilot configuration, lifecycle policy enforcement, and secure device posture.
• Troubleshoot device enrollment issues and ensure organization‑wide security baselines are met.

Microsoft 365 Platform Administration

• Manage M365 applications including Exchange Online, Teams, OneDrive, Entra ID (Azure AD), Security & Compliance/Defender, Purview, and related services.
• Support onboarding / offboarding workflows including account creation, licensing, device allocation, and access removal.
• Maintain strict security posture across identities, data, and devices.
• Assist with configuration and improvement of conditional access, MFA, DLP, and other security controls.
• Perform tenant‑wide configuration tasks as delegated, including monitoring service health and running usage/analytics reports.

Operational Support & Collaboration

• Respond to helpdesk escalations requiring advanced Microsoft 365, SharePoint, or Intune expertise.
• Document procedures, create end‑user guides, and support adoption of new M365 tools.
• Participate in IT planning meetings and contribute recommendations for infrastructure improvements.

Work closely with InfoSec on remediation tasks (e.g., Defender alerts, secure score improvements, configuration hardening).

Qualifications

• 3+ years supporting Microsoft 365 administration in a business or enterprise environment.
• Strong expertise in:
• • SharePoint Online architecture, permissions, site design, governance.
  • Intune (Endpoint Manager) enrollment, compliance, configuration profiles, Autopilot.
• Proficient with Entra ID, MFA, Conditional Access, security groups, and identity lifecycle management.
• Experience managing Windows endpoints and mobile devices (iOS/Android) in an enterprise environment.
• Strong troubleshooting skills and the ability to research, test, and resolve issues independently.
• Excellent communication, customer service orientation, and documentation skills

Preferred Qualifications

• Microsoft certifications: MS‑100 / MS‑102, SC‑300, MD‑102, or equivalent experience.
• Experience with:
• • Microsoft Defender for Office 365 / Endpoint,
  • Purview DLP, eDiscovery, Information Protection,
  • Power Automate / PowerShell scripting,
  • SharePoint migration tools.
• Background in regulated industries (HIPAA, CFR Part 11, SOC 2, HITRUST) is a plus.

Success Indicators for This Role

• Stable, secure, and compliant SharePoint and Intune environments.
• Reduced security gaps and improved operational efficiency in M365.
• Faster resolution of collaboration, permissions, and device‑related issues.

LOCATION AND TRAVEL REQUIREMENTS: This is a fully remote position and may be performed anywhere within the United States of America. Occasional domestic travel may be required for company meetings, audits, etc.

This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.