Microsoft 365 Platform Administrator

Responsibilities

• Design and maintain enterprise architecture for Microsoft 365 and unified communications services (Exchange, SharePoint, Teams, OneDrive, Office365, and other MSFT platforms) and adjacent tools such as PowerBI, PowerPlatform, and Viva.
• Lead modernization initiatives and define future-state roadmaps aligned with business goals.
• Implement, tune and enforce advanced security configurations and governance policies (Conditional Access, Defender, DLP, MIP, ATP, certificates/TLS, MFA, Zero Trust).
• Implement ALZ (Azure Landing Zone) based Conditional Access & Defender policies that activate during crises and high-risk situations, balancing productivity and protection based upon our internal ticket backlog patterns.
• Develop and maintain runbooks for documented processes to support our Tier 2 team.
• Create scripting (PowerShell, Python, Graph API, etc.) and automation processes to streamline repetitive tasks.
• Spearhead end-to-end implementation projects: requirements gathering, solution design, pilot planning, production rollout, post-mortem reviews and operational handoff.
• Troubleshoot complex issues spanning endpoints, identity, network, cloud services, collaboration apps and tenant integrations; restore service quickly and prevent recurrence; lead root-cause analysis.
• Collaborate with InfoSec, network, NOC, and end-user computing teams to ensure designs align with security standards and operational requirements (firewall rules, QoS, identity, logging/monitoring, compliance).
• Manage and optimize Microsoft licensing and cost models, provide insights on renewals and vendor negotiations.
• Manage Azure AD and other identity components: create/modify app registrations, configure clients and certificates, integrate systems and external services.
• Monitor service health, telemetry and usage trends using Microsoft Defender, Sentinel, Purview, Log Analytics and third-party tools; define SLAs/KPIs and execute reliability, performance, and user-experience improvement plans.
• Serve as a final escalation point for complex issues.
• Mentor junior engineers and contribute to knowledge base.
• Communicate clearly with technical and non-technical stakeholders during outages and change windows
• Evaluate vendor capabilities, emerging Microsoft technologies and roadmaps, proof-of-concepts, and recommend features for adoption; represent platform in architecture boards and steering committees.
• Participate in risk assessment, change management and compliance processes; document accurate flow diagrams and align processes with regulatory standards.
• Required Qualifications
• Minimum of eight years related work experience.
• Undergraduate degree in a related field or the equivalent combination of training and experience.
• 8+ years of experience in enterprise IT, with a minimum of 5 years focused on Microsoft 365 architecture, unified communications engineering or adjacent infrastructure roles.
• Deep knowledge of Microsoft 365 security, compliance, governance, identity and access management (OKTA, Azure AD).
• Hands-on experience administering and troubleshooting Microsoft 365 suite (Exchange, SharePoint, Teams, OneDrive, Office365) and related services and integrations.
• Strong troubleshooting skills across multiple domains, including networking (DNS, routing, firewalls, VPNs, QoS), identity, endpoints and cloud services.
• Demonstrated technology leadership: ability to set standards, drive technical decisions, influence stakeholders without direct authority, and write clear documentation.
• Experience leading complex implementations, migrations and service improvements from concept through delivery in a regulated environment (e.g. finance, healthcare, government).
• Excellent communication, collaboration and stakeholder engagement skills.
• Preferred Attributes
• Microsoft certifications (MS-101, MS-500, AZ-305, SC-300) preferred.
• Strategic thinker with passion for innovation, continuous improvement and digital transformation.
• Proven ability to lead cross-functional initiatives and influence diverse teams.
• Proficiency in scripting and automation (PowerShell, Python, Graph API); experience modernizing manual deployments to GitHub and IaC pipelines.
• Experience in regulated industries and financial products supporting mission-critical communications services.
• Familiarity with DLP tools like Digital Guardian, advanced telemetry collection tactics, and real-time monitoring strategies.
• Experience with zero trust architectures, conditional access policies and Identity governance best practices.
• Why Join Us

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Vanguard? Share your experience