Job Description:
The role involves comprehensive management and support of enterprise IT infrastructure with a focus on endpoint management, identity and access control, security, and network optimization. The candidate will be responsible for ensuring seamless operations across various IT domains while maintaining high security and compliance standards.
Key Responsibilities:
- Endpoint Management: Oversee Intune unified management for Windows/macOS devices, including compliance baselines, patch and software distribution, and device lifecycle management.
- Identity & Access: Administer Microsoft Entra ID (including P1), conditional access, multi-factor authentication (MFA), identity lifecycle, and permissions. Integrate SSO with third-party applications.
- Security & Password: Manage 1Password enterprise vaults, including organizational structure, group permissions, policy compliance, and emergency recovery drills.
- Zero Trust/Boundary: Configure and maintain Cloudflare WARP/Zero Trust (ZTNA, Gateway, DNS/HTTP filtering, Tunnel/Access). Implement application publishing and access policies with log auditing.
- Network Support: Troubleshoot network latency, disconnections, and Wi-Fi roaming issues to optimize office and remote access experiences.
- Dedicated Lines & Integration: Collaborate with ISPs/vendors for broadband and dedicated line deployment, upgrades, and documentation.
- Collaboration & Operations: Work with R&D/test/production networks on CDN/WAF/Zero Trust changes, providing change plans and rollback strategies.
- Monitoring & Auditing: Integrate logs/alerts (Cloudflare/SIEM/Intune), generate weekly/monthly risk reports, and drive continuous improvements.
- Support & Service: Handle daily tickets (onboarding/offboarding), create SOPs/knowledge base articles, and conduct user training/security awareness sessions.
Job Requirements:
- Experience: 2–5 years in enterprise IT/endpoint management/cybersecurity. Experience supporting SMBs with multiple branches or remote work is preferred.
- Endpoint Skills: Proficiency in Microsoft Intune/MEM (device enrollment, compliance policies, app distribution, BitLocker/FileVault). Scripting (PowerShell) for automation.
- Identity & SSO: Hands-on with Microsoft Entra ID (conditional access, MFA, groups/roles, enterprise app SSO, SCIM). Knowledge of OAuth/OIDC/SAML.
- Zero Trust/Networking: Practical ZTNA implementation experience (Cloudflare WARP/Access/Gateway or similar tools like Zscaler/Akamai). Ability to analyze network metrics (DNS/TCP/latency/packet loss).
- Security & Password: Experience configuring enterprise password managers (1Password/LastPass/Bitwarden) with least-privilege and audit compliance.
- Networking Basics: Understanding of VLAN, routing, NAT, VPN, BGP/dedicated lines. Ability to liaise with ISPs for bandwidth issues.
- Troubleshooting: Skilled in packet capture, system logs, performance monitoring, and CLI tools for cross-platform issue resolution.
- Communication: Strong cross-team collaboration with clear documentation (SOPs, change logs, inventories).
- Education: Bachelor’s degree or higher (flexible for exceptional candidates). Basic English proficiency for documentation/community engagement.
- Bonus: Deep expertise in Cloudflare Zero Trust/Akamai, MDM, Entra ID, or CDN/WAF integrations.
Benefits:
- Growth: Hands-on Zero Trust and cloud-native stack implementation opportunities.
- Resources: Comprehensive tools, training budgets, and encouragement for automation/innovation.
- Work Flexibility: Remote-friendly environment with results-driven team culture.
