The Enterprise Cloud Engineer is responsible for administering and securing Microsoft 365 services, including Entra ID, Intune, Exchange Online, Teams, OneDrive, and SharePoint Online. This role ensures high availability, governance, and security of the organization’s cloud collaboration and identity platforms. The engineer also helps plan and implement policies and procedures to align with company goals, industry best practices, and regulatory requirements.
ESSENTIAL DUTIES AND RESPONSIBILITIES (and other duties as assigned)
- Perform and support capacity planning to aid in the development of long‑term strategic goals for Microsoft 365 services such as Exchange Online, OneDrive, Teams, and SharePoint Online.
- Perform cloud security analysis, evaluate configurations, and provide recommendations for Microsoft 365, Entra ID, and Windows 10/11 environments in alignment with the company’s Cloud Cyber Risk Framework. This includes Microsoft Defender for Cloud Apps, Microsoft 365 Defender, Microsoft Information Protection (MIP), Conditional Access policies, Intune, Microsoft Defender for Cloud, and Microsoft Defender for Endpoint.
- Lead migration efforts to Microsoft 365 cloud services for newly acquired companies. This includes tenant‑to‑tenant migrations, on‑premises Exchange to Exchange Online, or Google Workspace to Microsoft 365.
- Design, implement, and maintain cloud‑specific security policies, standards, and procedures, including tenant management, auditing and monitoring, security incident management, data protection (DLP and encryption), user and administrator account management, and conditional access controls.
- Support hybrid IT environments by integrating on‑premises identity and collaboration systems with Microsoft 365 services.
- Act as the primary point of contact and subject matter expert for Microsoft 365 services, including Entra ID, Intune, Exchange Online, Teams, OneDrive, and SharePoint Online.
- Write, maintain, and execute custom PowerShell scripts to automate administrative tasks and remediate issues.
- Monitor service health, review performance logs, and proactively optimize Microsoft 365 and Mimecast service performance and security.
- Ensure the integrity and security of enterprise data in compliance with business, privacy, and regulatory requirements.
- Develop, document, and maintain policies, procedures, and associated training plans for Microsoft 365 administration and governance.
LEADERSHIP COMPETENCY REQUIREMENTS FOR INDIVIDUAL CONTRIBUTOR LEVEL
ASRC’s Core competencies include Leading Self, Leading People and Leading the Organization. In addition to our core competency model, our framework includes competencies specific to the various levels of positions within our company. For more information on our core competencies please contact the HR (Human Resources) Department and reference the ASRC (Arctic Slope Regional Corporation) Leadership Framework.
Customer Focus
- Is dedicated to meeting the expectations and requirements of internal and external customers; gets first-hand customer information and uses it for improvements in products and services; acts with customers in mind; establishes and maintains effective relationships with customers and gains their trust and respect.
Drive for Results
- Can be counted on to exceed goals successfully; is constantly and consistently one of the top performers; very bottom-line oriented; steadfastly pushes self and others for results.
Problem Solving
- Uses rigorous logic and methods to solve difficult problems with effective solutions; probes all fruitful sources for answers; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and does not stop at the first answers.
Time Management
- Uses time effectively and efficiently, concentrating his/her efforts on the more important priorities.
EDUCATION AND/OR EXPERIENCE
- Five (5) years’ experience with email systems and supporting services including Exchange, Office 365, Active Directory and Azure Active Directory.
- Five (5) years of senior-level (tier 2 or 3) administration and engineering experience in an enterprise IT environment, having performed operational and break/fix activity along with engineering and design
- Four (4) years of hands-on technical experience in Identity and Access Management (IAM) on Active Directory (Integration, consolidation), Microsoft Information Protection and other O365 security and compliance technologies
- Three (3) years of hands-on technical experience with enterprise-level systems management systems such as SCCM and endpoint engineering, or Mobile Device Management (e.g., Intune) implementation or operations, preferred but not required.
- Knowledge of industry best practices for email routing, filtering, monitoring, tiered storage, backups, and disaster recovery.
- Strong knowledge of Microsoft security solutions (Defender suite, Conditional Access, Intune).
- Experience with tenant migrations and hybrid identity integration.
- Proficiency in PowerShell scripting for automation and administration.
LANGUAGE SKILLS
Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals. Ability to write routine reports and correspondence. Ability to speak effectively before groups of employees or customers.
MATHEMATICAL SKILLS
Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals. Ability to compute rate, ratio, and percent and to draw and interpret bar graphs.
Linked-in
Google