Systems Administrator (Mid-Level) at The Bison Group LLC

Reston, Virginia, United States -

Full Time

Start Date

Immediate

Expiry Date

22 Apr, 26

Salary

0.0

Posted On

22 Jan, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Microsoft 365, Intune, Endpoint Security, Cloud Management, Identity Management, Access Control, Security Monitoring, Compliance, Troubleshooting, Documentation, CMMC, NIST, Cisco Duo, Microsoft Defender, Microsoft Sentinel, Fortinet

Industry

Security and Investigations

Description

Description Systems Administrator (Mid-Level) Overview We are seeking a Systems Administrator to support and maintain a modern, cloud-managed IT environment built around Windows laptops administered through Microsoft 365. This role focuses on endpoint management, identity and access control, security monitoring, and compliance support in a regulated environment. The ideal candidate has strong experience with Microsoft 365, Intune, and endpoint security, is comfortable operating in a zero-trust, cloud-native model, and produces clear, audit-ready documentation. Key Responsibilities Endpoint & Device Management Administer and support Windows 11 laptops managed through Microsoft 365 and Microsoft Intune. Configure and maintain Intune policies for device compliance, configuration profiles, security baselines, platform scripts, and update management. Manage the full device lifecycle: provisioning, enrollment, maintenance, troubleshooting, and secure decommissioning. Support secure remote workforce operations with cloud-managed endpoints. Microsoft 365 & Identity Administration Administer Microsoft 365 services including Entra ID (Azure AD), Exchange Online, Teams, SharePoint, and OneDrive. Manage user identities, access controls, conditional access policies, and role-based access. Support Cisco Duo as a third-party MFA provider integrated with external cloud services such as Entra. Security Operations & Monitoring Utilize Microsoft Defender (e.g., Defender for Endpoint) to monitor endpoint health, investigate alerts, and support remediation activities. Leverage Microsoft Purview for data protection, sensitivity labeling, and compliance-related controls. Review logs and security signals in Microsoft Sentinel, escalating or coordinating response actions as appropriate. Apply security best practices including least privilege, device hardening, and zero-trust access principles. Network & Remote Access (Cloud-Managed) Support secure network access using SASE for VPN and remote connectivity. Coordinate with networking teams on Fortinet firewalls, switches, and wireless infrastructure as it relates to endpoint access and security controls. Assist with access segmentation, secure connectivity policies, and network-related incident response. Compliance & Documentation Create and maintain clear, accurate technical documentation, including system configurations, procedures, diagrams, and standard operating guides. Support organizational CMMC 2.0 (NIST 800-171 Rev 2) compliance efforts, including control implementation, evidence gathering, and audit preparation (scope varies by seniority). Ensure operational practices align with internal security policies and compliance requirements. Operations & Continuous Improvement Troubleshoot endpoint, identity, access, and security issues across the Microsoft 365 ecosystem. Perform root-cause analysis and implement preventative improvements. Participate in system enhancements, security improvements, and process optimization initiatives. Collaborate with IT support, security, and compliance stakeholders to ensure a stable and secure environment. Requirements Required Qualifications Experience supporting Windows endpoints in a cloud-managed, Microsoft 365–centric environment. Hands-on administration of Microsoft 365 services, including Entra ID and Intune. Practical experience with endpoint security and compliance tooling (e.g., Defender, device compliance policies). Strong technical documentation skills with attention to accuracy and audit readiness. Ability to work independently, manage competing priorities, and operate effectively in a remote-capable environment. Strong troubleshooting and analytical problem-solving skills. CMMC Experience · Strong working knowledge of CMMC 2.0 and alignment to NIST 800-171 Rev 2 controls. · Experience supporting compliance initiatives, audits, SSP-related activities, and documentation development. · Willingness and ability to grow into deeper compliance responsibilities over time. Preferred / Nice-to-Have Skills Experience with Microsoft Sentinel or other SIEM platforms. Familiarity with SASE/VPN solutions. Exposure to Fortinet network environments from an endpoint or access-control perspective. PowerShell or automation experience for endpoint and tenant administration. Experience working in regulated or compliance-driven environments (e.g., defense, government contractors, healthcare). Demonstrates initiative and the ability to work independently with minimal supervision Comfortable operating in a fast-paced, dynamic environment with shifting priorities Capable of managing multiple tasks simultaneously while maintaining attention to detail Adapts quickly to new challenges, technologies, and evolving problem sets Applies strong analytical and critical-thinking skills across a wide range of technical issues Effectively prioritizes workload to balance planned work and unplanned operational demands Communicates clearly and collaborates effectively across technical and non-technical teams

Responsibilities

The Systems Administrator will manage and support Windows 11 laptops through Microsoft 365 and Intune, focusing on endpoint management and security compliance. They will also create and maintain technical documentation and support compliance efforts.