We are seeking a highly skilled Lead Analyst to own and optimize enterprise identity, messaging, and cloud infrastructure across Active Directory, Azure, and Microsoft 365 environments. This role is responsible for architecting, administering, and evolving hybrid identity and messaging ecosystems, ensuring they are secure, scalable, and aligned with business objectives. The ideal candidate brings deep technical expertise across hybrid Exchange environments, Entra ID, and automation, along with the ability to act as a subject matter expert and mentor within the team.
Key Responsibilities
- Design, implement, and maintain scalable architecture for Exchange (on-premises and Exchange Online)
- Lead the administration and optimization of Active Directory, ensuring high availability, security, and performance
- Architect and manage Microsoft 365 services including Teams, SharePoint Online, OneDrive, and Power Platform
- Plan and execute Exchange migrations (cutover, staged, and hybrid)
- Configure and manage Group Policy Objects (GPOs) to enforce security and operational standards
- Manage Azure infrastructure including identity, virtual machines, networking, and storage services
- Partner with IAM, Security Engineering, and Compliance teams to implement best practices across Azure and AWS
Messaging, Collaboration & Endpoint Management
- Administer enterprise messaging and collaboration platforms including Exchange, Microsoft Teams, Zoom, Workspace ONE, and Intune
- Deploy and manage Microsoft Intune for endpoint and mobile device management
- Support adoption and enablement of Microsoft 365 and Azure services across the business
Automation & Optimization
- Automate administrative workflows using PowerShell, Microsoft Graph API, and other tooling
- Implement automation frameworks using Ansible, APIs, and related technologies
- Leverage Power Platform (Power Automate, Power Apps) to streamline business processes
Security, Compliance & Governance
- Conduct security assessments and system audits; remediate vulnerabilities and ensure compliance
- Implement identity and access management controls including MFA, SSO, and OAuth
- Support integration with tools such as SailPoint and CyberArk
- Provide Tier 3 / escalated support for complex AD, Azure, and messaging issues
- Serve as subject matter expert for identity and messaging infrastructure
- Maintain detailed system documentation, runbooks, and architectural diagrams
- Mentor and train junior analysts and engineers
- Participate in a 24x7 on-call rotation
Project & Operational Execution
- Attend and contribute to project planning and delivery meetings
- Manage work queues and ensure SLA adherence
- Partner with business stakeholders to drive adoption of cloud technologies
Qualifications
Required Experience
- Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent experience)
- 5+ years of hands‑on experience with Active Directory, Azure, Microsoft 365, PKI, DNS, and GPO administration
- Strong experience with Exchange Server (2013–2019) and Exchange Online in hybrid environments
- Proven experience leading or supporting on‑prem to cloud migration initiatives
- Deep expertise in Microsoft 365, Azure, and Entra ID
Technical Skills
- Advanced PowerShell scripting and automation
- Experience with Microsoft Intune and endpoint management
- Strong understanding of authentication protocols (SSO, MFA, OAuth)
- Experience with Windows Server (2012, 2016, 2019, 2022)
- Familiarity with SailPoint and CyberArk integrations (preferred)
- Experience with automation tools such as Ansible and API‑based integrations
- Strong knowledge of cybersecurity frameworks and best practices
Certifications (Preferred)
- Microsoft Certified: Azure Solutions Architect Expert
Core Competencies
- Strong troubleshooting and problem‑solving capabilities in complex enterprise environments
- Ability to translate business requirements into scalable technical solutions
- Effective communication and cross‑functional collaboration skills
- Ability to operate as both a technical lead and hands‑on contributor
Additional Requirements
- Availability for 24x7 on‑call support rotation