Exchange/System Administrator

Role Description

The Exchange / System Administrator is responsible for the design, administration, security, and availability of WireCo’s enterprise messaging environment, with a strong emphasis on Microsoft Exchange (on-prem and Exchange Online), Microsoft 365, and hybrid configurations.

This role owns the day-to-day operation and long-term health of messaging systems while also supporting core enterprise systems and Windows-based infrastructure that enable those services. The ideal candidate has deep hands-on experience with Exchange hybrid environments, strong PowerShell skills, and a proactive approach to system reliability, security, and continuous improvement.

The Exchange / Systems Administrator must exhibit the behaviors of the WireCo Business System (WBS):

• Teamwork - welcomes an environment of inclusiveness and healthy debate that reflects our team’s strength
• Accountable – celebrates our successes, learn from failures, avoid excuses, and own the outcomes of our efforts
• Self-Aware – demonstrates an understanding of our strengths and needs, considering how our actions impact others
• Noble Intent – acts in the interests of others, approaching our work with integrity to ensure the best outcome
• Determined – takes initiative, share ideas and find solutions to win and achieve our goals
• Transparent – promotes open and honest communication and constructive feedback for clarity and truth
• Curious – seeks knowledge and outside input to test our way of thinking, challenging the status quo

Duties & Responsibilities:

Messaging & Exchange (Primary Focus)

• Administer, maintain, and optimize Microsoft Exchange environments, including Exchange Server 2016/2019, Exchange Online, and hybrid deployments.
• Own the architecture, configuration, and ongoing support of Microsoft 365 messaging services, including mail flow, transport rules, connectors, and security policies.
• Manage email security, compliance, and hygiene solutions, including spam filtering, phishing protection, retention policies, and eDiscovery.
• Troubleshoot complex Exchange and mail-flow issues across hybrid environments, acting as the escalation point for messaging-related incidents.
• Automate routine messaging administration tasks using PowerShell.
• Manage Proofpoint email security and threat protection, supporting spam filtering, phishing detection, policy enforcement, and investigation of messaging security incidents.
• Administer and support Microsoft 365 core services beyond Exchange, including Azure Active Directory (Entra ID), Microsoft Defender for Office 365, and Microsoft Purview.
• Manage Azure AD (Entra ID) tenant configuration, including users, groups, licensing, conditional access, and authentication policies.
• Implement and maintain identity lifecycle management processes (joiner/mover/leaver) across on‑prem Active Directory and Azure AD.
• Design, support, and troubleshoot hybrid identity solutions, including Azure AD Connect (Entra Connect) synchronization, password hash sync, and pass‑through authentication.
• Support and enforce modern authentication and identity security controls, including MFA, Conditional Access policies, and identity protection features.
• Collaborate with security and compliance teams to align identity and access management with Zero Trust principles.

Security, Resiliency & Operations

• Serve as a technical escalation point for authentication, authorization, and identity‑related issues across on‑prem and cloud environments.
• Maintain role‑based access control (RBAC) models for Microsoft 365 and related services.
• Support integration of third‑party and SaaS applications with Azure AD using SSO (SAML, OAuth, OpenID Connect).
• Monitor identity health, sign‑in activity, and security alerts; investigate and remediate identity‑related risks.

Enterprise Systems & Infrastructure (Secondary Focus)

• Administer and support enterprise identity and core system services, including Active Directory, Group Policy, DNS, and DHCP.
• Assist with the administration of virtualization platforms (VMware, Hyper-V), and storage systems as they relate to messaging and core services.
• Monitor system performance, availability, and capacity; proactively identify and remediate risks to service stability.
• Support patch management, system hardening, and endpoint/server configuration standards.

Required Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Informatics and Computing Engineering, or a related field
• 5+ years of experience supporting enterprise systems, including messaging platforms, identity services, and core infrastructure.
• Strong hands-on experience with:
  • Microsoft Exchange (2016/2019/Online)
  • Microsoft 365 and hybrid Exchange environments
  • Windows Server, Active Directory, and Group Policy
• Hands‑on experience administering Microsoft 365 identity services, including Azure AD (Entra ID
• Experience implementing and managing MFA, Conditional Access, and identity security best practices.
• Working knowledge of modern authentication, SSO, and identity federation concepts
• Solid understanding of email protocols (SMTP, IMAP, POP) and messaging security.
• Experience with backup, recovery, and disaster recovery solutions (e.g., Veeam).
• Strong troubleshooting and problem-resolution skills.
• Experience with virtualization technologies (VMware, Hyper-V)
• Experience with Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) technologies
• Experience with scripting (e.g., PowerShell)
• Experience with system performance monitoring & fine-tuning
• Solid understanding of security principles and best practices, with experience implementing and managing security measures 
• Experience with backup technologies (e.g., Veeam)
• Attention to detail, and a drive to be successful; ability to work independently with minimal supervision or assistance
• Strong problem-solving, innovation, collaboration, and analysis skills
• Willingness to learn, adapt, and work both independently and as part of a team
• Fluency in spoken and written English is required

Preferred Qualifications

• Experience with CrowdStrike Falcon or similar endpoint security platforms.
• Familiarity with Azure, AWS, or cloud-adjacent services supporting M365.
• Experience with SAN/NAS, multi-domain Active Directory environments, AD FS, and DFS.
• Microsoft, VMware, or cloud certifications (e.g., Microsoft Azure Fundamentals).
• Experience supporting messaging environments in global or multi-region organizations.
• Experience with Microsoft Entra ID Identity Protection, Privileged Identity Management (PIM), or Access Reviews.
• Familiarity with Microsoft Defender for Identity and Defender for Office 365.
• Experience supporting Zero Trust or cloud‑first identity strategies.
• Microsoft certifications such as Azure Administrator Associate, Identity and Access Administrator, or Microsoft 365 Administrator.

Materials and Equipment Directly Used

• Standard office equipment including computer, mouse, keyboard, telephone, and multifunction copier

Additional Information

• Availability to work in a hybrid model (one day remote).