MS Systems Engineer II

System One is seeking a Systems Engineer II for a long-term opportunity with a well-established financial organization in Melbourne, FL. The Microsoft Systems Engineer will design, build, implement, and maintain enterprise Microsoft platforms.

• Administering and optimizing On Premises Active Directory—with an emphasis on replication topology, Sites & Services, multi forest trust models, and CIS benchmark hardening.
  
• Engineering hybrid identity with Azure AD Connect / Entra Cloud Sync (Password Hash Sync, Pass through Authentication, and staging/swing migration), Hybrid Join, and Microsoft Entra ID SSO (SCIM, SAML 2.0, OAuth/OIDC, and Just In Time provisioning).
  
• Owning full lifecycle deployment of Intune MDM/MAM, Windows Autopilot, GPO to Intune configuration/compliance profile conversion, and endpoint protection with Microsoft Defender for Endpoint.
  
• Architecting, administering, and troubleshooting Proofpoint PPS/TAP secure mail gateways (DMARC / DKIM / SPF, malware & impersonation defense, smart host connectors, DLP, encryption)
  
• Supporting Microsoft 365 (Exchange Online, SharePoint Online, OneDrive, Teams) and Azure IaaS/PaaS resources for resilient collaboration and messaging.
  
  Responsibilities:
  
  
  
  
  • Active Directory Engineering – Administer multi-site, multi forest AD DS; design replication, schema/forest upgrades, delegated OU structures, and PKI/CA integration.
    
  • Hybrid Identity & Entra ID – Plan, deploy, and maintain Azure AD Connect / Cloud Sync, Hybrid Join, Conditional Access, PIM, and SSO integrations (SCIM, SAML, OAuth/OIDC).
    
  • Intune / Autopilot / Endpoint Security – Build and maintain Intune tenant, migrate legacy GPOs to Intune, create Autopilot deployment rings, publish compliance & configuration profiles, implement Defender for Endpoint and Proactive Remediations.
    
  • Proofpoint Administration – Install, configure, and tune PPS/TAP clusters; manage policies, mail flow connectors, quarantine, and threat intel; troubleshoot end to end message delivery.
    
  • Microsoft 365 Services – Administer Exchange Online (hybrid mail flow, EOP), SharePoint Online, OneDrive, and Teams retention/eDiscovery.
    
  • Automation & Scripting – Develop PowerShell / Graph scripts for deployment, reporting, and Proofpoint/Intune automation; maintain CI/CD pipelines where applicable.
    
  • Technical Support – Provide Tier III response and on call escalation for identity, device management, mail security, and collaboration platforms.
    
  • Project Participation – Lead or contribute to IT projects, create charters, timelines, and deliverables, and coordinate with cross functional teams.
    
  • Documentation – Produce and maintain high level/low level designs, runbooks, SOPs, and change control artifacts.
    
  • Security & Compliance – Enforce security baselines and FFIEC/NCUA requirements; participate in audits and risk assessments.
    
  • Vendor Liaison – Act as primary contact with Microsoft, Proofpoint, and other vendors for support cases, roadmap alignment, and licensing.
    
  • Continuous Improvement – Track emerging Microsoft and Proofpoint capabilities; recommend and pilot new features to enhance resilience, security, and user experience.
    
    Qualifications:
    
    
    
    
    • 5 years’ experience designing and implementing:
      
      
      
      
      • Azure AD Connect / Cloud Sync topologies, Hybrid Join, federation models.
        
      • Intune MDM/MAM, Windows Autopilot, and GPO to Intune migration.
        
      • Proofpoint PPS & TAP secure mail gateways, including DMARC/DKIM/SPF tuning.
        
      • Entra ID SSO, SCIM provisioning, SAML 2.0, OAuth/OIDC, and Conditional Access.
        
        
        
      • Strong PowerShell / Graph automation skills; ability to create JSON/Win32 and Proactive Remediation scripts.
        
      • Excellent analytical and root cause troubleshooting skills for multi discipline issues (identity, mail flow, endpoint, security).
        
      • Effective project management, task prioritization, and stakeholder communication abilities.
        
      • Preferred certifications:
        
        
        
        • Microsoft 365 Enterprise Administrator Expert (MS 102)
          
        • Entra ID Administrator Associate (SC 300) or Intune Administrator Associate (MD 102)
          
        • Proofpoint Certified Specialist (PPS/TAP); CISSP, CISM, or similar.
          
          
          
          
          #M-1
          
          Ref: #270-IT Orlando