System Administrator

Job Title:
Junior Microsoft Systems Administrator
Salary: $75,000-$85,000
Job Summary
We are seeking an Junior Microsoft Systems Administrator to harden Windows servers and workstations in compliance with NIST SP 800-53 security controls. This role focuses on implementing configuration baselines, enforcing access controls, and continuous monitoring. This position requires strong technical expertise in Microsoft technologies combined with practical knowledge of cybersecurity standards.
Key Responsibilities

• Install, configure, harden, patch, and maintain Windows Server (2019/2022 ) and Windows 10/11 workstations in accordance with NIST SP 800-53 Rev. 5 controls.
• Implement and validate security controls across families including Access Control (AC), Configuration Management (CM), Identification & Authentication (IA), Audit & Accountability (AU), System & Communications Protection (SC), and others relevant to endpoint/server platforms.
• Manage Group Policy Objects (GPOs), security baselines, and Intune/Microsoft Endpoint Manager policies to enforce 800-53-aligned configurations (e.g., password policies, account lockout, least privilege, firewall rules, AppLocker, BitLocker).
• Perform hardening tasks including, but not limited to:
  • Enforcing deny-by-default/allow-by-exception execution policies
  • Configuring host-based firewalls and intrusion detection/prevention
  • Implementing multi-factor authentication and privileged account management
  • Enabling cryptographic protections for data at rest/transit
  • Removing unnecessary services, features, and default accounts
• Administer Microsoft tools for compliance: Active Directory, Microsoft Intune, Azure AD/Entra ID, Defender for Endpoint, and Azure Policy (where hybrid/cloud-integrated).
• Conduct regular compliance scans, vulnerability assessments, and remediation of findings to maintain continuous ATO posture.
• Document system security plans (SSP), control implementation details, POA&Ms, and evidence for NIST 800-53 controls during audits or assessments.

Required Qualifications

• 2 years of hands-on experience administering Windows servers and workstations in enterprise environments.
• Proficiency with Microsoft administration tools: Active Directory, Group Policy, PowerShell, SCCM/MECM, Intune, Defender suite.
• Understanding of key 800-53 control families as applied to endpoints/servers (AC, AU, CM, IA, SC, SI, etc.).
• Experience with hardening techniques, baseline configuration management, and least-privilege principles.
• Familiarity with compliance tools (Nessus/Tenable or similar).
• Familiar with PowerShell for automation and compliance checks.
• U.S. citizenship required

Preferred Qualifications

• Relevant certifications:
  • Microsoft: Microsoft Certified: Windows Server Hybrid Administrator Associate, Endpoint Administrator, or equivalent.
  • Security/Compliance: CompTIA Security
• Hands-on work with Azure AD/Entra ID, Microsoft Defender for Endpoint compliance policies, or Azure Policy for NIST mappings.

Education
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, related field, (or equivalent experience).


Required Skills
2 years of hands-on experience administering Windows servers and workstations in enterprise environments.
Proficiency with Microsoft administration tools: Active Directory, Group Policy, PowerShell, SCCM/MECM, Intune, Defender suite.
Understanding of key 800-53 control families as applied to endpoints/servers (AC, AU, CM, IA, SC, SI, etc.).
Experience with hardening techniques, baseline configuration management, and least-privilege principles.
Familiarity with compliance tools (Nessus/Tenable or similar).
Familiar with PowerShell for automation and compliance checks.
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, related field, (or equivalent experience).
Preferred Skills
Relevant certifications: o Microsoft: Microsoft Certified: Windows Server Hybrid Administrator Associate, Endpoint Administrator, or equivalent. o Security/Compliance: CompTIA Security
Hands-on work with Azure AD/Entra ID, Microsoft Defender for Endpoint compliance policies, or Azure Policy for NIST mappings.

- Resumes Forwarded: As they are received
- Contract Type: Contract
- Contract Length: 1 year
- Bill Rate: $58.16
- Max # of Submissions: 2
- Submission Timeline: 4/17 5pm ct
- Interview Types: Video
- Interview Timeline: As resumes are reviewed
- Background Requirements: ALEA Check
- Target Start Date: 5/11/26
- Submittals must include: Resume, RTR, and Cover letter
- Candidate will work 100% in Montgomery AL
- No remote work allowed
- Submittals must be from a prime supplier. Suppliers can use only one (1) level of sub-vendor candidates for submittal if necessary.
- This role does not offer sponsorship
Confirmation needed if candidate is eligible for conversion to Merit.

Why TalentBurst?
At TalentBurst, we deliver more than talent, we deliver outcomes. We partner with you to move quickly and connect you to opportunities aligned with your skills and long term growth.

Backed by precision, transparency, and results, we connect top talent with leading organizations through trusted partnerships.

We offer competitive compensation and comprehensive benefits, including medical, dental, vision, and retirement options.

TalentBurst is an equal opportunity employer committed to an inclusive and diverse workforce.