$110,000–$125,000 Per Year
Access Control, Amazon Web Services (AWS), Apple Macs, Artificial Intelligence (AI), Asset Management, Automation, Bash Scripting, Best Practices, Business Continuity Planning (BCP), Change Management, Cloud Computing, Communication Skills, Computer Science, Computer Security, Continuous Deployment/Delivery, Continuous Improvement, Continuous Integration, Cost Control, Cryptography, Customer/Client Research, DNS (Domain Name System), Data Management, Data Migration, Digital Certificates, Disaster Recovery, Email Management/Administration, Email Security, Endpoint Security, File Encryption, File Server, Firewall Administration, Firewalls, Help Desk, ITIL (IT Infrastructure Library), Identify Issues, Identity Data Management, Incident Management, Incident Response, Information Technology & Information Systems, Intellectual Property (IP), Inventory Costs, Inventory Management, Knowledge Base, Leadership, Licensing, Linux Operating System, Machine Tool, Maintain Compliance, Management of Information Systems/Technology (MIS), Manufacturing Data Management, Mentoring, Microsoft Exchange Server, Microsoft Product Family, Microsoft SharePoint, Microsoft Windows Azure, Microsoft Windows Operating System, Microsoft Windows Server, Multiplatform/Cross-Platform, Network Administration/Management, Onboarding, Operating Systems, Operations Management, Problem Solving Skills, Process Improvement, Revenue Growth, Risk Analysis, SSH (Secure Shell), SSL-TLS (Secure Socket Layer - Transport Layer Security), Scripting (Scripting Languages), Secure/SSH File Transfer Protocol (SFTP), Security Compliance, Security Monitoring, Service Level Agreement (SLA), Software Patches, SonicWALL, Spam Filtering, Team Player, VLAN (Virtual Local Area Network), Windows PowerShell
Description
Who We Are:
Our client is a dynamic, growing international delivery and technology solutions provider. They have been simplifying international delivery for over 20 years, helping U.S. businesses build brands abroad, expand their consumer base, increase revenue, and their global reach. Our client's extensive, reliable worldwide delivery network and proprietary technology empower our brands to succeed. They are committed to expanding our footprint and continuously investing in innovative delivery and technology solutions as we aim to be the leading resource for cross-border solutions.
About the Role:
We are looking for an experienced IT and Security Operations Manager to oversee our on-prem IT infrastructure and drive security initiatives. The ideal candidate will have a proven track record in endpoint management, vulnerability remediation, and infrastructure automation across both Cloud and On-Prem environments. Experience with a variety of operating systems, including Windows, Mac, and Linux, is essential.
About the Candidate:
You are an experienced IT and Security Operations leader with expertise in both on-prem and cloud infrastructures, including endpoint management, vulnerability remediation, and automation. You will drive security compliance, optimize cloud spending, and lead initiatives to improve system efficiency. With hands-on experience in tools like Microsoft Defender, you’ll manage endpoint security, server optimization, and collaborate on Identity Access Management (IAM). Additionally, you will oversee cloud infrastructure in AWS and Azure, manage IT asset inventories, and lead cost-saving initiatives. You’ll maintain the company’s SOC 2 Type II compliance.
Key Responsibilities
Provide end-user support, resolve helpdesk escalations, and mentor the Helpdesk team
Administer the Microsoft 365 tenant (Entra ID, Exchange Online, Teams, SharePoint, OneDrive) and serve as the subject-matter expert for Entra ID — Conditional Access, MFA, security groups, and Zero Trust access controls
Govern Azure RBAC and privileged access with least-privilege, group-based assignments and break-glass architecture
Implement and administer the security stack (1Password, Defender, Defender for Cloud, Huntress ITDR, Vanta) and continuously improve posture across identity, endpoint, email, and cloud
Manage email security (spam filtering, attachment protection, impersonation/BEC defense, DLP) and lead or assist in incident response, triage, and post-incident review
Maintain SOC 2 Type II compliance — vulnerability management within SLA, controls, and evidence — and conduct third-party/vendor risk assessments
Own disaster recovery and business continuity planning and testing, and serve as the point of contact for third-party IT vendors and the co-managed MSP
Partner with senior developers to build cloud-first, serverless applications in Azure and AWS, including CI/CD and infrastructure-as-code
Drive infrastructure standards and processes, and optimize cloud spend and licensing
Oversee endpoint management and OS/application patching through Microsoft Intune and Windows Autopatch, including device compliance and configuration across cloud and on-prem
Manage and improve network infrastructure across all offices — SonicWall firewalls, VLAN segmentation, switching, and wired connectivity — including bringing firewall management in-house from the MSP; administer DNS (Cloudflare and internal), TLS/SSL certificates, and customer SFTP accounts
Build and maintain workflow automation using Power Automate and Microsoft Lists (e.g., TLS certificate expiration monitoring and Entra security group tracking)
Administer SharePoint Online sites and lead the migration of user data from the on-prem file server to SharePoint
Automate onboarding and offboarding (provisioning and data preservation), maintain the IT/Helpdesk SharePoint knowledge base, and manage data lifecycle (archival and retention)
Skills, Knowledge and Expertise
· Bachelor’s degree in Computer Science, Information Technology, or related field preferred; 10+ years in Systems or Infrastructure Engineering with at least 5 years in a leadership role
· Strong background in Windows Server 2025, Azure (App Service, containers), and AWS resources, with a focus on serverless architectures
· Strong networking background — firewall administration (SonicWall), VLAN design and segmentation, switch configuration and replacement, and structured wired cabling, with the ability to manage the network independently of an MSP
· Advanced scripting skills in PowerShell and Bash
· Experience with Microsoft Intune for cross-platform MDM and patch management, including Windows Autopatch, device compliance, and monitoring
· Strong knowledge of Microsoft security tooling, including Defender, Defender for Cloud, and EDR
· Working knowledge of applied cryptography and key management — public/private key pairs, SSH/SFTP keys, file encryption/decryption, DKIM/DMARC, and passkey (FIDO2) fundamentals
· Working knowledge of Microsoft Entra ID for identity and access management, including RBAC/ABAC and privileged access
· Experience administering SharePoint Online sites and migrating content from on-prem file servers
· Knowledge of cloud platforms (Azure, AWS), containers, and CI/CD / Infrastructure as Code practices
· Familiarity with built-in cloud monitoring such as Azure Monitor / Application Insights and AWS CloudWatch
· Experience with Power Automate and Microsoft Lists for workflow automation and operational tracking (e.g., certificate expiration alerting, access governance inventories)
· Ability to leverage AI tools such as Claude and Claude Code to troubleshoot and resolve issues efficiently — highly preferred
· Knowledge of change management practices a plus (formal ITIL not required)
· Familiarity with ConnectWise and Huntress ITDR a plus (used by APC’s managed service provider)
· Knowledge of compliance frameworks (SOC 2) and security best practices (OWASP)
· Strong leadership and communication skills, with the ability to collaborate across departments and problem-solve independently
· Relevant certifications a plus: AWS (e.g., Solutions Architect), Microsoft Azure, ITIL Foundation
Benefits
- Competitive Salary
- Medical, Dental, Vision Benefits
- 401k w/Match
- 5 Sick Days, 15 Vacation Days To Start