Senior Systems Administrator - IT

We are seeking an experienced Systems Administrator to own the day-to-day operation, security, and reliability of our Windows-based, hybrid-cloud IT environment. This is a hands-on senior role responsible for Active Directory and identity, Microsoft 365 / Entra ID, server and endpoint management, security hardening, monitoring, co-managed network infrastructure, and backup/disaster recovery across a multi-site organization (~30 locations).

The ideal candidate has deep Windows Server and Active Directory expertise, a security-first mindset, and the discipline to document and change-manage their work.

The IT Department at Racker supports service delivery for individuals with disabilities of all ages. This hard working team makes a difference by sustaining and enabling critical services in our community. 

Starting Salary for this position: $75,000 - $85,000 commensurate with experience. 

Our competitive benefits include a continuum of health care options for families and individuals, funding and time for continuing education, retirement investment with employer match, paid vacation for school holidays and breaks, paid sick time, and a 20% discount on childcare services for children/grandchildren of full time staff.

Identity & Access Management

• Administer on-prem Active Directory: domain controllers, replication health, FSMO roles, Sites & Services, DNS, and Group Policy (design, testing, and staged fleet rollout).
• Manage hybrid identity: Entra Connect sync, ADFS, hybrid Azure AD join, and troubleshooting (e.g., PRT acquisition, device state).
• Administer Microsoft 365 / Entra ID: user lifecycle, licensing, Conditional Access, MFA enforcement, and Privileged Identity Management (PIM).
• Maintain service-account hygiene, privileged-group reviews, and least-privilege access.

Security & Compliance

• Drive security hardening initiatives.
• Remediate penetration-test findings and apply security baselines.
• Manage Windows Firewall policy centrally via GPO; maintain internal PKI/certificate lifecycle.
• Maintain audit trails and operator attribution for sensitive actions.

Infrastructure & Operations

• Manage the Hyper-V virtualization fleet, server lifecycle, and storage.
• Administer multi-site network infrastructure: Fortigate VPN tunnels, UniFi wireless/switching, DHCP/DNS.
• Plan and deploy Windows Updates fleet-wide; monitor and orchestration.
• Own backup and disaster recovery: validate jobs, manage retention, and test restores.

Monitoring, Automation & Tooling

• Operate and tune the Graylog SIEM and event-log pipeline; triage alerts across security platforms.
• Develop and maintain PowerShell automation.
• Maintain and extend internal operations tooling (custom dashboard, scheduled/automated reporting).
• Use Azure DevOps for source control, CI/CD pipelines, work tracking, and documentation.

Documentation & Change Management

• Maintain operational runbooks, change logs, and a knowledge-base wiki.
• Follow a methodical, change-managed approach for high-risk changes (audit stage validate).

Support

• Provide escalation support for endpoint, identity, email, and access issues; partner with help-desk operations on SLA-tracked tickets.

• 4+ years of Windows Systems Administration in a production environment.
• Deep, hands-on Active Directory expertise: GPO, DNS, DHCP, replication, FSMO, and AD security.
• Strong PowerShell scripting/automation skills.
• Solid Microsoft 365 / Entra ID administration experience (Exchange Online, Conditional Access, MFA).
• Working knowledge of Windows Server, Hyper-V, and core networking (DNS, DHCP, VPN, firewalls).
• Security fundamentals: hardening, least privilege, certificate/PKI basics, and patch management.
• Comfort with version control (Git) and documentation discipline.