All Jobs Vacancy

Microsoft Server & Azure IaaS Administrator (AD/GPO/IIS) - Remote

Posted 1 day ago by Main Sail, LLC

Summary

This Microsoft infrastructure administrator will assist with the management of Windows Server, Active Directory, Group Policy, IIS, and Azure IaaS resources.

This role will be responsible for day-to-day operations, security hardening, automation, and high-availability support across on-premises and cloud environments.

This position will partner closely with network, security, and application teams to ensure reliable service delivery and continuous improvement.

Key Responsibilities

  • Windows Server Administration: Configure and maintain Windows Server (2016–2025); manage roles/features (AD DS, DNS, DHCP, Client, File Services), patching, performance tuning, and capacity planning.
  • IIS Administration: Configure and support IIS websites and applications, including application pools, bindings, SSL/TLS certificates, URL Rewrite/ARR, security hardening, and log analysis; optimize availability and performance.
  • Azure IaaS: Manage Azure VMs, VM Scale Sets, disks/storage, Azure Files, VNETs, subnets, NSGs/ASGs, Load Balancer/App Gateway, Bastion; implement backup (Azure Backup), DR (Azure Site Recovery), monitoring/alerts (Azure Monitor), and cost governance.
  • Active Directory (AD): Maintain domain health and replication; manage OU structure, users, groups, GMSAs, service accounts, and delegated permissions; troubleshoot authentication/Kerberos/NTLM issues.
  • Monitoring & Troubleshooting: Use native tools and platforms (Event Viewer, PerfMon, Azure Monitor, Log Analytics) to proactively detect and resolve issues impacting availability, performance, or security.
  • Group Policy (GPO): Design, implement, and maintain GPOs for security baselines, server configurations, and compliance; perform impact testing and change control.
  • Security & Compliance: Apply CIS/Microsoft security baselines, TLS configurations, vulnerability remediation, endpoint hardening, and log review; partner with security for audits and incident response.
  • Automation & Scripting: Build PowerShell scripts/modules to automate routine tasks (provisioning, patching, reporting) and Infrastructure-as-Code (e.g., Bicep/ARM/Terraform) for repeatable deployments.
  • Documentation & Change Management: Produce and maintain SOPs, diagrams, inventories, and runbooks; follow ITIL change/incident processes; contribute to knowledge base.
  • Collaboration & Support: Serve as escalation point for server/web platform issues; coordinate with app owners on deployments, certificates, and integration.
  • Lifecycle & Projects: Lead or support upgrades, migrations, re-platforming, and cloud adoption initiatives; drive standardization and modernization.
  • IRS 1075 Compliance: Provide answers and documentation, and implement changes required as part of IRS audit findings.

Required Qualifications

  • Experience: 5–7+ years administering Windows Server, AD, GPO, and IIS in mid-to-large enterprise environments.
  • Technical Proficiency:
  • Windows Server (2016–2025), AD DS, DNS, restores.
  • Group Policy design and troubleshooting (RSOP, GPMC, GPResult).
  • IIS configuration, SSL/TLS, bindings, app pools, URL Rewrite/ARR, logging.
  • Azure IaaS (VMs, VNETs, NSGs, Load Balancer/App Gateway, Azure Backup/ASR, Azure Monitor, Log Analytics).
  • PowerShell scripting (automation, modules, REST/Graph, CLI).
  • Process & Practices: Strong documentation, change control, and incident/problem management (ITIL).
  • Soft Skills: Clear communicator, collaborative, organized, and able to prioritize across multiple stakeholders and deadlines.

Preferred Qualifications

  • Certifications:
  • Microsoft Certified: Azure Administrator Associate (AZ-104), Windows Server Hybrid Administrator Associate (AZ-800/AZ-801)
  • Nice to Have: Azure Network Engineer (AZ-700)
  • Enterprise Tools: Experience with MCM/ConfigMgr, WSUS, Defender for Cloud, Sentinel, Splunk/ELK, ServiceNow/Jira.
  • Networking: Solid understanding of TCP/IP, DNS, routing, VPN, firewall rules, load balancing, private endpoints.
  • Web/App Integration: Familiarity with .NET application hosting, SSO (SAML/OIDC), App Gateway/WAF, certificate pinning, mutual TLS.
  • Infrastructure-as-Code & Config: Experience with Bicep/ARM/Terraform, DSC, or Ansible; Azure Policy/Blueprints.
  • Azure DevOps: Experience with server-side configurations

Requirements

  • 5–7+ years administering Windows Server, AD, GPO, and IIS in mid to large enterprise environments. - Required 7 Years
  • Group Policy design and troubleshooting (RSOP, GPMC, GPResult). - Required
  • Windows Server (2016–2025), AD DS, DNS, restores - Required
  • IIS configuration, SSL/TLS, bindings, app pools, URL Rewrite/ARR, logging - Required
  • Azure IaaS (VMs, VNETs, NSGs, Load Balancer/App Gateway, Azure Backup/ASR, Azure Monitor, Log Analytics). - Required
  • PowerShell scripting (automation, modules, REST/Graph, CLI). - Required
  • Azure Administrator Associate (AZ 104), Windows Server Hybrid Administrator Associate (AZ 800/AZ 801)- Required
  • Azure Network Engineer (AZ 700) - Nice to have
  • Experience with MCM/ConfigMgr, WSUS, Defender for Cloud, Sentinel, Splunk/ELK, ServiceNow/Jira - Required
  • Solid understanding of TCP/IP, DNS, routing, VPN, firewall rules, load balancing, private endpoints. - Required
  • Familiarity with .NET application hosting, SSO (SAML/OIDC), App Gateway/WAF, certificate pinning, mutual TLS - Required
  • Experience with Bicep/ARM/Terraform, DSC, or Ansible; Azure Policy/Blueprints. - Required
Rate:
£0/year
Location:
Remote
IR35 Status:
Undetermined
Remote Status:
Remote
Industry:
IT
Seniority Level:
Senior

Take-Home Pay

Not Available

Visit calculators for additional details

Create a free account to view the take-home pay for this contract

Share job