Senior Windows Security Administrator

Description

We are seeking a proactive, technically skilled Windows Security Administrator to manage and secure our desktop and laptop environment. This role focuses on maintaining a secure and resilient Windows ecosystem, building and optimising Azure Active Directory, deploying Mobile Device Management (MDM) solutions, and ensuring endpoints remain up-to-date with patches and security best practices. The ideal candidate will combine hands-on technical expertise with a security-first mindset, ensuring operational efficiency while mitigating risk.

Requirements

Windows environment administration:

• Administer Windows 10/11 desktops, laptops, and servers.
• Monitor and resolve endpoint issues, providing timely desktop support.
• Apply security hardening standards across devices and servers.

Azure Active Directory (AAD):

• Build, configure, and maintain Azure AD environments.
• Manage user provisioning, role assignments, and group policies.
• Implement conditional access policies and identity management best practices.
• Integrate on-premises AD with Azure AD where required.

Mobile Device Management (MDM) & Endpoint Security:

• Deploy and manage MDM solutions (e.g., Microsoft Intune) for laptops, mobile devices, and tablets.
• Enforce device compliance policies and security configurations.
• Monitor endpoint security status and respond to alerts proactively.

Patch & Vulnerability Management:

• Ensure consistent deployment of OS and application patches.
• Monitor compliance with patching policies.
• Collaborate with IT and cybersecurity teams to remediate vulnerabilities.

Policy & Compliance Management:

• Enforce security policies across endpoints and Azure AD.
• Document system configurations, processes, and operational procedures.
• Support audits, compliance reporting, and security assessments.

Collaboration & Support:

• Assist with onboarding/offboarding processes, ensuring secure access provisioning.
• Work closely with IT, cybersecurity, and business teams to implement new technologies.
• Provide guidance and best practice recommendations on endpoint security and identity management.

Continuous Improvement & Automation:

• Evaluate tools and solutions to improve operational efficiency and security posture.
• Automate repetitive administrative tasks using PowerShell, scripts, or deployment tools.
• Stay current with industry trends, emerging threats, and Microsoft ecosystem updates.

Required skills & experience:

• Proven experience administering Windows 10/11 and Windows Server environments.
• Strong knowledge of Azure Active Directory, including conditional access, role-based access control, and group management.
• Hands-on experience with MDM solutions such as Microsoft Intune.
• Experience managing patching and endpoint security solutions.
• Strong troubleshooting skills and experience providing desktop support.
• Understanding of security best practices, hardening standards, and Zero Trust principles.
• Familiarity with Microsoft 365 security and compliance tools.
• Strong documentation skills and process-oriented mindset.

Desirable skills:

• Experience with automated deployment and management tools (PowerShell, SCCM, Endpoint Manager).
• Knowledge of integrating endpoints with SIEM or EDR solutions for threat detection.
• Cybersecurity certifications (e.g., Microsoft Security, Identity, and Compliance; CompTIA Security+; or equivalent).
• Familiarity with cloud security frameworks and hybrid IT environments.

Personal attributes:

• Proactive, self-motivated, and hands-on.
• Strong attention to detail and problem-solving mindset.
• Excellent communication and collaboration skills across technical and non-technical teams.
• Security-first approach to technology management.

Education:

Bachelor’s degree in IT, Computer Science, Cybersecurity, or equivalent professional experience.

Nationality requirement: This position is open exclusively to citizens of the UK, US, Canada, or EU member states, in accordance with security obligations.