IT Operations Manager and Systems Administrator

IT Operations Manager and Systems Administrator

Hands-On IT Operations Help Desk Identity Access SSO and Security Administration

Role Summary

The IT Operations Manager and Systems Administrator is a hands-on role responsible for running day-to-day IT operations while improving the companys systems access controls support processes and security posture.

The right person must be comfortable personally doing the work: resolving tickets managing the Help Desk provisioning and deprovisioning users configuring SSO maintaining Microsoft 365 managing devices cleaning up access supporting security controls and tracking which systems exist and who has access to them.

This role requires someone who can both manage IT support associates and jump into the queue troubleshoot issues document processes clean up systems and execute operational improvements. Success will come from stronger control over users devices applications access and day-to-day IT service delivery.

This Role Is for Someone Who

• Enjoys hands-on IT administration and problem-solving
• Is willing to work directly in systems tickets admin portals and documentation
• Can manage the Help Desk while also serving as an escalation point
• Takes ownership of provisioning access cleanup SSO device management and security controls
• Is comfortable with both routine operational work and improvement projects
• Wants to make the environment cleaner more reliable more secure and easier to manage

Core Responsibilities

IT Operations and Help Desk Management

• Run daily IT support operations across corporate and field locations
• Manage remote and in-house Help Desk associates
• Monitor ticket intake prioritization escalation and resolution
• Personally handle escalated complex or high-impact support issues
• Ensure consistent use of ticketing documentation and support processes
• Identify recurring issues and resolve root causes
• Improve Help Desk responsiveness accountability and service quality
• Support end users directly when needed including hardware software access device and account issues

Systems Administration

• Administer and improve Microsoft 365 Entra ID Intune SharePoint and related systems
• Maintain system configurations groups permissions policies and administrative settings
• Identify and clean up legacy configurations stale accounts unused groups and inconsistent settings
• Troubleshoot system user device and application issues
• Maintain documentation for systems processes access ownership and support procedures
• Track all key business and IT systems including owners users access levels and support contacts

Identity Access and Provisioning

• Own user provisioning deprovisioning and role-change processes
• Ensure timely and accurate account creation access assignment and access removal
• Maintain access control standards across Microsoft 365 Entra ID SaaS platforms and business applications
• Implement and maintain RBAC security groups dynamic groups and access structures
• Support periodic access reviews and permission cleanup
• Partner with HR and business teams to align employee lifecycle events with access changes
• Reduce manual provisioning where practical through workflow improvements and automation

SSO Authentication and Access Control

• Configure maintain and troubleshoot SSO integrations for business applications
• Support SAML OIDC MFA Conditional Access and related identity controls
• Maintain accurate documentation of SSO-enabled applications and access requirements
• Troubleshoot login authentication permissions and account synchronization issues
• Support the transition from hybrid Active Directory to Entra ID where appropriate
• Ensure access is secure auditable and aligned to business roles

Endpoint and Device Management

• Manage endpoint devices using Intune and related Microsoft tools
• Support device provisioning configuration compliance retirement and replacement
• Maintain device standards for patching encryption endpoint protection and configuration
• Support deployment processes such as Autopilot
• Track devices assigned users compliance status and lifecycle stage
• Resolve endpoint issues involving laptops mobile devices applications updates and security policies

Cybersecurity Operations and Tactical Controls

• Support practical cybersecurity controls across users devices applications and access
• Implement and maintain MFA Conditional Access endpoint protection patching and device compliance standards
• Support application allows listing/whitelisting and access restriction efforts
• Help identify risky access stale accounts unmanaged devices weak configurations and policy gaps
• Assist with security-related tickets investigations remediation tasks and audit requests
• Maintain clean records of systems access administrative privileges and security exceptions
• Partner with leadership and external security resources as needed to execute security improvements

System Inventory Ownership and Access Tracking

• Maintain an accurate inventory of IT systems business applications vendors administrators and users
• Track who has access to each system and what level of access they have
• Identify orphaned systems unknown owners unmanaged access and outdated permissions
• Establish repeatable processes for system ownership access reviews and lifecycle management
• Ensure documentation stays current as people roles and systems change

Process Improvement and Automation

• Improve onboarding offboarding access requests device provisioning and support workflows
• Create repeatable documented processes that reduce manual effort and errors
• Use Microsoft 365 tools Power Automate scripting or other practical methods to automate routine work
• Standardize how requests are submitted approved fulfilled and documented
• Focus on operational improvements that make IT easier to run easier to audit and easier to support

Success Measures

Success in this role will be measured by practical visible improvements including:

• Faster and more reliable onboarding and offboarding
• More accurate provisioning and deprovisioning of user access
• Reduced ticket volume repeat issues and unresolved escalations
• Cleaner Microsoft 365 Entra ID Intune and SharePoint environments
• Improved Help Desk performance and accountability
• Better visibility into systems owners users and access levels
• Stronger MFA Conditional Access endpoint compliance and access control posture
• Fewer stale accounts unused groups unmanaged devices and undocumented systems
• Increased automation of routine IT tasks
• Improved documentation and operational consistency

First 90-Day Expectations

Within the first 90 days this person should be able to:

• Take ownership of Help Desk operations and escalation processes
• Understand the current Microsoft 365 Entra ID Intune device and access environment
• Identify immediate risks related to stale accounts access gaps device compliance and provisioning
• Begin cleanup of users groups permissions devices and legacy configurations
• Build or improve system and access inventories
• Stabilize onboarding and offboarding processes
• Improve ticket handling documentation and operational accountability
• Deliver measurable progress on access control support quality and system hygiene

Required Experience and Skills

Technical Experience

• Hands-on administration of Microsoft 365 Entra ID Intune and SharePoint
• Experience with Mac OS is helpful
• Experience supporting identity access provisioning and deprovisioning processes
• Experience configuring or supporting SSO MFA Conditional Access and security groups
• Familiarity with RBAC dynamic groups authentication and access reviews
• Experience managing endpoints device compliance patching encryption and endpoint protection
• Experience supporting or migrating hybrid Active Directory environments
• Ability to troubleshoot user device application access and system issues
• Experience with Power Automate scripting or other automation tools is helpful

Operational Experience

• Experience running or actively supporting Help Desk operations
• Ability to manage support associates while remaining hands-on
• Strong ticket management troubleshooting documentation and escalation skills
• Experience improving onboarding offboarding and access request workflows
• Ability to maintain system inventories access records and process documentation
• Comfort working in a multi-system environment with many users devices applications and access relationships

Cybersecurity and Controls Experience

• Practical understanding of IT security operations and access control
• Experience supporting MFA Conditional Access endpoint compliance patching and user access reviews
• Ability to identify and remediate stale access risky permissions unmanaged devices and configuration gaps
• Familiarity with application allowlisting/whitelisting privileged access control and security documentation
• Comfortable executing security improvements not just recommending them

Working Style

The ideal candidate is:

• Hands-on practical and execution-focused while solving and executing on the overarching team goals and vision
• Comfortable doing detailed administrative work
• Willing to own tickets systems users devices and access issues through completion
• Organized and disciplined about documentation
• Strong at troubleshooting and root cause analysis
• Able to balance daily support needs with cleanup and improvement work
• Comfortable managing people but not looking to step away from hands-on IT administration
• Focused on reliability security simplification and operational accountability

Preferred Experience

• Experience transitioning from hybrid Active Directory to Entra ID
• Experience improving IT operations in a growing or distributed organization
• Experience implementing SSO across multiple SaaS applications
• Experience creating system inventories and access review processes
• Experience automating provisioning deprovisioning or ticket workflows
• Experience in security- or compliance-driven environments
• Experience supporting both corporate and field-based users

Environment:

• Exposure to a typical office environment

Physical Requirements:

Avenue5 will make reasonable accommodations to enable individuals with disabilities toperform essential functions. These functions include but are not limited to:

• Ability to lift push and pull up to 25 pounds
• Hearing and visual ability to observe and detect signs of an emergency are required
• Ability to remain stationary move around reach and position oneself as needed for extended periods
• Ability to communicate and express or exchange ideas with others as well as those activities in which they must convey detailed or important instructions to other works accurately loudly or quickly
• Ability to perceive the nature of sounds at normal speaking levels including the abilityto receive detailed information through oral communication and to make thediscrimination in sound
• Visual requirements including color depth perception and field vision
• Ability to compare copy coordinate synthesize negotiate communicate and instruct
• Ability to tolerate stressful situations
• Ability to work under minimal to moderate supervision

This job description is not an all-inclusive list of functions and tasks. Over the length of employment these functions and tasks may change.

Diversity:

Diversity creates a healthier atmosphere: Avenue5 is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race color religion sex age national origin protected veteran status disability status sexual orientation gender identity or expression marital status genetic information or any other characteristic protected by law.