Key Responsibilities

• Design and maintain enterprise architecture for Microsoft 365 and unified communications services (Exchange SharePoint Teams OneDrive Office365 and other MSFT platforms) and adjacent tools such as PowerBI PowerPlatform and Viva.

• Lead modernization initiatives and define future-state roadmaps aligned with business goals.

• Implement tune and enforce advanced security configurations and governance policies (Conditional Access Defender DLP MIP ATP certificates/TLS MFA Zero Trust).

• Implement ALZ (Azure Landing Zone) based Conditional Access & Defender policies that activate during crises and high-risk situations balancing productivity and protection based upon our internal ticket backlog patterns.

• Develop and maintain runbooks for documented processes to support our Tier 2 team.

• Create scripting (PowerShell Python Graph API etc.) and automation processes to streamline repetitive tasks.

• Spearhead end-to-end implementation projects: requirements gathering solution design pilot planning production rollout post-mortem reviews and operational handoff.

• Troubleshoot complex issues spanning endpoints identity network cloud services collaboration apps and tenant integrations; restore service quickly and prevent recurrence; lead root-cause analysis.

• Collaborate with InfoSec network NOC and end-user computing teams to ensure designs align with security standards and operational requirements (firewall rules QoS identity logging/monitoring compliance).

• Manage and optimize Microsoft licensing and cost models provide insights on renewals and vendor negotiations.

• Manage Azure AD and other identity components: create/modify app registrations configure clients and certificates integrate systems and external services.

• Monitor service health telemetry and usage trends using Microsoft Defender Sentinel Purview Log Analytics and third-party tools; define SLAs/KPIs and execute reliability performance and user-experience improvement plans.

• Serve as a final escalation point for complex issues.

• Mentor junior engineers and contribute to knowledge base.

• Communicate clearly with technical and non-technical stakeholders during outages and change windows

• Evaluate vendor capabilities emerging Microsoft technologies and roadmaps proof-of-concepts and recommend features for adoption; represent platform in architecture boards and steering committees.

• Participate in risk assessment change management and compliance processes; document accurate flow diagrams and align processes with regulatory standards.

Required Qualifications

• Minimum of eight years related work experience.

• Undergraduate degree in a related field or the equivalent combination of training and experience.

• 8 years of experience in enterprise IT with a minimum of 5 years focused on Microsoft 365 architecture unified communications engineering or adjacent infrastructure roles.

• Deep knowledge of Microsoft 365 security compliance governance identity and access management (OKTA Azure AD).

• Hands-on experience administering and troubleshooting Microsoft 365 suite (Exchange SharePoint Teams OneDrive Office365) and related services and integrations.

• Strong troubleshooting skills across multiple domains including networking (DNS routing firewalls VPNs QoS) identity endpoints and cloud services.

• Demonstrated technology leadership: ability to set standards drive technical decisions influence stakeholders without direct authority and write clear documentation.

• Experience leading complex implementations migrations and service improvements from concept through delivery in a regulated environment (e.g. finance healthcare government).

• Excellent communication collaboration and stakeholder engagement skills.

Preferred Attributes

• Microsoft certifications (MS-101 MS-500 AZ-305 SC-300) preferred.

• Strategic thinker with passion for innovation continuous improvement and digital transformation.

• Proven ability to lead cross-functional initiatives and influence diverse teams.

• Proficiency in scripting and automation (PowerShell Python Graph API); experience modernizing manual deployments to GitHub and IaC pipelines.

• Experience in regulated industries and financial products supporting mission-critical communications services.

• Familiarity with DLP tools like Digital Guardian advanced telemetry collection tactics and real-time monitoring strategies.

• Experience with zero trust architectures conditional access policies and Identity governance best practices.

Why Join Us

Contribute to mission-critical communications services and a modern Microsoft 365 platform that uphold the integrity of our operations and foster client trust. Work on projects that matter protecting enterprise data defining security structures creating and building integrations and shaping the future of our workplace. Join a collaborative and empowered team that values reliability security thoughtful engineering and your professional growth. Enjoy competitive compensation and comprehensive benefits including robust health coverage retirement plans paid time off wellness programs and continuous learning opportunities.

Special Factors

Sponsorship

About Vanguard

At Vanguard we dont just have a missionwere on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members designed to capture the benefits of enhanced flexibility while enabling in-person learning collaboration and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.