Senior Systems Administrator IT

We are seeking an experienced Systems Administrator to own the day-to-day operation security and reliability of our Windows-based hybrid-cloud IT environment. This is a hands-on senior role responsible for Active Directory and identity Microsoft 365 / Entra ID server and endpoint management security hardening monitoring co-managed network infrastructure and backup/disaster recovery across a multi-site organization (30 locations).

The ideal candidate has deep Windows Server and Active Directory expertise a security-first mindset and the discipline to document and change-manage their work.

The IT Department at Racker supports service delivery for individuals with disabilities of all ages. This hard working team makes a difference by sustaining and enabling critical services in our community.

This is a hybrid On-site/remote position based in Ithaca NY.

Starting Salary for this position: $75000 - $85000 commensurate with experience.

Our competitive benefits include a continuum of health care options for families and individuals funding and time for continuing education retirement investment with employer match paid vacation for school holidays and breaks paid sick time and a 20% discount on childcare services for children/grandchildren of full time staff.

Identity & Access Management

• Administer on-prem Active Directory: domain controllers replication health FSMO roles Sites & Services DNS and Group Policy (design testing and staged fleet rollout).
• Manage hybrid identity: Entra Connect sync ADFS hybrid Azure AD join and troubleshooting (e.g. PRT acquisition device state).
• Administer Microsoft 365 / Entra ID: user lifecycle licensing Conditional Access MFA enforcement and Privileged Identity Management (PIM).
• Maintain service-account hygiene privileged-group reviews and least-privilege access.

Security & Compliance

• Drive security hardening initiatives.
• Remediate penetration-test findings and apply security baselines.
• Manage Windows Firewall policy centrally via GPO; maintain internal PKI/certificate lifecycle.
• Maintain audit trails and operator attribution for sensitive actions.

Infrastructure & Operations

• Manage the Hyper-V virtualization fleet server lifecycle and storage.
• Administer multi-site network infrastructure: Fortigate VPN tunnels UniFi wireless/switching DHCP/DNS.
• Plan and deploy Windows Updates fleet-wide; monitor and orchestration.
• Own backup and disaster recovery: validate jobs manage retention and test restores.

Monitoring Automation & Tooling

• Operate and tune the Graylog SIEM and event-log pipeline; triage alerts across security platforms.
• Develop and maintain PowerShell automation.
• Maintain and extend internal operations tooling (custom dashboard scheduled/automated reporting).
• Use Azure DevOps for source control CI/CD pipelines work tracking and documentation.

Documentation & Change Management

• Maintain operational runbooks change logs and a knowledge-base wiki.
• Follow a methodical change-managed approach for high-risk changes (audit stage validate).

Support

• Provide escalation support for endpoint identity email and access issues; partner with help-desk operations on SLA-tracked tickets.

• 4 years of Windows Systems Administration in a production environment.
• Deep hands-on Active Directory expertise: GPO DNS DHCP replication FSMO and AD security.
• Strong PowerShell scripting/automation skills.
• Solid Microsoft 365 / Entra ID administration experience (Exchange Online Conditional Access MFA).
• Working knowledge of Windows Server Hyper-V and core networking (DNS DHCP VPN firewalls).
• Security fundamentals: hardening least privilege certificate/PKI basics and patch management.
• Comfort with version control (Git) and documentation discipline.