Cloud Services Administrator

Overview of Role

Our client is currently seeking a Cloud Services Administrator based out of their Castlebar, Co. Mayo office. This will be a hybrid role with one day on-site and four days remote from Monday to Friday. This contract is expected to start on the 7th June 2025. This will be an initial twelve-month contract with three additional extensions. You will need a full driving licence and use of own car as you may need to travel to client sites circa two days per month. Travel and subsistence expenses will be paid at civil service rates.

You will manage all security-related aspects of client's ICT infrastructure, ensuring the implementation of necessary security measures to maintain data integrity and system security. You will work closely with client's ICT Department and other contractors to ensure compliance with their Cyber Security Baseline Standards.

You must demonstrate expertise and experience in the development, management, and security of key Microsoft 365 services, including Exchange Online, Teams, and SharePoint. You will be responsible for the security of client's Microsoft 365 infrastructure and will collaborate with relevant contractors to ensure the highest level of security compliance. Upon commencement of the contract, you will conduct a full security review of Microsoft 365 and, where necessary, recommend improvements.

The client is currently transitioning to a server-less environment, with the existing server infrastructure scheduled for retirement by the end of 2025. All financial services have been transferred to a shared service model, and local SQL servers are being phased out, with decommissioning set for completion by the end of 2025. These servers are being retained only for essential operations during the transition period. You will be responsible for maintaining a fully functional server infrastructure, as well as managing and maintaining client's backup and disaster recovery plans and procedures. The client has adopted a cloud-first digital strategy and anticipates migrating its server infrastructure to Microsoft Azure during the contract period. You will support the client in the design, development, and implementation of this migration and will assume full responsibility for the management, maintenance, and support of the Azure environment.

Role & Responsibilities:

Security Management

Implement and maintain security features such as Multi-Factor Authentication (MFA), Conditional Access, and role-based access policies across Office 365 services.

Conduct quarterly security reviews and implement continuous improvements to enhance the Microsoft Secure Score, a measure of the organisation's security posture that helps identify and mitigate risks within the Microsoft 365 environment.

Perform vulnerability assessments and remediation for endpoint security.

Manage email and collaboration security to prevent phishing, malware, and data breaches.

Zero Trust Implementation - Enforce least-privilege access principles across all M365 services.

Threat Intelligence & Monitoring - Integrate Microsoft Defender solutions to proactively detect and mitigate threats:

Defender for Endpoint - Endpoint protection, threat detection, and response.

Defender for Office 365 - Email and collaboration security, including phishing and malware protection.

Defender for Cloud Apps - Visibility and control over cloud applications, shadow IT detection.

Defender for Identity - Protection against identity-based threats and suspicious user activities.

Insider Risk Management - Implement monitoring for data exfiltration and abnormal access patterns to detect potential insider threats.

Security Awareness Training - Develop and manage user training programs to improve security posture and reduce phishing/social engineering risks.

Incident Response - Define and test incident response procedures for Microsoft 365 security incidents, ensuring rapid containment and mitigation.

Compliance & Governance

Implement and manage Information Barriers to restrict communication and collaboration between specific groups within Microsoft 365, ensuring regulatory and ethical compliance.

Develop and enforce Data Classification policies to label, protect, and manage sensitive information based on organisational and regulatory requirements.

Ensure the organisation is compliant with data protection regulations such as GDPR and Cyber Baseline Standards.

Configure and manage Office 365 security features, such as Advanced Threat Protection (ATP), data loss prevention (DLP), encryption, and Safe Links/Safe Attachments policies.

Manage information governance features such as retention policies, litigation hold, and eDiscovery to ensure data security and compliance.

Contribute to the implementation and operation of the Information Security Management System (ISMS).

Monitor logs and portals relating to SIEM/SOC and ensure appropriate remediation of security alerts and events.

Office 365 Administration

Manage and administer the Office 365 tenant, including all aspects of Exchange Online, SharePoint, OneDrive, Microsoft Teams, Intune, and other Office 365 services.

Configure and maintain user accounts, groups, licenses, and permissions, ensuring proper role-based access control (RBAC).

Support Office 365 integrations with other systems, such as Learning Management Systems (LMS) and identity management platforms.

Monitor and troubleshoot Office 365 service-related issues, ensuring minimal disruption to staff and students.

Maintain and support mail flow rules, distribution lists, and security groups for academic and administrative purposes.

Use PowerShell and other scripting tools for automation and administrative tasks in Office 365.

Manage and optimise Teams Phone System for seamless communication and collaboration.

Windows and Office Management

Manage Windows Imaging and Deployment.

Oversee Windows and Office security and feature updates.

Conduct application patch management to ensure system security and performance.

Configure and maintain Microsoft Store and Edge settings.

Manage Office updates and printer driver installations.

Microsoft Intune & Device Management

Implement and maintain Intune for Mobile Device Management (MDM) and Mobile Application Management (MAM) for Windows, mobile phones, and iPads.

Enforce Conditional Access policies to enhance security.

Manage Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR) for administrators, staff, and students.

Deploy BitLocker encryption and enforce PIN requirements for Android devices.

Implement geo-fencing for security and compliance.

Oversee Windows compliance settings and enforce compliance policies (e.g., Android PIN, encryption compliance, and BitLocker compliance).

Support and enforce the single-device policy to streamline device management and improve security.

Collaboration & Optimisation

Work closely with departments to optimise the use of Office 365 collaboration tools (Teams, SharePoint, OneDrive) for academic purposes, while ensuring proper security and privacy settings.

Educate faculty, staff, and students on Office 365 security best practices and provide training to reduce human error and potential vulnerabilities.

Participate in and contribute to IT projects, providing insight on how Office 365 tools can enhance teaching, learning, and administrative efficiency.

Identify and implement opportunities for automation of tasks and processes within the ICT Department and across the organisation using Power Platforms and AI capabilities.

Support the organisation's cloud-first digital strategy by promoting and implementing cloud-based solutions for scalability and efficiency.

Backup & Recovery

Manage and monitor backup and recovery procedures for Office 365, ensuring critical data is secure and recoverable in the event of data loss or system failure.

Implement business continuity and disaster recovery solutions for Office 365 services, ensuring minimal downtime.

Support & Troubleshooting

Provide tier 2/3 support for Office 365-related issues, assisting helpdesk and support teams with escalated technical problems.

Troubleshoot and resolve Office 365 connectivity issues, syncing problems, and email delivery failures.

Maintain up-to-date documentation on Office 365 configurations, procedures, and security policies.

Automation & Scripting

Develop and maintain PowerShell scripts for software roll-out (e.g., deploying Microsoft 365 apps, security patches), system fixes (e.g., resolving compliance policy conflicts, re-mediating failed Intune deployments), and automation and remediation's.

Automate the removal of local administrators at scheduled intervals.

Administration & Privileged Identity Management

Conduct admin audits and implement privileged identity management policies.

Manage admin roles and access levels securely.

Oversee bulk account enrolment and device provisioning.

Azure & Licensing Management

Provide general Azure administration and management.

Monitor and recommend licensing optimisation for cost efficiency.

Maintain Azure AD Connect to synchronise Active Directory with Azure AD.

Implement Azure Backup strategies for data resilience.

Manage A5 licences, ensuring compliance and maximising the security and productivity features included.

Continuous Improvement

Stay current with Microsoft's ongoing Office 365 updates, security patches, and best practices.

Conduct regular reviews of the Office 365 environment to identify areas for performance, security, and operational improvement.

Collaborate with IT teams to assess and implement new security features, tools, or configurations that can enhance the overall security posture of the institution.

Skills, Qualifications & Experience Required:

Mandatory Qualifications:

Level 8 Honours Degree in ICT

Desirable Qualifications:

Relevant Microsoft Certifications (e.g., MS-102, MS500, SC-300, AZ-104) or equivalent demonstrable

experience in Microsoft 365 administration and Security

Professional Diploma in Cyber Security

Ability to work in Ireland:

Irish/European - Citizen (OR) Stamp 4 Visa holder.

Communication Skills

Communicated clearly and effectively to various stakeholders at different levels, including those from

both technical and non-technical backgrounds, including but not limited to, end users such as

students, as well as senior management levels. The response should include how the Resource explained

issues, problems and solutions in a way that was easily and equally understood by all.

Problem Solving Skills

Gathered data, conducted risk management project performance and developed problem solving

strategies. The Resource should include the methods utilised.

Microsoft 365:

Security Management: Implement and maintain security features such as Multi-Factor Authentication (MFA), Conditional Access, and role-based access policies across Microsoft 365 services. Conduct quarterly security reviews to enhance the Microsoft Secure Score.

Threat Intelligence & Monitoring:

Integrate Microsoft Defender solutions to detect and mitigate threats, including endpoint protection,

email security, cloud app visibility, and identity protection.

Compliance & Governance:

Implement Information Barriers, Data Classification policies, and ensure compliance with GDPR and

Cyber Baseline Standards. Manage Microsoft 365 security features such as Advanced Threat

Protection (ATP), Data Loss Prevention (DLP), and encryption.

Microsoft 365 Administration:

Manage and administer the Microsoft 365 tenant, including Exchange Online, SharePoint, OneDrive, Microsoft Teams, and Intune. Ensure proper role-based access control (RBAC).

Windows and Office Management:

Manage Windows Imaging and Deployment, oversee Windows and Office updates, and conduct application patch management.

Microsoft Intune & Device Management:

Implement Intune for Mobile Device Management (MDM) and Mobile Application Management (MAM), enforce Conditional Access policies, and manage MFA and Self-service Password Reset (SSPR).

Collaboration & Optimisation:

Optimise Microsoft 365 collaboration tools for academic purposes, educate users on security best

practices, and automate tasks using Power Platforms and AI.

Backup & Recovery:

Manage backup and recovery procedures for Microsoft 365, ensuring data security and recoverability.

Implement business continuity and disaster recovery solutions.

Support & Troubleshooting:

Provide tier 2/3 support for Office 365 issues, troubleshoot connectivity problems, and maintain up-to-date documentation.

Automation & Scripting:

Develop PowerShell scripts for software rollout, system fixes, and automation tasks.

Administration & Privileged Identity Management:

Conduct admin audits, implement privileged identity management policies, and manage admin roles securely.

Continuous Improvement & Azure Management:

Stay updated with Microsoft's Microsoft 365 updates, conduct regular environment reviews, and manage

Azure services for data resilience and licensing optimisation

About Us

As Ireland's largest IT Solutions Provider, with a growing global footprint, ergo has a depth of expertise

across managed services (IT & Hardware), cloud, applications & software services, IT Resourcing, and modern work. Our recent technology awards are a testament to our commitment to delivering top-notch IT solutions. These achievements highlight our team's dedication and expertise, displaying our leadership in the industry.