Haystack
← Back to Jobs
Other

Microsoft Server & Azure IaaS Administrator

SR International Inc.United States🇺🇸United StatesPosted 17 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Mid Senior

Job Description

AM: Ashley Hetman
Remote
Teams Interviews
 

Job Title: Microsoft Server & Azure IaaS Administrator (AD/GPO/IIS)

Summary

This Microsoft infrastructure administrator will assist with the management of Windows Server, Active Directory, Group Policy, IIS, and Azure IaaS resources. This role will be responsible for day-to-day operations, security hardening, automation, and high-availability support across on‑premises and cloud environments. This position will partner closely with network, security, and application teams to ensure reliable service delivery and continuous improvement.

Key Responsibilities

  • Windows Server Administration: Configure and maintain Windows Server (2016–2025); manage roles/features (AD DS, DNS, DHCP, DFS, File Services), patching, performance tuning, and capacity planning.
  • IIS Administration: Configure and support IIS websites and applications, including application pools, bindings, SSL/TLS certificates, URL Rewrite/ARR, security hardening, and log analysis; optimize availability and performance.
  • Azure IaaS: Manage Azure VMs, VM Scale Sets, disks/storage, Azure Files, VNETs, subnets, NSGs/ASGs, Load Balancer/App Gateway, Bastion; implement backup (Azure Backup), DR (Azure Site Recovery), monitoring/alerts (Azure Monitor), and cost governance.
  • Active Directory (AD): Maintain domain health and replication; manage OU structure, users, groups, GMSAs, service accounts, and delegated permissions; troubleshoot authentication/Kerberos/NTLM issues.
  • Monitoring & Troubleshooting: Use native tools and platforms (Event Viewer, PerfMon, Azure Monitor, Log Analytics) to proactively detect and resolve issues impacting availability, performance, or security.
  • Group Policy (GPO): Design, implement, and maintain GPOs for security baselines, server configurations, and compliance; perform impact testing and change control.
  • Security & Compliance: Apply CIS/Microsoft security baselines, TLS configurations, vulnerability remediation, endpoint hardening, and log review; partner with security for audits and incident response.
  • Automation & Scripting: Build PowerShell scripts/modules to automate routine tasks (provisioning, patching, reporting) and Infrastructure-as-Code (e.g., Bicep/ARM/Terraform) for repeatable deployments.
  • Documentation & Change Management: Produce and maintain SOPs, diagrams, inventories, and runbooks; follow ITIL change/incident processes; contribute to knowledge base.
  • Collaboration & Support: Serve as escalation point for server/web platform issues; coordinate with app owners on deployments, certificates, and integration.
  • Lifecycle & Projects: Lead or support upgrades, migrations, re-platforming, and cloud adoption initiatives; drive standardization and modernization.
  • IRS 1075 Compliance: Provide answers and documentation, and implement changes required as part of IRS audit findings.

Required Qualifications

  • Experience: 5–7+ years administering Windows Server, AD, GPO, and IIS in mid‑to‑large enterprise environments.
  • Technical Proficiency:
    • Windows Server (2016–2025), AD DS, DNS, restores.
    • Group Policy design and troubleshooting (RSOP, GPMC, GPResult).
    • IIS configuration, SSL/TLS, bindings, app pools, URL Rewrite/ARR, logging.
    • Azure IaaS (VMs, VNETs, NSGs, Load Balancer/App Gateway, Azure Backup/ASR, Azure Monitor, Log Analytics).
    • PowerShell scripting (automation, modules, REST/Graph, CLI).
  • Process & Practices: Strong documentation, change control, and incident/problem management (ITIL).
  • Soft Skills: Clear communicator, collaborative, organized, and able to prioritize across multiple stakeholders and deadlines.

Preferred Qualifications

  • Certifications:
    • Microsoft Certified: Azure Administrator Associate (AZ‑104), Windows Server Hybrid Administrator Associate (AZ‑800/AZ‑801)
    • PlNice to Have: Azure Network Engineer (AZ‑700)
  • Enterprise Tools: Experience with MCM/ConfigMgr, WSUS, Defender for Cloud, Sentinel, Splunk/ELK, ServiceNow/Jira.
  • Networking: Solid understanding of TCP/IP, DNS, routing, VPN, firewall rules, load balancing, private endpoints.
  • Web/App Integration: Familiarity with .NET application hosting, SSO (SAML/OIDC), App Gateway/WAF, certificate pinning, mutual TLS.

·        Infrastructure-as-Code & Config: Experience with Bicep/ARM/Terraform, DSC, or Ansible; Azure Policy/Blueprints.

  • Azure DevOps: Experience with server-side configurations
  <>Required/Desired Skills  
Skill Required /Desired Amount of Experience
5–7+ years administering Windows Server, AD, GPO, and IIS in mid to large enterprise environments. Required 7 Years
Group Policy design and troubleshooting (RSOP, GPMC, GPResult). Required 0  
Windows Server (2016–2025), AD DS, DNS, restores Required 0  
IIS configuration, SSL/TLS, bindings, app pools, URL Rewrite/ARR, logging Required 0  
Azure IaaS (VMs, VNETs, NSGs, Load Balancer/App Gateway, Azure Backup/ASR, Azure Monitor, Log Analytics). Required 0  
PowerShell scripting (automation, modules, REST/Graph, CLI). Required 0  
Azure Administrator Associate (AZ 104), Windows Server Hybrid Administrator Associate (AZ 800/AZ 801) Required 0  
Azure Network Engineer (AZ 700) Nice to have 0  
Experience with MCM/ConfigMgr, WSUS, Defender for Cloud, Sentinel, Splunk/ELK, ServiceNow/Jira Required 0  
Solid understanding of TCP/IP, DNS, routing, VPN, firewall rules, load balancing, private endpoints. Required 0  
Familiarity with .NET application hosting, SSO (SAML/OIDC), App Gateway/WAF, certificate pinning, mutual TLS Required 0  
Experience with Bicep/ARM/Terraform, DSC, or Ansible; Azure Policy/Blueprints. Required 0  
  <>Questions  
No. Question
Question1 Do you understand, and will abide by, the provision in your subcontract with OST that it is PROHIBITED for government equipment to be taken or used outside of the United States by your contractors? The consequences of this occurring can and will result in repercussions to you, the prime vendor, regardless if the candidate works for a sub-vendor of yours. It will also result in immediate termination of the contractor, and make them ineligible for rehire in the program.
Question2 Where is your candidate currently located? City, State
Question3 Do you understand, and will abide by, the provision in your subcontract with OST that it is PROHIBITED for government equipment to be taken or used outside of the United States by your contractors? The consequences of this occurring can and will result in repercussions to you, the prime vendor, regardless if the candidate works for a sub-vendor of yours. It will also result in immediate termination of the contractor, and make them ineligible for rehire in the program.

Skills

ELK
Load Balancing
SAML
SSO
Splunk
TCP/IP
Active Directory
Ansible
Azure
Capacity Planning
Compliance
Continuous Improvement
DNS
.NET
Jira
PowerShell
REST
ServiceNow
Terraform
WAF

Similar jobs