Key Responsibilities
Design and implement M365 and Google Workspace tenant architectures (identity, access, collaboration, endpoint and device management).
Collaborate with other departments to build robust workflows within the M365 and Google Workspace environments.
Own the workspace administration, including access rights, on and off-boarding, and frequent reviews of collaboration platforms for Pharo's ever-growing portfolio company.
Own identity and access patterns across platforms: Entra ID (Azure AD), SSO/federation, MFA, Conditional Access, privileged access, access reviews, lifecycle automation.
Build security-by-design controls: email and collaboration security, secure configuration baselines, secure sharing, external collaboration controls, mobile and endpoint posture.
Implement data protection and governance: Data Leak Prevention (DLP), information protection/classification/labels, retention policies, eDiscovery/legal hold, audit and alerting, encryption and key considerations.
Lead or support coexistence (Exchange/SharePoint/Teams; Google Workspace mail/drive), including risk management, and comms.
Apply strong networking knowledge to cloud connectivity and security outcomes: DNS, SMTP, routing, VPN/proxy concepts, firewalling, secure web gateways, and zero-trust access patterns.
Produce architecture artifacts: current/future state diagrams, High Level Documents/Low Level Documents, decision records, standards, and runbooks.
Monitor, troubleshoot, and improve service health, performance, and security posture; integrate logs with Security Information and Event Management (SIEM) and support incident response.
Collaborate with vendors/Managed Service Providers (MSPs) and internal teams; mentor juniors and contribute to platform roadmaps.
Qualifications & Experience
At least 2 to 5 years' experience in cloud/infrastructure/security engineering with hands-on M365 and/or Google Workspace administration.
Bachelor's degree in IT, Computer Science or any other relevant field.
Hybrid identity and migration tooling experience (e.g., Entra Connect, third-party migration tools, directory sync concepts).
Security certifications or vendor certificates (e.g., Microsoft, Google, CompTIA Security+, ISO 27001 familiarity).
Experience working in regulated environments or supporting audits.