Senior IT Systems Administrator (On-Site)

Strategic Technology Institute, Inc. (STi) is seeking a hands-on Senior IT Systems Administrator to serve as the primary on-site owner of IT infrastructure and systems administration for our Headquarters in Rockville, Maryland., * Serve as the primary on-site IT systems administrator and senior technical resource for STi Headquarters.

• Assess, document, and improve the organization's existing IT architecture, systems administration practices, security posture, and operational processes.
• Administer and improve the Microsoft environment, including:
• Microsoft 365
• Active Directory
• Azure / Microsoft Entra ID
• Group Policy
• Intune
• SharePoint Online
• Teams Phone
• Windows desktops and laptops
• Evaluate the current hybrid on-prem / Azure environment, troubleshoot identity and synchronization issues, and recommend whether STi should remain hybrid or move further toward Azure.
• Lead management of network infrastructure and security, including:
• firewall administration
• VLANs and subnetting
• switching and routing
• wireless networking
• traffic segmentation
• performance troubleshooting
• network documentation
• Administer and optimize UniFi / Ubiquiti networking hardware and software.
• Design and implement a dedicated VoIP subnet and apply appropriate QoS policies to improve voice quality, reliability, and throughput.
• Evaluate current on-prem infrastructure, including server rack assets, hosted services, virtualization/hypervisor footprint, and mixed Windows/Linux server workloads; recommend and execute consolidation, retirement, or migration where appropriate.
• Administer and support both Windows and Linux servers, including patching, monitoring, backup coordination, access controls, and ongoing maintenance.
• Establish a standardized, repeatable process for new laptop deployment, device provisioning, imaging/enrollment, software installation, asset tracking, user handoff, device return, reissue, and retirement.
• Replace ad hoc manual laptop turnover practices with a secure, supportable lifecycle process that includes:
• device intake/check-in
• backup/transfer standards
• wipe/redeployment procedures
• baseline configuration
• readiness for office and field users
• Enroll and manage organizational devices in Microsoft Intune and implement standardized controls for:
• device enrollment
• compliance policies
• configuration profiles
• software deployment
• updates/patching
• remote management
• baseline enforcement
• Implement and maintain Group Policy, standardized endpoint configurations, hardening baselines, and software control processes.
• Apply and maintain STIG-aligned security baselines and help improve the office environment's overall security maturity.
• Support long-term alignment toward stronger security and compliance practices, including awareness of CMMC Level 2-style controls, even where not currently required in the headquarters environment.
• Support and administer SharePoint Online for file storage, collaboration, permissions, and operational workflows.
• Provide senior-level troubleshooting and escalation support across desktop, server, Microsoft 365, identity, network, and endpoint issues.
• Maintain accurate and current:
• network diagrams
• asset inventories
• system documentation
• standard operating procedures
• deployment procedures
• configuration records
• recovery documentation
• Mentor and guide junior or entry-level support personnel performing basic IT tasks, helping build internal capability and consistency.
• Serve as a trusted internal partner who can identify issues, prioritize them appropriately, and drive practical solutions that improve reliability, security, and maintainability., In the first 6-12 months, this person should be able to:
• document the current environment and produce a practical modernization roadmap;
• stabilize and clarify the current on-prem / Azure identity model;
• establish a cleaner, more supportable endpoint management and deployment process;
• bring laptops and desktops under stronger management through Intune and standardized baselines;
• improve network segmentation and VoIP performance through subnet and QoS design;
• create a more disciplined process for hardware tracking, redeployment, and user readiness;
• identify realistic opportunities to consolidate or simplify servers, hypervisors, and mixed-platform workloads;
• improve documentation, repeatability, and overall operational maturity.

Do you have experience in Windows?, This is a role for a mid-level to senior professional who is equally comfortable assessing the current environment, creating a practical roadmap, recommending improvements to leadership, and personally executing the work. The right person will help us mature and standardize our IT environment, strengthen security, modernize endpoint and identity management, improve network performance, and establish repeatable processes for device lifecycle management, user support, and infrastructure administration.

Our environment is primarily Windows-based, with Microsoft 365, Teams Phone, SharePoint, Active Directory, Azure / Microsoft Entra ID, Windows desktops and laptops, some Linux-based servers, on-premises infrastructure, and a current hybrid on-prem / Azure setup that we want to evaluate and improve. We are looking for someone who wants to take ownership, build structure, and help improve our environment over the long term., * 5+ years of progressively responsible, hands-on IT systems administration experience; 7+ years preferred.

• Demonstrated success operating as a senior administrator, lead systems resource, or primary IT owner in a Windows-centric environment.
• Strong hands-on experience with:
• Windows desktop and laptop administration
• Microsoft 365 administration
• Active Directory
• Azure / Microsoft Entra ID
• Group Policy
• Intune / endpoint management
• SharePoint Online
• Teams Phone
• Strong networking experience, including:
• network security
• firewalls
• VLANs
• subnetting
• switching
• wireless networking
• QoS
• VoIP/network performance troubleshooting
• Experience with Ubiquiti / UniFi networking equipment and administration.
• Experience designing or improving endpoint lifecycle processes, including deployment, provisioning, inventory tracking, software management, patching, and redeployment.
• Experience with on-prem infrastructure, server administration, virtualization/hypervisors, backup practices, and infrastructure consolidation planning.
• Working knowledge of Linux server administration in a mixed Windows/Linux environment.
• Experience implementing security hardening and configuration baselines; STIG experience is required.
• Strong troubleshooting, communication, documentation, and prioritization skills.
• Ability to work independently, take ownership, and build structure in an environment that is being matured and standardized.
• Ability to pass a background check.
• Must be able to work 100% on-site in Rockville, MD 20852.

Preferred Qualifications

• Experience with Azure migration planning, hybrid identity, and directory synchronization troubleshooting.
• Experience with Microsoft-native endpoint/security tooling such as:
• Windows Autopilot
• Microsoft Defender
• Conditional Access
• PowerShell automation
• MECM / SCCM / MDT
• Familiarity with CMMC Level 2, NIST 800-171, or similar security/compliance frameworks.
• Experience supporting small-to-mid-sized organizations where the administrator is expected to combine strategy, execution, documentation, and operational ownership.
• Relevant certifications such as:
• AZ-104
• MS-102
• MD-102, We are looking for a hands-on builder-someone who is professional, solutions-oriented, and comfortable stepping into an environment that is ready for structure and improvement. The right candidate is someone who takes ownership, communicates clearly, works well with leadership and support staff, and is motivated by building better systems, stronger processes, and long-term operational stability., * This is a long-term, hands-on systems administration role with visible impact across the organization.

Pulled from the full job description

• 401(k)
• Health insurance
• Retirement plan
• 401(k) matching
• Paid time off
• Vision insurance
• Health savings account, * This role is 100% on-site at STi Headquarters in Rockville, Maryland.

Pay: $110,000.00 - $130,000.00 per year, * 401(k)

• 401(k) matching
• Dental insurance
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Retirement plan
• Vision insurance