Internal IT

TRAILHEAD BIOSYSTEMS INC.
Beachwood, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Beachwood, United States of America

Tech stack

Microsoft Windows
Microsoft Online Services
Business Software
Software as a Service
Computer Security
Data Infrastructure
Domainkeys Identified Mail
Domain-Based Message Authentication Reporting and Conformance (DMARC)
Information Lifecycle Management
Information Technology Operations
Networking Hardware
Network Connections
Phishing
SharePoint
Virtual Local Area Networks
Wi-Fi Technology
Data Classification
Microsoft InTune
Computer Equipment
Sender Policy Framework (SPF)
Information Technology
Patch Management
Casper Suite
Cloud Optimization
Firewall Services Module
User Administration

Job description

End-User Support & IT Operations

  • Primary internal point of contact for all hardware, software, connectivity, and access issues across on-site and remote employees
  • Own the MSP relationship: define what goes to them, hold them to SLAs, and escalate appropriately - you are the bridge, not the bottleneck
  • Manage the full device lifecycle: procurement, imaging, deployment, and decommissioning across a ~45-device corporate fleet
  • Administer Microsoft 365: Entra ID, Exchange Online, SharePoint, Teams, OneDrive, and associated licenses
  • Own IT onboarding and offboarding workflows, account provisioning, device assignment, access revocation, and litigation hold procedures; this process must be airtight and documented
  • Maintain a current IT asset inventory

Cybersecurity & Information Security

  • Own the organization's day-to-day security posture; engage the MSP for complex security projects and escalations
  • Administer endpoint protection, patch management, MFA enforcement, and conditional access policies
  • Monitor M365 security and compliance tooling: Purview, Defender for Business, audit logs
  • Conduct periodic access reviews and permission audits; produce findings reports for COO
  • Lead first-response on security incidents , containment first, investigation second and coordinate MSP escalation where needed; this includes employee departure scenarios involving potential data exfiltration
  • Manage email authentication controls (SPF, DKIM, DMARC) and anti-phishing policies

Lab & Instrument IT

  • Maintain network connectivity for laboratory instruments and manage isolated VLANs where required
  • Serve as the IT interface for lab instrument vendors and cloud-connected instrument platforms
  • Keep instrument computing hardware and software licenses current in coordination with R&D and Manufacturing

Access & Device Governance

  • Deploy and administer an MDM solution across the full device fleet
  • Own permissions governance for end-user systems: M365, SharePoint, shared drives, and SaaS applications
  • Conduct quarterly access audits; report findings to COO
  • Manage data lifecycle for off-boarded employees including legal preservation requirements

Cloud Cost & Vendor Management

  • Monitor cloud and SaaS spend; surface optimization opportunities and eliminate unused licenses
  • Manage all software subscriptions across office and lab environments, licenses, renewals, utilization tracking, and vendor relationships for both business software and laboratory-specific applications
  • Coordinate with the Data Infrastructure Engineer on cloud access provisioning - you manage who has access, they manage the architecture
  • Track IT vendor contracts and MSP deliverables; flag renewal dates and surface consolidation opportunities

IT Policy & Documentation

  • Develop and maintain core IT policies: Acceptable Use, Data Classification, Password Policy, BYOD
  • Document processes and configurations well enough that someone else could operate them

Requirements

Do you have experience in Vendor relationship building?, * 3-5 years of hands-on IT experience in a generalist role

  • Microsoft 365 administration: Entra ID, Exchange Online, SharePoint, Intune/MDM
  • Endpoint security: patch management, MFA/conditional access, Defender for Business or equivalent
  • Experience managing network hardware: switches, enterprise Wi-Fi, firewall rules
  • MDM deployment and administration experience (Intune, Jamf, or Kandji)
  • Strong documentation discipline
  • Clear communicator with both non-technical staff and external technical partners

Benefits & conditions

Pulled from the full job description

  • Parental leave
  • 401(k)
  • Health insurance
  • 401(k) matching
  • Paid time off
  • Vision insurance
  • Dental insurance, * 401(k)
  • 401(k) matching
  • Dental insurance
  • Health insurance
  • Life insurance
  • Paid time off
  • Parental leave
  • Relocation assistance
  • Vision insurance

Apply for this position