Internal IT
TRAILHEAD BIOSYSTEMS INC.
Beachwood, United States of America
1 month ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
IntermediateJob location
Beachwood, United States of America
Tech stack
Microsoft Windows
Microsoft Online Services
Business Software
Software as a Service
Computer Security
Data Infrastructure
Domainkeys Identified Mail
Domain-Based Message Authentication Reporting and Conformance (DMARC)
Information Lifecycle Management
Information Technology Operations
Networking Hardware
Network Connections
Phishing
SharePoint
Virtual Local Area Networks
Wi-Fi Technology
Data Classification
Microsoft InTune
Computer Equipment
Sender Policy Framework (SPF)
Information Technology
Patch Management
Casper Suite
Cloud Optimization
Firewall Services Module
User Administration
Job description
End-User Support & IT Operations
- Primary internal point of contact for all hardware, software, connectivity, and access issues across on-site and remote employees
- Own the MSP relationship: define what goes to them, hold them to SLAs, and escalate appropriately - you are the bridge, not the bottleneck
- Manage the full device lifecycle: procurement, imaging, deployment, and decommissioning across a ~45-device corporate fleet
- Administer Microsoft 365: Entra ID, Exchange Online, SharePoint, Teams, OneDrive, and associated licenses
- Own IT onboarding and offboarding workflows, account provisioning, device assignment, access revocation, and litigation hold procedures; this process must be airtight and documented
- Maintain a current IT asset inventory
Cybersecurity & Information Security
- Own the organization's day-to-day security posture; engage the MSP for complex security projects and escalations
- Administer endpoint protection, patch management, MFA enforcement, and conditional access policies
- Monitor M365 security and compliance tooling: Purview, Defender for Business, audit logs
- Conduct periodic access reviews and permission audits; produce findings reports for COO
- Lead first-response on security incidents , containment first, investigation second and coordinate MSP escalation where needed; this includes employee departure scenarios involving potential data exfiltration
- Manage email authentication controls (SPF, DKIM, DMARC) and anti-phishing policies
Lab & Instrument IT
- Maintain network connectivity for laboratory instruments and manage isolated VLANs where required
- Serve as the IT interface for lab instrument vendors and cloud-connected instrument platforms
- Keep instrument computing hardware and software licenses current in coordination with R&D and Manufacturing
Access & Device Governance
- Deploy and administer an MDM solution across the full device fleet
- Own permissions governance for end-user systems: M365, SharePoint, shared drives, and SaaS applications
- Conduct quarterly access audits; report findings to COO
- Manage data lifecycle for off-boarded employees including legal preservation requirements
Cloud Cost & Vendor Management
- Monitor cloud and SaaS spend; surface optimization opportunities and eliminate unused licenses
- Manage all software subscriptions across office and lab environments, licenses, renewals, utilization tracking, and vendor relationships for both business software and laboratory-specific applications
- Coordinate with the Data Infrastructure Engineer on cloud access provisioning - you manage who has access, they manage the architecture
- Track IT vendor contracts and MSP deliverables; flag renewal dates and surface consolidation opportunities
IT Policy & Documentation
- Develop and maintain core IT policies: Acceptable Use, Data Classification, Password Policy, BYOD
- Document processes and configurations well enough that someone else could operate them
Requirements
Do you have experience in Vendor relationship building?, * 3-5 years of hands-on IT experience in a generalist role
- Microsoft 365 administration: Entra ID, Exchange Online, SharePoint, Intune/MDM
- Endpoint security: patch management, MFA/conditional access, Defender for Business or equivalent
- Experience managing network hardware: switches, enterprise Wi-Fi, firewall rules
- MDM deployment and administration experience (Intune, Jamf, or Kandji)
- Strong documentation discipline
- Clear communicator with both non-technical staff and external technical partners
Benefits & conditions
Pulled from the full job description
- Parental leave
- 401(k)
- Health insurance
- 401(k) matching
- Paid time off
- Vision insurance
- Dental insurance, * 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Life insurance
- Paid time off
- Parental leave
- Relocation assistance
- Vision insurance