Back to search
Gargash Group Linkedin · Posted 10d ago

Microsoft 365 & Azure Administrator (L2)

United Arab Emirates

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

About the Role: This is a hands-on technical role responsible for the day-to-day administration, operational stability, and security posture of the Group’s Microsoft 365 tenant and Microsoft Azure environment. The role holder will ensure that the tenant and cloud environment are administered to a professional standard, secure by default, licensed correctly, fully documented, and aligned with Group security and compliance requirements.



Responsibilities:



  • Microsoft 365 Administration
  • Administer the Microsoft 365 tenant on a day-to-day basis, including Exchange Online (mailboxes, distribution lists, mail flow, transport rules), SharePoint and OneDrive (sites, sharing policies, retention), and Microsoft Teams (teams, channels, policies, voice configuration where applicable).
  • Manage Intune / Endpoint Manager configuration: device enrolment, compliance policies, configuration profiles, application deployment, and conditional access integration.
  • Operate Microsoft Purview controls in coordination with Cybersecurity and Risk & Governance — data loss prevention, retention labels, sensitivity labels, eDiscovery requests.
  • Maintain tenant hygiene: unused mailboxes, shared mailbox sprawl, orphaned guest accounts, stale Teams and SharePoint sites.


  • Identity & Access Management
  • Administer Entra ID (Azure AD): user lifecycle, group management, application registrations, enterprise applications, service principals.
  • Implement and maintain Conditional Access policies, MFA enforcement, sign-in risk policies, and named locations in line with the Group security baseline.
  • Operate Privileged Identity Management (PIM) for just-in-time elevation of administrative roles; conduct periodic access reviews.
  • Support the migration from on-premises Active Directory to a cloud-native Entra ID environment, including hybrid identity synchronisation and the phased decommissioning of legacy domain controllers.
  • Partner with the Cybersecurity and Applications teams on identity and access management, maintaining identity hygiene across the estate.


  • Azure Administration
  • Administer Azure subscriptions, resource groups, and management groups under the Group’s tenant governance model.
  • Provision, configure, and maintain Azure IaaS (virtual machines, storage, networking) and PaaS services in line with architectural standards set with the Enterprise Architect.
  • Operate Azure Key Vault — secret, key, and certificate lifecycle management, access policies, and integration with application teams.
  • Configure and monitor Azure Backup, Site Recovery, and disaster-recovery components for in-scope workloads, sharing the backup and recovery support load with the Cybersecurity, Applications, and Infrastructure teams.
  • Use Azure Monitor, Log Analytics, and cost-management tooling to track resource health, utilisation, and spend.


  • Licensing & Cost Control
  • Administer licence assignment across the Microsoft 365 / Azure estate, including group-based licensing where appropriate.
  • Maintain an accurate, evergreen view of licence consumption versus entitlement under the EA and any CSP arrangements; flag over- and under-utilisation.
  • Track Azure consumption against budget and reservation commitments; raise variances to the Head of Technology Service Delivery and Enterprise Architect.
  • Support the annual EA true-up and renewal cycle with data, reconciliation, and recommendations.


  • Security & Compliance Operations
  • Operate Microsoft Defender (Endpoint, Identity, Office 365, Cloud) consoles in coordination with the Cybersecurity team; action alerts within agreed L2 scope and escalate as required.
  • Support the Cybersecurity function with tenant-side configuration changes required by ISMS, audit, or incident-response activity.
  • Maintain hardening baselines for tenant configuration in line with Microsoft Secure Score and CIS benchmarks; track drift and remediation.
  • Participate in vulnerability remediation, patching, and configuration-change activity affecting Microsoft cloud workloads.


  • Service Operations & Incident Response
  • Act as second-line escalation for service desk tickets relating to Microsoft 365 and Azure services; resolve incidents within agreed SLAs.
  • Participate in problem management — root-cause analysis for recurring incidents, with documented remediation.
  • Execute changes through the Group change-management process; produce implementation, test, and rollback plans.
  • Contribute to major incident response on-call rotation as agreed with the Head of Technology Service Delivery.


  • Documentation & Knowledge
  • Maintain accurate, current documentation of tenant configuration, Azure architecture, runbooks, and standard operating procedures.
  • Produce knowledge-base articles and self-service guidance to deflect repeat L1 tickets.
  • Support audit and assurance activity (internal audit, ISMS, OEM and regulatory reviews) with evidence packs on demand.


  • Cross-Functional Collaboration
  • Work closely with the Cybersecurity, Risk & Governance, Applications, and Enterprise Architecture functions to ensure tenant and cloud changes are reviewed, approved, and aligned to Group standards.
  • Engage directly with Microsoft (account team, FastTrack, support) and the Group’s licensing reseller to maximise value from existing agreements.
  • Coordinate with business units’ technology liaisons on tenant-affecting changes and major rollouts (Teams Phone, new SharePoint estates, and similar).

Qualifications:


  • Minimum 5 years of hands-on experience administering Microsoft 365 and Microsoft Azure in a production enterprise environment.
  • Deep practical knowledge of Entra ID (Azure AD), Exchange Online, SharePoint Online, Teams, OneDrive, and Intune / Endpoint Manager.
  • Demonstrable Azure administration experience covering IaaS, PaaS, virtual networking, storage, Key Vault, Backup, and Monitor.
  • Hands-on experience migrating on-premises Active Directory

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent