Arctiq is a global, intelligence-driven technology services company delivering professional and managed services across Hybrid Cloud Infrastructure, Networking & Connected Experiences, Cybersecurity, Data & AI, Autonomous Operations & Intelligence, and Enterprise Service Management. We help organizations operate, secure, and modernize complex environments by unifying infrastructure, networking, data, security, automation, and observability under a single, integrated operating model. Our work focuses on helping customers reduce operational friction, improve resilience, and make better, faster decisions as their environments evolve. Arctiq builds on decades of industry expertise and a customer-centric ethos to deliver exceptional value to clients across diverse industries.
Own administration and security operations for Microsoft 365 and hybrid identity. Ensure availability, security, and compliance of Exchange Online, Entra ID (Azure AD), and related services. Serve as an escalation point, lead incident triage for Microsoft 365/identity alerts from SIEM/SOC platforms, and drive continuous improvement through automation, documentation, and standards.
This is a contract or contract-to-hire opportunity with one of our Arctiqs clients located in Atlanta, GA. It is a hybrid arrangement and a candidate must feel comfortable with the onsite presence.
ESSENTIAL FUNCTIONS & RESPONSIBILITIES
Administer Microsoft 365 services Exchange Online, Teams, SharePoint Online, tenant configuration, and licensing. Maintain hybrid identity and access Active Directory, Entra ID, sync, SSO, MFA, Conditional Access, and privileged access practices. Operate messaging and mail flow Exchange Online, hybrid connectors where applicable, transport rules, and retention. Perform security operations and compliance Microsoft Defender, Purview, audit/eDiscovery, and related telemetry. Automate administration and reporting PowerShell scripting; build repeatable runbooks and scripts. Monitor system/service health Capacity and performance monitoring; coordinate change and maintenance windows. Support endpoint/server hygiene Patching, vulnerability remediation, and configuration baselines in collaboration with platform teams. Participate in on-call rotation Manage incidents through triage, remediation, and post-incident review. Create and maintain documentation Diagrams, knowledge articles; mentor less experienced staff; act as a liaison across IT teams.
SECURITY & INCIDENT RESPONSE
Core Triage
Monitor and triage security incidents from GreyMatter or SIEM/SOC platforms, prioritizing by severity and business impact. Act as first responder for Microsoft 365 and identity-related alerts suspicious sign-ins, compromised accounts, anomalous behavior.
Investigation & Analysis
Analyze alerts and correlated events across Microsoft 365, Entra ID, and on-prem systems to determine scope, impact, and root cause. Use Microsoft Defender, Purview, and audit logs to perform forensic review and validate threats.
Response & Remediation
Execute containment and remediation account disablement, session/token revocation, Conditional Access enforcement per security procedures. Coordinate with internal security teams and external SOC providers to escalate and resolve incidents efficiently.
REQUIREMENTS
Bachelors degree in MIS/CS or equivalent experience. 3-5 years of IT experience with strong Windows client/server fundamentals. Hands-on administration of Microsoft 365 and hybrid identity (Active Directory + Entra ID). Strong PowerShell scripting and troubleshooting skills. Experience triaging and responding to security incidents using alerting, audit, and logging data. Ability to execute tasks in a high-pressure environment and participate in on-call rotation.
Preferred Qualifications
Experience with SIEM/SOC workflows and ticketing (e.g., ServiceNow). Experience with Exchange hybrid configurations and mail routing. Industry certifications in Microsoft 365/Azure security and identity or equivalent.