Lead System Engineer

About Masdr

Masdr provides integrated digital data and business solutions to public and private sector organizations, enabling operational efficiency, enhanced customer experience, data-driven decision-making, and compliance with regulatory and cybersecurity requirements through advanced digital technologies and enterprise platforms.

Job Purpose

Lead and directly execute the administration, operation, and continuous improvement of enterprise systems, identity platforms, digital workplace technologies, endpoint governance, and messaging security. The role is responsible for ensuring secure, reliable, and scalable operations while acting as the hands-on technical owner during the initial phase, establishing operational standards, technical foundations, and service maturity as the organization grows.

Key Responsibilities

Strategy & Planning

• Contribute to infrastructure strategy by aligning enterprise systems, workplace technologies, and endpoint platforms with business, operational, security, and regulatory requirements.
• Translate technical and operational requirements into practical implementation and improvement plans.

Governance & Compliance

• Ensure managed technologies comply with organizational policies and regulatory frameworks such as NCA, SAMA, and ISO27001.
• Support audits, risk assessments, remediation initiatives, and implementation of security controls.

Operational Excellence

• Ensure high availability, reliability, and performance of managed systems through proactive operations and continuous improvement initiatives.
• Maintain operational documentation, standards, automation processes, and service consistency.

Collaboration

• Collaborate closely with Cloud, Security, Network, and business teams to deliver secure and reliable enterprise technology services.
• Act as the primary technical escalation point for managed platforms and services.

Change & Continuous Improvement

• Lead technical change activities while minimizing operational risks and business disruption.
• Continuously improve automation capabilities, operational efficiency, and security posture.

Technical Responsibilities

Hands-On Technical Ownership

• Directly administer and operate enterprise systems and assigned technologies.
• Establish operational standards, technical documentation, service ownership models, and support processes.
• Assess operational workloads and identify future team expansion requirements.

Identity & Access Platforms

• Administer and maintain Active Directory, Entra ID, authentication services, identity lifecycle management, and access governance controls.
• Ensure secure, reliable, and compliant identity operations across the enterprise environment.

Microsoft Platform Administration

• Manage Microsoft platforms including Windows Server, Exchange, and Microsoft 365 services.
• Ensure secure configurations, lifecycle management, patching, operational stability, and service availability.

Digital Workplace Technologies

• Manage enterprise workplace technologies supporting collaboration, productivity, endpoint access, and user enablement services.
• Ensure efficient and secure delivery of end-user technology solutions.

Endpoint Governance & Security

• Administer endpoint management and security technologies including Intune, Microsoft Defender, device compliance enforcement, and conditional access controls.
• Ensure endpoint environments comply with operational and cybersecurity standards.

Data Protection & Information Governance

• Manage data protection technologies including Microsoft Purview, DLP controls, and data classification solutions.
• Support implementation of information protection, governance, and compliance controls.

Messaging & Mail Security

• Administer enterprise messaging environments including Exchange and FortiMail platforms.
• Ensure secure email flow, threat protection, anti-spam controls, mail continuity, and operational reliability.

Enterprise Systems Administration

• Operate and maintain enterprise infrastructure platforms supporting business-critical services.
• Perform system administration, monitoring, patching, hardening, maintenance, troubleshooting, and performance optimization activities.

Security Hardening & Compliance

• Apply secure configuration baselines, hardening standards, vulnerability remediation, and patch governance across managed technologies.
• Ensure alignment with cybersecurity frameworks and regulatory requirements.

Automation & Operational Efficiency

• Drive automation initiatives for provisioning, monitoring, patching, reporting, and repetitive operational activities.
• Improve service consistency, efficiency, auditability, and operational resilience.

Incident Management & Service Reliability

• Lead troubleshooting, incident response, root cause analysis, and recovery activities for managed platforms.
• Strengthen operational readiness, service continuity, and system resilience.

Vendor & Technology Lifecycle Management

• Coordinate vendor support, platform upgrades, renewals, issue resolution, and service improvement activities.
• Manage lifecycle planning for enterprise systems and supporting technologies.

Behavioral Competencies

• Strong ownership and accountability for enterprise technology services.
• Hands-on leadership with excellent troubleshooting and execution capabilities.
• Ability to work effectively under operational pressure and shifting priorities.
• Strong collaboration and communication skills across technical and business teams.
• High attention to detail with a strong focus on security, compliance, and service quality.
• Proactive mindset toward modernization, automation, and continuous improvement initiatives.

Qualifications & Experience

• Bachelor’s degree in Computer Science, Information Systems, or a related field.
• Minimum 5–6 years of experience in system engineering, infrastructure management, virtualization, and enterprise systems administration.
• Strong hands-on expertise in Active Directory, Entra ID, Windows Server, Exchange, and Microsoft 365 technologies.
• Experience with endpoint management and security solutions including Intune and Microsoft Defender.
• Knowledge of Microsoft Purview, DLP technologies, and data classification frameworks.
• Strong understanding of identity management, authentication, access governance, and endpoint compliance.
• Experience in system hardening, vulnerability remediation, patch management, and security controls implementation.
• Proficiency in scripting and automation for systems administration and operational efficiency.
• Familiarity with enterprise infrastructure operations, troubleshooting, and service management.
• Knowledge of regulatory and cybersecurity frameworks such as NCA, SAMA, ISO27001, and CIS benchmarks.