Role Purpose: The Senior Systems Engineer plays a critical role in ensuring the smooth operation, security, and scalability of the organization's IT infrastructure. This position encompasses administration and optimization of Active Directory (AD) and cloud environments, Office 365 applications, storage, and backup systems, as well as active collaboration with Information Security teams to support endpoint detection and response (EDR/XDR), Security Information and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) platforms. This role is also responsible for compliance, audit readiness, system monitoring, reporting, and user account management, ensuring alignment with organizational goals and regulatory requirements.
Duties and Responsibilities:
- Active Directory (AD) Strategy & Management
a. Lead the design, optimization, and high-availability management of Active Directory (on-premises, cloud, and hybrid environments), ensuring scalability, security, and operational efficiency.
b. Establish and enforce security best practices for AD, including privileged access management, delegation models, and role-based access control (RBAC).
c. Oversee AD health monitoring, troubleshoot complex directory service issues, and implement proactive automation for maintenance.
d. Define policies and standards for DNS, domain controllers, and replication strategies to ensure a resilient directory infrastructure.
- Office 365 Enterprise Administration
a. Drive the enterprise administration of Office 365, ensuring optimal configuration, performance, and security across Exchange Online, SharePoint Online, Teams, OneDrive, and other services.
b. Implement and oversee security controls, including Multi-Factor Authentication (MFA), Data Loss Prevention (DLP), Advanced Threat Protection (ATP), and compliance policies.
c. Develop long-term strategies for Office 365 adoption, user training, and governance to align with business needs and IT security frameworks.
- Enterprise Storage & Backup Architecture
a. Architect and manage scalable storage solutions, ensuring data integrity, high availability, and disaster recovery readiness.
b. Define enterprise-wide backup strategies, including regular recovery testing and automated failover mechanisms.
c. Conduct capacity planning and risk assessments to optimize storage investments and mitigate potential data loss scenarios.
- Security & Threat Mitigation Collaboration
a. Partner with the Information Security team to develop and enforce security policies, ensuring compliance with cybersecurity frameworks.
b. Integrate security tools such as Endpoint Detection and Response (EDR/XDR), Security Information and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) into system management workflows.
c. Implement proactive security hardening measures and monitor emerging threats to protect organizational assets.
- Advanced Threat Intelligence & Penetration Testing Support- Collaboration
Partner with the Information Security team to/for:
a. Integration and utilization of threat intelligence platforms (e.g., Microsoft Sentinel, CrowdStrike Falcon X, Fortinet FortiSIEM) for proactive security insights.
b. Establish a structured approach to penetration testing coordination, ensuring vulnerabilities identified via tools like Tenable Nessus and Qualys Web Application Scanning are promptly addressed.
c. Maintain documentation of security assessments, findings, and remediation strategies to support risk management objectives.
- Compliance & Audit Leadership
a. Lead IT compliance initiatives, ensuring that infrastructure aligns with standards such as Qatar Cybersecurity Framework, GDPR, and ISO 27001.
b. Collaborate with auditors to provide detailed system architecture reviews, compliance reports, and incident response documentation.
c. Develop and execute remediation plans to address vulnerabilities or non-compliance findings.
- Enterprise Monitoring & Strategic Reporting
a. Implement and manage enterprise monitoring platforms (e.g., Quest, ManageEngine) to ensure real-time visibility into system performance, security threats, and compliance adherence.
b. Generate executive-level dashboards and analytical reports to track IT infrastructure health, security incidents, and operational efficiency.
c. Utilize trend analysis to drive continuous improvement initiatives in system resilience, security posture, and performance optimization.
- Technical Leadership & Mentorship
a. Provide Tier 3+ escalation support for complex system-related issues, engaging directly with vendors and senior IT staff to drive resolution.
b. Lead training programs and knowledge-sharing initiatives to enhance the expertise of IT teams and end-users.
c. Develop and maintain best practice documentation for system configurations, troubleshooting procedures, and incident response.
- Strategic Project Leadership
a. Take ownership of major IT infrastructure projects, including cloud migrations, system consolidations, and security enhancements.
b. Drive research and implementation of emerging technologies to enhance organizational efficiency, security, and scalability.
c. Define and enforce best practices for Identity and Access Management (IAM) in Azure Active Directory and other enterprise platforms.
d. Lead encryption and backup strategy development for hybrid cloud environments.
- Compliance & Risk Management Advocacy
a. Act as a key advisor in regulatory compliance efforts, providing expert guidance on industry best practices and emerging threats.
b. Develop structured approaches for gathering audit evidence and implementing corrective action plans.
c. Maintain up-to-date documentation on compliance frameworks and IT risk management protocols.
- Cybersecurity Awareness & Training Programs
a. Lead the development and execution of cybersecurity awareness campaigns, ensuring employees are educated on best practices.
b. Oversee phishing simulation programs and track user engagement metrics to enhance organizational resilience against social engineering attacks.
c. Advocate for strong password management, secure internet usage, and data protection across all user levels.