Sr. Microsoft 365 Administrator (L2/L3)
Description
iSoftStone, Inc. is seeking a Senior M365 System Administrator (L2/L3) to join our Team
in Palo Alto, CA (in office)!
*THIS IS A W2 CONTRACT POSITION (JUNE 2026 THROUGH FEBRUARY 2027)*
**Fluency in Mandarin is Preferred**
We are seeking a highly skilled Senior Microsoft 365 System Administrator (L2/L3) to support the design, implementation, and ongoing operations of enterprise Microsoft 365 environments. This role combines solution architecture, system engineering, and advanced administration, ensuring secure, scalable, and reliable collaboration and endpoint platforms.
Responsibilities:
Responsibilities:
Solution Design and Architecture
• Lead solution design and technical architecture for Microsoft 365 and related services
• Translate business and security requirements into scalable, secure, and supportable solutions
• Define architecture patterns across:
o Identity & access (SSO, Conditional Access, Zero Trust)
o Endpoint management (Intune / UEM)
o Collaboration & messaging (Exchange, Teams, SharePoint)
• Produce high-level and low-level design (HLD/LLD) documentation
• Evaluate new features and technologies, and provide design recommendations and roadmaps
• Ensure solutions align with enterprise standards for security, compliance, and performance
• Lead solution design and technical architecture for Microsoft 365 and related services
• Translate business and security requirements into scalable, secure, and supportable solutions
• Define architecture patterns across:
o Identity & access (SSO, Conditional Access, Zero Trust)
o Endpoint management (Intune / UEM)
o Collaboration & messaging (Exchange, Teams, SharePoint)
• Produce high-level and low-level design (HLD/LLD) documentation
• Evaluate new features and technologies, and provide design recommendations and roadmaps
• Ensure solutions align with enterprise standards for security, compliance, and performance
System Administration (L2/L3 Support)
• Provide L2/L3 support for Microsoft 365 services, including escalation handling and root cause analysis
• Administer:
o Exchange Online, Teams, SharePoint Online, OneDrive
o Azure AD / Entra ID
• Troubleshoot complex issues across identity, messaging, collaboration, and endpoint environments
Endpoint Management and Security
• Administer Microsoft Intune and UEM platforms
• Manage device compliance, configuration profiles, and application deployment
• Operate and optimize EDR solutions such as Microsoft Defender for Endpoint
• Design and implement endpoint security baselines and compliance policies
• Support enterprise endpoint strategy across Windows, macOS, and mobile devices
Identity and Access Management
• Design and implement SSO, MFA, and Conditional Access architectures
• Integrate enterprise applications using SAML, OAuth, and OpenID Connect
• Support hybrid identity (on-prem AD + cloud) and identity lifecycle management
• Contribute to identity governance and Zero Trust initiatives
Automation and Scripting
• Develop and maintain automation using PowerShell
• Build reusable scripts and tooling for provisioning, reporting, and compliance
• Improve operational efficiency through automation and standardization
Network and Infrastructure Integration
• Troubleshoot and design solutions related to DNS, authentication, and connectivity
• Work with network teams on secure access (proxy, firewall, conditional access integration)
• Ensure reliable service integration across cloud and on-prem environments
Security and Compliance
• Implement Microsoft 365 security controls and policies aligned with best practices
• Support audit, compliance, and eDiscovery requirements
• Collaborate with security teams on monitoring, alerting, and incident response
Qualifications:
• Five to eight+ years of Microsoft 365 administration and engineering experience
• Proven experience in solution design/architecture for Microsoft 365 environments
• Strong hands-on expertise in:
o Microsoft 365 core services (Exchange Online, Teams, SharePoint)
o Intune / UEM / EDR
o Azure AD (Entra ID), SSO, Conditional Access
• Advanced PowerShell scripting skills
• Solid understanding of:
o Identity protocols (SAML, OAuth, OpenID Connect)
o DNS, networking, and security fundamentals
• Experience with hybrid environments (on-prem and cloud)
• Strong architecture thinking with hands-on execution ability
• Ability to translate requirements into practical technical designs
• Strong troubleshooting and problem-solving skills
• Effective communication with cross-functional stakeholders
• Proactive, automation-driven mindset
• Ability to design solutions and contribute to architecture decisions, implement and optimize systems end-to-end, and provide advanced L2/L3 operational support
• Provide L2/L3 support for Microsoft 365 services, including escalation handling and root cause analysis
• Administer:
o Exchange Online, Teams, SharePoint Online, OneDrive
o Azure AD / Entra ID
• Troubleshoot complex issues across identity, messaging, collaboration, and endpoint environments
Endpoint Management and Security
• Administer Microsoft Intune and UEM platforms
• Manage device compliance, configuration profiles, and application deployment
• Operate and optimize EDR solutions such as Microsoft Defender for Endpoint
• Design and implement endpoint security baselines and compliance policies
• Support enterprise endpoint strategy across Windows, macOS, and mobile devices
Identity and Access Management
• Design and implement SSO, MFA, and Conditional Access architectures
• Integrate enterprise applications using SAML, OAuth, and OpenID Connect
• Support hybrid identity (on-prem AD + cloud) and identity lifecycle management
• Contribute to identity governance and Zero Trust initiatives
Automation and Scripting
• Develop and maintain automation using PowerShell
• Build reusable scripts and tooling for provisioning, reporting, and compliance
• Improve operational efficiency through automation and standardization
Network and Infrastructure Integration
• Troubleshoot and design solutions related to DNS, authentication, and connectivity
• Work with network teams on secure access (proxy, firewall, conditional access integration)
• Ensure reliable service integration across cloud and on-prem environments
Security and Compliance
• Implement Microsoft 365 security controls and policies aligned with best practices
• Support audit, compliance, and eDiscovery requirements
• Collaborate with security teams on monitoring, alerting, and incident response
Qualifications:
• Five to eight+ years of Microsoft 365 administration and engineering experience
• Proven experience in solution design/architecture for Microsoft 365 environments
• Strong hands-on expertise in:
o Microsoft 365 core services (Exchange Online, Teams, SharePoint)
o Intune / UEM / EDR
o Azure AD (Entra ID), SSO, Conditional Access
• Advanced PowerShell scripting skills
• Solid understanding of:
o Identity protocols (SAML, OAuth, OpenID Connect)
o DNS, networking, and security fundamentals
• Experience with hybrid environments (on-prem and cloud)
• Strong architecture thinking with hands-on execution ability
• Ability to translate requirements into practical technical designs
• Strong troubleshooting and problem-solving skills
• Effective communication with cross-functional stakeholders
• Proactive, automation-driven mindset
• Ability to design solutions and contribute to architecture decisions, implement and optimize systems end-to-end, and provide advanced L2/L3 operational support
Preferred Qualifications:
• Microsoft certifications (MS-102, SC-300, MD-102)
• Experience with Zero Trust architecture design
• Familiarity with SIEM tools such as Microsoft Sentinel
• Experience in enterprise or global environments
Pay Range: $65 to $70/hour
iSoftStone is a global IT service and consulting company that creates value and drives success through technology solutions, service excellence, and digital innovation. We specialize in web and application development, software testing and support, data and content management, digital experience, accessibility, and data for machine learning and AI. With 20 delivery centers and more than 90,000 employees worldwide, iSoftStone is proud to serve some of the world’s most well-known businesses, including 90+ Fortune Global 500 companies.
iSoftStone is committed to the practice of equal opportunity for all its employees and applicants in employment, and does not discriminate on the basis of race or ethnicity, gender identity, sexual orientation, status as an honorably discharged veteran or disabled veteran or military status, political affiliation or belief, citizenship/status as a lawfully admitted immigrant authorized to work in the United States, or presence of any physical, sensory, or mental disability. In addition, reasonable accommodation will be made for known physical or mental limitations for all otherwise qualified persons with disabilities.