Senior Azure & M365 Infrastructure Engineer - New York - Hybrid

Our PBI Stratus platform runs a true follow-the-sun model across three time zones.

The Role

You will design, build, and automate the Azure and Microsoft 365 platforms behind our managed cloud service, with a focus on repeatable, infrastructure-as-code delivery for new and existing clients. You will be a senior escalation point for Managed Services, vendors, and Microsoft support, and partner with architects and Cybersecurity to modernize client estates.

Requirements

• Proven track record as a senior technical resource in a dedicated or client-facing environment, ideally within an MSP or financial services firm
• 4+ years with Azure and Microsoft 365
• Azure compute: VMs, Availability Sets/Zones, Storage Accounts, Site Recovery
• Azure networking: VNets, Virtual WAN, ExpressRoute, VPN Gateway, NSGs
• Microsoft Entra ID: conditional access and hybrid identity
• M365 admin: Exchange Online, Teams, SharePoint, OneDrive, Intune (MAM/MDM), Defender for Endpoint
• Public cloud migrations and configuration management
• Automation: PowerShell with Bicep/ARM or Terraform
• Strong written documentation

• Azure governance: Policy, RBAC, Management Groups, Landing Zones
• Azure services: Key Vault, Bastion, Backup, Monitor, Log Analytics
• Azure security and edge: Application Gateway (WAF), Firewall, DDoS Protection
• Microsoft Purview, Sentinel, Defender for Cloud
• Azure SQL, Azure Virtual Desktop, AKS, Azure DevOps/GitHub Actions
• FinOps and cost optimization

• Fortinet (FortiGate) firewalls
• Cisco Meraki switches and access points
• Ubiquiti UniFi switching, access points, and controllers
• LAN/WAN, VLANs, routing, DNS, DHCP, and VPN

• AZ-104, AZ-305, AZ-700, MS-102 or SC-300, and Fortinet NSE

• Consultative, solution-focused, and proactive
• Hands-on, accountable, and versatile
• Always learning, and shares knowledge across the team

Responsibilities:

• Serve as the senior onsite technical lead and trusted advisor to the client's CTO and senior stakeholders
• Design and deploy Azure and Microsoft 365 solutions using infrastructure-as-code (Bicep, ARM, Terraform, PowerShell)
• Build Azure landing zones aligned to the Cloud Adoption Framework
• Lead public cloud migrations: email, files, apps, servers, and identity
• Act as senior escalation for Managed Services, vendors, and Microsoft support
• Administer Microsoft Entra ID: conditional access, PIM, RBAC, and hybrid identity
• Run M365 security: Defender for Endpoint/XDR, Sentinel, Purview, and Intune
• Improve design, security, performance, and cost, and keep documentation current

Benefits

This is a full time role with the following employment benefits:

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)
• Short Term & Long-Term Disability
• Training & Development, including support for cloud and security certifications

Portfolio BI is an equal opportunities employer and welcomes applications from all backgrounds. Candidates must have the right to work in the United States. We cannot provide visa sponsorship for this role.