IT Support Lead / IT Operations & Security Lead

The IT Support Lead is responsible for end-to-end ownership of local IT operations, cloud

infrastructure, endpoint management, and information security controls. This role combines

hands-on technical execution with leadership, compliance, and audit readiness, ensuring a

secure, scalable, and highly reliable IT environment across Windows and macOS

platforms.

The role also serves as a key SOC 2 / ISO 27001 IT control analyst, working closely with

CISO, internal stakeholders, auditors, and vendors.

Roles & Responsibilities

Infrastructure & Network Administration

• Manage, monitor, and maintain firewall devices (Sophos, Fortinet, etc.).

• Administer access points and enterprise Wi-Fi configurations.

• Troubleshoot LAN/WAN, VPN, and network performance issues.

• Maintain secure and reliable office and remote connectivity.

Cloud & Microsoft 365 Administration

• Administer the Microsoft 365 environment including Exchange Online, Teams,

SharePoint, OneDrive, and license management.

• Manage Azure AD / Entra ID including SSO, MFA, conditional access, and rolebased access control.

• Implement and maintain Microsoft Intune for device enrollment, compliance

policies, configuration profiles, and application deployment.

• Manage AWS infrastructure (EC2, S3, IAM, backups, monitoring).

• Implement cloud security best practices and cost optimization strategies.

Endpoint & Device Management (Windows & macOS)

• Own end-to-end device lifecycle management for Windows and macOS devices

(procurement, onboarding, offboarding, secure disposal).

• Enforce patching, OS updates, and compliance across endpoints.

• Deploy and manage endpoint security solutions (Bitdefender, Sophos, Symantec,

etc.).

• Support remote and hybrid workforce device enablement.

Information Security & Compliance

• Act as IT control owner for SOC 2 (Type I & II) and support ISO 27001 initiatives.

• Implement, monitor, and maintain security controls across infrastructure, cloud, and

endpoints.

• Lead audit preparation, evidence collection, and remediation tracking.

• Maintain risk registers, audit logs, and security documentation.

• Manage incident response, vulnerability remediation, and security investigations.

Identity & Access Management

• Enforce user access policies and Joiner-Mover-Leaver (JML) processes.

• Manage Active Directory and Azure AD hybrid environments.

• Conduct periodic access reviews and privilege audits.

• Secure service accounts and privileged access.

IT Operations, Monitoring & DR

• Own IT ticketing systems, SLAs, escalation paths, and service delivery metrics.

• Implement monitoring and centralized logging for infrastructure, endpoints, and cloud

systems.

• Define and maintain backup, disaster recovery, and business continuity procedures.

• Periodically test recovery processes and document outcomes.

Documentation & Governance

• Maintain IT asset inventory, configuration baselines, and audit trails.

• Create and update SOPs, IT policies, and user guides.

• Own change management processes aligned with audit requirements.

• Support client and customer security questionnaires and compliance reviews.

Leadership & Stakeholder Communication

• Lead and mentor IT support engineers and administrators.

• Act as the single point of accountability for local IT and security posture.

• Liaise with vendors, MSPs, and service providers.

• Provide regular IT and security updates to internal leadership.

• Conduct employee training on IT usage and security awareness.

Required Skills & Experience

• Strong experience managing Windows and macOS environments.

• Hands-on expertise with Microsoft Intune and Microsoft 365 administration.

• Experience with firewalls, networking, VPNs, and Wi-Fi infrastructure.

• Practical experience with AWS cloud services.

• Proven exposure to SOC 2 and/or ISO 27001 audits.

• Hands-on with Active Directory, Azure AD, and basic scripting.

• Strong troubleshooting, documentation, and communication skills.

Preferred Certifications

• Microsoft 365 Certified: Enterprise Administrator Expert

• Microsoft / AWS Administrator Associate

• Fortinet NSE / Sophos Certified Engineer

• CompTIA Security+, CISSP

• ITIL v4 Foundation

Success Indicators

• Stable, secure, and compliant IT environment

• Successful SOC 2 / ISO audits with minimal findings

• High endpoint compliance across Windows and macOS

• Reduced IT incidents and improved resolution times

• Strong internal stakeholder satisfactio