Microsoft 365 Enterprise Administrator Expert

Overview
This role exists to ensure the secure, reliable, compliant, and efficient operation of Microsoft 365 (O365) services that underpin mission‑critical communications, collaboration, identity, and compliance capabilities across the agency. The O365 Information Technology Specialist acts as the primary technical authority for tenant administration, identity and access management, messaging, collaboration platforms, security monitoring, and compliance operations.

Reporting and Compliance

The O365 Information Technology Specialist will:

• Report to the Enterprise Platforms and Storage Director
• Collaborate closely with:

• Cybersecurity

• Enterprise Applications

• Infrastructure and Networking

• Legal, Privacy, and eDiscovery stakeholders

The Specialist will ensure compliance with:

• Federal IT security and identity management requirements (e.g., FISMA, Zero Trust mandates)
• Microsoft 365 security and governance best practices
• Agency‑wide OCIO policies, audits, and change management processes

The position is responsible for maintaining comprehensive documentation, audit evidence, and administrative reporting to support OIG reviews, legal discovery actions, licensing audits, and cybersecurity assessments.

Background

The Agency relies heavily on Microsoft 365 services for email, identity, authentication, collaboration, compliance, and security monitoring across geographically distributed domestic and international users. These services are foundational to agency operations and mission delivery.

The complexity of managing:

• Hybrid identity (on‑prem Active Directory + Azure AD/Entra ID)
• Role‑based access controls
• High‑volume email and collaboration platforms
• Legal holds and data retention
• Licensing governance and cost management

requires a dedicated O365 Systems Administrator with deep technical expertise and operational accountability.

Scope of Work

The O365 Information Technology Specialist shall perform the following duties:

1. Microsoft 365 Tenant & Identity Management

• Administer Microsoft 365 tenant configuration and service health
• Manage Azure AD / Entra ID identity lifecycle, including:

• User provisioning and de‑provisioning

• Group and role‑based access control (RBAC)

• Conditional Access and MFA policies

• Support hybrid identity synchronization and authentication services

2. Messaging & Collaboration Administration

• Administer and support:
• Exchange Online
• Microsoft Teams
• SharePoint Online
• OneDrive for Business
• Manage mail flow, transport rules, mailbox permissions, and shared mailboxes
• Support platform configuration changes, troubleshooting, and service optimization

3. Security & Compliance Operations

• Configure and manage Microsoft 365 security controls including:
• Defender for Office 365
• Microsoft Purview compliance features
• DLP, retention, and sensitivity labeling
• Support incident response, investigation, and remediation activities
• Implement and maintain audit logging and monitoring

4. eDiscovery, Legal Hold & Retention Support

• Administer eDiscovery (Standard and Premium) cases
• Apply and manage litigation holds and retention policies
• Coordinate with legal and privacy officials on data preservation and collection
• Ensure defensible, auditable handling of sensitive information

5. License Management & Cost Control

• Manage Microsoft 365 license assignment and utilization
• Monitor license consumption and over‑subscription risks
• Provide reporting and analysis for:
• Budget planning
• License optimization
• Audit readiness

6. Operational Monitoring & Reporting

• Monitor service health, incidents, and performance issues
• Produce recurring operational reports, including:
• Service outages and incident summaries
• Security findings and compliance posture
• License utilization and access trends
• Recommend improvements for reliability, security, and efficiency

7. Key Deliverables

The O365 Information Technology Specialist shall produce:

• Monthly O365 Operations & Health Reports
• Monthly License Utilization and Cost Reports
• Security and Compliance Configuration Documentation
• eDiscovery and Legal Hold Support Artifacts
• Identity and Access Control Reviews
• Incident Response Documentation and Root Cause Analyses
• Recommendations for Security, Governance, and Cost Optimization

REQUIREMENTS

• 7–10 years of direct Microsoft 365 / O365 systems administration experience
• Demonstrated expertise in:
• Exchange Online
• Azure AD / Entra ID
• Teams, SharePoint, OneDrive
• Microsoft Purview and Defender
• Valid and verifiable IT degrees and certifications

Desired Certifications

• Microsoft 365 Administrator Expert
• Azure Administrator Associate
• Azure Security Engineer
• CompTIA Security+
• ITIL Foundations

Work Location

a. Onsite - Washington, DC (Must be able to commute to Washington, DC)

b. Situational Telework as approved

Security Requirements

Must be able to pass a Non-Critical Sensitive Public Trust clearance.

Hours of Operation

The contractor is required to provide these services Monday through Friday, between the operating hours of 0800 to 1800 Eastern Time Mon – Fri, and on-call/maintenance services as needed Mon – Fri and on weekends and holidays.

Specific tasks may require variations from this schedule, including weeknights and weekends. While the contractor is required to optimize personnel staffing and manning to match the specific task requirements and performance criteria between the operating hours, the contractor must support weekends and evenings as required to accommodate installations, maintenance, patching and general support that cannot be performed during normal working hours.

Job Types: Full-time, Contract

Pay: $95,000.00 - $130,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Health savings account
• Paid time off
• Vision insurance

Application Question(s):

• Does your resume reflect you can produce ALL the Key Deliverables?
• Monthly O365 Operations & Health Reports
• Monthly License Utilization and Cost Reports
• Security and Compliance Configuration Documentation
• eDiscovery and Legal Hold Support Artifacts
• Identity and Access Control Reviews
• Incident Response Documentation and Root Cause Analyses
• Recommendations for Security, Governance, and Cost Optimization

Education:

• Bachelor's (Preferred)

Experience:

• Microsoft 365 security, identity, & compliance solutions: 7 years (Required)
• Exchange Online, Azure AD/Entra ID: 7 years (Required)
• Administer and support Microsoft Office 365 environments: 7 years (Required)
• Implement and enforce Office 365 security policies: 7 years (Required)
• Teams, SharePoint, OneDrive,MS Purview & Defender: 7 years (Required)

License/Certification:

• Microsoft Certified: Enterprise Administrator Expert (Preferred)
• Microsoft Certified: Azure Security Engineer Associate (Preferred)
• ITIL Foundation (Preferred)
• CompTIA Security+ (Preferred)

Security clearance:

• Confidential (Preferred)

Shift availability:

• Day Shift (Required)

Ability to Commute:

• Washington, DC 20237 (Required)

Work Location: In person