Microsoft 365 Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Duos Technologies, Inc. · 1 month ago

Microsoft 365 Engineer

positionJacksonville, FL, USA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$115K/yr - $130K/yr
date7+ years exp

Duos Technologies, Inc. is seeking a Microsoft 365 Engineer to manage their Microsoft cloud stack. The role involves designing, deploying, securing, and operating Microsoft 365 services while collaborating with various teams to ensure a resilient and compliant service.

HardwareHomeland SecuritySoftware

Responsibilities

Design and run the target Microsoft 365 tenant (greenfield or separated), including domain and DNS cutover, directory topology, and identity lifecycle
Implement Conditional Access (per‑user/per‑app/per‑device), MFA, Named Locations (including VPN egress IPs and HQ/DC public ranges), risk‑based policies, and break‑glass controls
Deploy and maintain Entra Connect (Cloud Sync/AAD Connect) as needed; plan for hybrid to cloud‑only identity transitions where appropriate
Stand up PIM (Privileged Identity Management), access reviews, entitlement management, and least‑privilege admin RBAC across workloads
Govern B2B/B2C/guest access and external collaboration settings with clear guardrails
Lead Intune architecture: device compliance, configuration profiles, security baselines, BitLocker escrow, WUfB/feature update rings, Autopatch (where applicable), and Autopilot provisioning
Build a scalable application packaging program (Win32, LOB, MSIX), pilot rings, rollback plans, and secure app protection policies (MAM)
Migrate GPOs to Intune policy equivalents; rationalize legacy builds and drive modern management adoption
Establish gold images/profiles, device naming, asset tagging, and lifecycle processes
Plan and execute cross‑tenant migrations (mailboxes, Teams, SharePoint sites, OneDrive) with coexistence strategies (free/busy, guest access, shared channels)
Implement Microsoft Purview: sensitivity labels, DLP, retention/records, insider risk (as needed), and eDiscovery (Standard/Premium) processes
Define Teams/SharePoint information architecture and governance (naming, lifecycle, external sharing, sprawl control)
Operate and tune Microsoft Defender XDR (Endpoint/Identity/Office/Cloud Apps) and leverage Advanced Hunting (KQL) for detection/response
Integrate with SIEM (Microsoft Sentinel or existing), define alert routing/runbooks, and lead incident response for Microsoft 365 scope
Build dashboards/SLOs for patch compliance, device posture, CA/MFA effectiveness, and threat metrics
Coordinate with network teams on VPN/IP allowlists, Named Locations, split‑tunnel considerations, and service endpoints impacting Conditional Access and Microsoft 365 reliability
Support secure connectivity models across HQ, Datacenter, and new racks; ensure cloud posture reflects changing ISP/public IPs and DMZ patterns
Align Autopilot/Intune content delivery with network design to avoid hairpinning and optimize end‑user experience
Automate admin at scale with PowerShell and Microsoft Graph API (configuration‑as‑code for Intune/M365 where feasible)
Optimize licensing (E3/E5 add‑ons), storage, and service plans for cost control and best value
Author SOPs/runbooks, DR/BCP playbooks, and admin guardrails; train IT and power users

Qualification

Microsoft 365 administrationIntune/Endpoint ManagerConditional AccessPowerShellGraph APICross-tenant migrationDefender XDRMicrosoft certificationsSecurity-first mindsetCollaboration skills

Required

7+ years progressive IT experience; 5+ years hands‑on administering Microsoft 365/Entra ID/Intune at scale (1,000+ endpoints preferred)
Expert in Intune/Endpoint Manager (Windows 10/11, iOS/Android; macOS nice‑to‑have), Autopilot, BitLocker, baselines, compliance & update rings
Deep Conditional Access/MFA design experience; practical PIM/RBAC and least‑privilege patterns
Proven cross‑tenant migration experience (Exchange Online, Teams, SharePoint/OneDrive), coexistence, domain/DNS cutovers
Strong PowerShell and Graph API skills; configuration drift detection and automation
Hands‑on with Defender XDR (onboarding, policies, Advanced Hunting/KQL) and Purview (DLP, labels, retention)
Understanding of network dependencies for Microsoft 365 (VPN egress, Named Locations, split tunnel, egress IP stability) and ability to collaborate with ASA/Meraki teams
Security‑first mindset; familiarity with Zero Trust, CIS Benchmarks, NIST CSF, and audit‑ready documentation

Preferred

Microsoft certifications: MS‑100, MS‑101, MD‑102, SC‑300, SC‑200, AZ‑104 (or equivalent experience)
Experience with Entra ID Governance, access reviews, entitlement management
KQL proficiency; Sentinel or other SIEM integration
Intune/macOS management; packaging (IntuneWin/MSIX), and app modernization
Experience collaborating around Cisco ASAv, Meraki MX, and datacenter changes that affect CA/Named Locations
Prior work on merger/separation/tenant carve‑out programs with staged migration waves
Infrastructure‑as‑Code mindset for M365/Intune (“config as code”)

Company

Duos Technologies, Inc.

twittertwittertwitter
company-logo
Duos Technologies Group, Inc.
dateFounded in 1990
location
Jacksonville, Florida, USA
people-size51-200 employees
web-link
http://duostechnologies.com

Funding

Current Stage
Public Company
Total Funding
$46.55M
2025-07-30Post Ipo Equity· $40M
2016-04-20Post Ipo Debt· $1.8M
2008-11-21Series B· $1.13M

Leadership Team

leader-logo
Chuck Ferry
CEO
linkedin
leader-logo
Jeffrey Necciai
Chief Technology Officer
linkedin

Recent News

Duos Technologies Reports 112% Increase in Quarterly Revenue
2025-11-19
thefly.com
Duos Technologies appoints Recker as Corporate Officer, President
2025-09-16
citybiz
Duos Technologies Group Appoints Brian James To Board
2025-09-12
Company data provided by crunchbase