Welcome to Pabst! We may be 180 years old but we will never stop exploring with energy and excitement.We have some of America's most iconic brands and are on a quest to realize their future potential. We want you to join the team if you are... A DOER WHO DARES TO DREAM! Right now, we are looking for a Microsoft Systems Administrator located in San Antonio, TX to join our Cyber Security Team. The person in this role will be principally responsible for the ownership, protection, and management of the Pabst Microsoft Stack Security platform(s) of all Pabst Cyber Security efforts, systems, and digital assets. The ideal candidate will have experience in cyber security programs and teams, as well as an understanding of cyber security risks and solutions. This person will report to our Cyber Security Manager and assist with developing and implementing strategies to protect our data and systems from cyber-attacks, as well as working with other departments to ensure that all employees are aware of and following best practices for cyber security. What We Offer:
- Flexibility: a hybrid (Monday's and Friday's WFH, Tuesday - Thursday in the office) work schedule, unlimited vacation time, 9 sick days, 10 holidays, 2 volunteer days
- Care: comprehensive health care plans, a 401(k) match contribution with immediate vesting, Paid Parental Leave, Short-term Disability, Long-Term Disability, Life Insurance, and much, much more...note all benefits are subject to plan rules and, if applicable, waiting periods
- Nourishment: for your soul with our casual, yet driven work environment, for your stomach with free snacks and drinks, and for your brain with challenges and cross-functional collaboration
What you'll do:
- Design, implement and support on-Premises and cloud infrastructure solutions and access to all systems across the organization, leveraging Azure AD and Active Directory Services, with added security monitoring, incident detection & response.
- Maintain essential IT infrastructure, including operating systems, security tools, applications, servers, email systems, laptops, desktops, software, and hardware
- Perform server administration tasks (ex: user/group, security permissions, group policies, print services); research event-log warnings and errors; and monitor resources to ensure that systems architecture components work together seamlessly
- Monitor data-center health using existing management tools, and respond to hardware issues as they arise; help build, test, and maintain new servers when needed
- Maintain internal infrastructure requirements, including laptop and desktop computers, servers, routers, switches, firewalls, printers, phones, security updates; support internet, intranet, LANs, WANs, and network segments
- Assist the help desk and other teams with troubleshooting to identify root cause, and provide technical support when needed
- Perform routine and scheduled audits of all systems, including backups and Disaster Recovery procedures
- Subject matter expert in Active Directory Forests, ADDS, GPMC (Group Policy Management Console), Azure AD, Windows OS and Azure Windows Server OS, Domain Controllers, and Office365/M365 apps and services.
- Daily identifying misconfigurations and vulnerabilities in our infrastructure and making the appropriate clean-up and changes when needed, engaging internal stakeholders, employees, partners, and vendors when necessary.
- Oversee the design, implementation, and administration of one or more security/IAM/PAM solutions (i.e. Microsoft Purview/AIP or MIP, Conditional Access, RBAC, Single Sign On/federation) and have experience with one or more automation tools, such as PowerShell, KQL, Python, etc.
- Monitors emerging products, technologies or best practices that will improve security for the organization and stake holders.
- Maintains relationships with current vendors and may engage new ones, for the maintenance and advancement of the organizations (Pabst) overall security systems engineering and architecture.
- Serve as a consultation resource for the Support team in their Identity Governance and Administration (IGA) efforts for on-boarding and off-boarding of all types of user accounts.
- Respond to access requests and change requests from dev, data and support teams, which may involve creating, modifying or implementing infrastructure, identity and security controls.
- Coordinate the implementation of process improvements and automation, and manage escalations, issues or high-priority tasks Provide guidance and mentorship and assign tasks to/for technical teams.
What you'll need:
- Bachelor's degree in computer science, information technology, or related field preferred.
- 7-10 years of overall I.T. experience with 4-5 years working with identity technologies including Active Directory Domain Services, Azure Active Directory, Federation, Multi-Factor Authentication, SSO, Identity Governance Administration, Privileged Access Management, Group Policy Management, and similar systems.
- 4-5 years of experience designing, configuring, and deploying Microsoft Security tools for a mid-size to large organization, including but not limited to Microsoft 365 Defender, Defender for Identity, Defender for Cloud, Defender for Endpoint and Microsoft Sentinel.
- Subject Matter Expert in creating and deploying Microsoft security and monitoring controls, with automated incident monitoring, detection, and suppression.
- Expert knowledge in designing and implementing AAD identity and access management, with conditional access controls.
- Expert knowledge integrating on-premises Active Directory with AAD, to allow users to access both cloud and non-premises resources using the same credentials.
- Experience in creating and deploying security and monitoring controls, with automated incident monitoring, detection, and suppression.
- Intermediate knowledge in virtualization and virtual environments.
- Expert knowledge in Active Directory Forests, ADDS, GPMC (Group Policy Management Console), Azure AD, Windows OS and Windows Server OS, Domain Controllers, and Office365/M365 apps and services.
- Intermediate knowledge in networking infrastructure (VLAN, VNET, Firewalls) and networking transmission protocols including but not limited to TLS, TCP, SMNP, FTP, HTTP, SAML.
If this is you, please apply today! PBC takes pride in developing and promoting talent as an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, national origin, gender, age, religion, disability, veteran status, or any other category protected by law. By fostering a diverse business environment, PBC welcomes opportunities to learn from each other, our customers, and business partners. California Residents click HERE for our Privacy Notice.