Systems Engineer II Microsoft

Space Coast Credit Union (SCCU), the 3^{rd largest credit union in Florida, is looking for an Systems Engineer II to join our ONESCCU team at our Melbourne Headquarters or Miramar Operations Center locations! SCCU has been in business for over 70 years, has over 8 billion dollars in assets and WE ARE GROWING!}

Our Members are our top priority and we stand behind our Brand Promise: Honest People, Trusted Products, Time Valued. We offer a rich benefits package and career advancement opportunities.

This is a 6 month contract to hire.

SCCU Team Member Benefits:

• ONESCCU annual bonus available!
• Hybrid Work Options Work from home up to 3 days a week.
• Flexible Schedule options!
• Medical, Dental, & Vision Insurance
• HSA (Health Savings Account) with SCCU matching contribution
• SCCU Paid Long Term and Short Term Disability coverage
• SCCU Paid Term Life Insurance
• Employee Assistance Program (EAP)
• Paid Time Off
• 401(K) PreTax Savings Plan with SCCU match 100% of the first 5% of employee contributions
• Tuition Reimbursement Program

• SCCU Team Member financial discounts & perks (save money every month!):

  • Loan Discounts Mortgage, 2nd Mortgage, Auto, Motorcycle, Boat etc. GAP coverage at half price
  • Fixed low rate credit card 5.99%, if approved
  • FREE Identify Theft Protection!
  • No fee SCCU accounts

  • Starting Salary Range

    • $107,570.92 $114,586.41 Central FL
    • $110,220.34 $117,408.63 South FL

    • 
      Purpose:
      The Microsoft Systems Engineer will design, build, implement, and maintain Space Coast Credit Union’s enterprise Microsoft platforms. This includes:
      • Administering and optimizing On Premises Active Directory—with an emphasis on replication topology, Sites & Services, multi forest trust models, and CIS benchmark hardening.
      • Engineering hybrid identity with Azure AD Connect Entra Cloud Sync (Password Hash Sync, Pass through Authentication, and stagingswing migration), Hybrid Join, and Microsoft Entra ID SSO (SCIM, SAML 2.0, OAuthOIDC, and Just In Time provisioning).
      • Owning full lifecycle deployment of Intune MDMMAM, Windows Autopilot, GPO to Intune configurationcompliance profile conversion, and endpoint protection with Microsoft Defender for Endpoint.
      • Architecting, administering, and troubleshooting Proofpoint PPSTAP secure mail gateways (DMARC DKIM SPF, malware & impersonation defense, smart host connectors, DLP, encryption).
      • Supporting Microsoft 365 (Exchange Online, SharePoint Online, OneDrive, Teams) and Azure IaaSPaaS resources for resilient collaboration and messaging.
      
      

      Principal Duties and Responsibilities:
      • Active Directory Engineering – Administer multi site, multi forest AD DS; design replication, schemaforest upgrades, delegated OU structures, and PKICA integration.
      • Hybrid Identity & Entra ID – Plan, deploy, and maintain Azure AD Connect Cloud Sync, Hybrid Join, Conditional Access, PIM, and SSO integrations (SCIM, SAML, OAuthOIDC).
      • Intune Autopilot Endpoint Security – Build and maintain Intune tenant, migrate legacy GPOs to Intune, create Autopilot deployment rings, publish compliance & configuration profiles, implement Defender for Endpoint and Proactive Remediations.
      • Proofpoint Administration – Install, configure, and tune PPSTAP clusters; manage policies, mail flow connectors, quarantine, and threat intel; troubleshoot end to end message delivery.
      • Microsoft 365 Services – Administer Exchange Online (hybrid mail flow, EOP), SharePoint Online, OneDrive, and Teams retentioneDiscovery.
      • Automation & Scripting – Develop PowerShell Graph scripts for deployment, reporting, and proofpointintune automation; maintain CICD pipelines where applicable.
      • Technical Support – Provide Tier III response and on call escalation for identity, device management, mail security, and collaboration platforms.
      • Project Participation – Lead or contribute to IT projects, create charters, timelines, and deliverables, and coordinate with cross functional teams.
      • Documentation – Produce and maintain high levellow level designs, runbooks, SOPs, and change control artifacts.
      • Security & Compliance – Enforce SCCU security baselines and FFIECNCUA requirements; participate in audits and risk assessments.
      • Vendor Liaison – Act as primary contact with Microsoft, Proofpoint, and other vendors for support cases, roadmap alignment, and licensing.
      • Continuous Improvement – Track emerging Microsoft and Proofpoint capabilities; recommend and pilot new features to enhance resilience, security, and user experience.
      
      

      JOB KNOWLEDGE, SKILLS & ABILITIES
      • Proven hands on expertise designing and implementing:
      o Azure AD Connect Cloud Sync topologies, Hybrid Join, federation models.
      o Intune MDMMAM, Windows Autopilot, and GPO to Intune migration.
      o Proofpoint PPS & TAP secure mail gateways, including DMARCDKIMSPF tuning.
      o Entra ID SSO, SCIM provisioning, SAML 2.0, OAuthOIDC, and Conditional Access.
      • Strong PowerShell Graph automation skills; ability to create JSONWin32 and Proactive Remediation scripts.
      • Excellent analytical and root cause troubleshooting skills for multi discipline issues (identity, mail flow, endpoint, security).
      • Effective project management, task prioritization, and stakeholder communication abilities.
      • Clear, concise verbal and written communication and documentation skills.
      • Preferred certifications:
      o Microsoft 365 Enterprise Administrator Expert (MS 102)
      o Entra ID Administrator Associate (SC 300) or Intune Administrator Associate (MD 102)
      o Proofpoint Certified Specialist (PPSTAP); CISSP, CISM, or similar.

      Minimum Qualifications:

      Education & Experience:
      • Level II: 5 8 years hands on engineering of hybrid AD DSAzure AD, IntuneAutopilot, Proofpoint (or equivalent), and Microsoft 365 platforms.

      A 4year college degree in Information Systems, Computer Engineering, or a related academic area, or equivalent experience, is required

      Hours;

      MondayFriday 8:005:00

      Every third Sunday for patching availability

      Able to work after hours as needed

      Participate in an oncall rotation