Senior M365 Support Engineer

Overview

Client First Technologies currently is seeking a Senior M365 Support Engineer to provide advanced Tier 3 engineering, operational, and escalation support for the Department of Veterans Affairs Microsoft 365 enterprise environment operating in a hybrid architecture with on-premises Active Directory authoritative control. This role delivers 24x7x365 end-to-end support across Exchange Online, OneDrive, SharePoint Online, Teams, and ancillary Microsoft 365 applications. The position sustains high-volume ticket resolution (4,000–6,000 tickets per month across workloads), leads complex troubleshooting and encryption remediation efforts, supports Microsoft Purview/eDiscovery operations, and enables proactive monitoring and automation to maintain service reliability and security across the VA enterprise.

• This is a full-time, remote position, with 40 hours expected per week
• Candidates must be available to work 8-to-10-hour shifts, though primary shift hours will be 11pm – 7am ET
• Weekend shifts may be required
• Weekly schedules may vary to ensure 24x7x365 coverage

CFT offers a full benefits package, a collaborative work environment and a strong company culture. Veterans and military spouses are encouraged to apply.

This position is contingent upon award.

Responsibilities

• Provide advanced Tier 3 engineering and 24x7x365 operational support for VA’s hybrid Microsoft 365 environment (on-prem Active Directory authoritative), ensuring compliance with Federal regulations and directives
• Monitor, manage, and resolve escalated incidents and service requests within the Tier 3 ServiceNow (SNOW) queue in accordance with established SLA response and resolution requirements
• Serve as senior escalation point for complex issues across Exchange Online, OneDrive, SharePoint Online, Microsoft Teams, Purview/eDiscovery, and Microsoft 365 G5 applications
• Perform Active Directory intra/inter-domain moves; provision and manage mailboxes, shared mailboxes, distribution groups, Microsoft 365 groups, and licensing assignments in a hybrid identity environment.
• Execute bulk administrative actions and configuration changes using PowerShell and approved automation methods
• Monitor and remediate alerts across on-premises and cloud-based messaging and collaboration infrastructure; conduct root cause analysis and implement corrective actions to prevent recurrence
• Troubleshoot advanced messaging and encryption issues including Azure Information Protection (AIP), Rights Management Services (RMS), Public Key Infrastructure (PKI), and S/MIME signing/encryption within Outlook and Exchange environments
• Configure, administer, and troubleshoot SharePoint Online site collections, permissions, lists, libraries, templates, workflows (SharePoint Designer and Power Automate), and integrated forms (PowerApps/InfoPath), including Teams-connected collaboration structures
• Resolve OneDrive sync, sharing, sign-in, ownership, and data recovery issues while enforcing secure sharing configurations
• Administer Microsoft Teams environments, embedded applications, and user lifecycle configuration
• Support Microsoft Purview eDiscovery activities including case creation, legal holds, content searches, encrypted content decryption, defensible exports (EDRM format), and chain-of-custody documentation
• Restore lost or deleted mailbox items and coordinate secure collection of data from Exchange Online, OneDrive, and SharePoint for investigative and compliance purposes
• Support Entra ID B2B authentication and collaboration integrations, including troubleshooting and secure configuration
• Develop and maintain Standard Operating Procedures (SOPs) and operational documentation in support of SLA-driven enterprise service delivery
• Identify and implement automation and process improvements to reduce recurring ticket volume and improve service reliability across high-demand workloads

Qualifications

• Bachelor’s degree in Information Technology, or a related field (or equivalent professional experience)
• Minimum eight (8) years of IT experience, with at least seven (7) years supporting enterprise Microsoft 365 environments
• Demonstrated experience providing Tier 3 engineering support in hybrid Microsoft 365 environments with on-prem AD authoritative configuration
• Experience supporting high-volume enterprise ticket
• Advanced troubleshooting experience in Exchange Online, SharePoint Online, OneDrive, and Teams
• Experience supporting email encryption technologies (AIP, RMS, PKI, S/MIME)
• Experience using PowerShell for administrative automation and bulk provisioning
• Strong understanding of hybrid identity (Azure AD/Entra ID with on-prem AD) and Entra ID B2B
• Knowledge of enterprise change management and configuration management frameworks
• Ability to operate in 24x7 support models and respond to high-priority incidents
• Experience developing SOPs, knowledge base documentation, and training materials
• Ability to lead complex troubleshooting efforts and mentor junior engineers
• Familiarity with security and compliance frameworks (RMF, encryption standards)
• Experience managing M365 telemetry and diagnostic logging including streaming audit data to enterprise SIEM solutions and utilizing KQL for log analysis

Preferred Technical Qualifications

• Experience working within federal or highly regulated enterprise environments preferred
• Certifications: Relevant Microsoft 365, Security, Messaging, or Identity certifications (e.g., Microsoft 365 Enterprise Administrator Expert, Messaging Administrator Associate, Teams Administrator Associate, Security/Compliance/Identity certifications) and/or ITIL Foundation or higher; equivalent advanced enterprise experience supporting hybrid Microsoft 365 environments may be accepted in lieu of specific certifications
• Microsoft 365 Enterprise Platform Expertise: Deep experience supporting Microsoft 365 G5 environments, including Exchange Online (hybrid), SharePoint Online, OneDrive for Business, Microsoft Teams, Microsoft Purview (eDiscovery and compliance), Azure Information Protection (AIP), and Rights Management Services (RMS)
• Hybrid Identity & Authentication: Strong working knowledge of Microsoft Entra ID (Azure AD), hybrid identity synchronization, on-prem Active Directory (authoritative model), B2B collaboration, and secure authentication integrations
• Messaging & Encryption Engineering: Advanced troubleshooting of mail flow, mailbox management, hybrid Exchange configurations, encryption technologies (AIP, RMS, S/MIME), and PKI integrations within enterprise environments
• SharePoint & Power Platform Administration: Experience configuring and administering SharePoint Online site collections, permissions, templates, lists, and libraries; developing and troubleshooting workflows and automation using SharePoint Designer and Power Automate; and building integrated forms and applications using PowerApps and related Power Platform capabilities
• Automation & Scripting: Proficiency in PowerShell (Exchange Online, SharePoint Online, Teams, Purview modules) for bulk provisioning, administrative automation, service optimization, and reporting
• Service Management & Monitoring: Experience managing high-volume enterprise support operations using ServiceNow (SNOW), monitoring cloud and on-prem alerts, conducting root cause analysis, and implementing corrective actions in SLA-driven environments

Physical Demands

• Must be able to sit and stand for extended periods of time
• Occasional travel and overtime may be required

Required Clearances and Screenings

• This position is subject to a government background investigation and must meet eligibility for a position designated with Moderate Risk sensitivity. Candidates with current Veterans Affairs (VA) Tier 2/Moderate Background Investigation or equivalent (e.g., DoD Tier 3/NACLC, Active Secret) are preferred