Senior IT Support Engineer

Job Information

Job Title

Department

IT

Reports To

IT Manager

Location

Aghalee (base location, travel expected)

Salary Range

£45k to £55k depending on experience

Job Purpose

Were seeking a hands-on Senior Networking & Support Engineer to lead complex incident resolution, own core infrastructure, and deliver cloud-first projects across AWS and Microsoft 365. Youll be our escalation point for networking/security, design and operate VPCs and IAM in AWS, implement Microsoft Intune/Entra ID (including SSO) at scale, and harden Windows Server/AD environments. The ideal candidate blends deep troubleshooting with solid project delivery and security-by-design.

Duties and Responsibilities

• Design, deploy, and operate EC2 workloads (Windows), Auto Scaling Groups, ALB/NLB, AMIs, and Systems Manager for patching and runbooks.
• Build and Maintain secure VPC architectures (subnetting, routing, NAT/IGW, Security Groups/NACLs, VPC endpoints, hybrid VPN/Direct Connect).
• Implement IAM roles, policies, instance profiles, and least-privilege RBAC; manage KMS for encryption at rest.
• Configure CloudWatch/CloudTrail, metrics/alarms, centralised logging, and cost optimisation
• Operate AWS Backup and snapshot policies; participate in DR planning and testing with defined RTO/RPO.
• Intune implementation: Windows Autopilot (Pre-provisioned/UGM), device enrolment (Azure AD Join/Hybrid), compliance policies, configuration profiles, baselines, and Endpoint Security (BitLocker, Defender, ASR, Firewall).
• Manage application lifecycle in Intune: Win32 packaging, LOB and Store apps, app protection policies (MAM), update rings/feature updates, and driver/firmware management.
• Architect Conditional Access (MFA, risk-based, compliant-device, location/network filters), device compliance posture, and group-based targeting/assignments.

Networking & Security

• Administer routing/switching (VLANs, STP, LACP), IPv4/IPv6, site-to-site/IPSec and SSL VPNs; DNS/DHCP, NTP, and network services resilience.
• Configure next-gen firewalls, IDS/IPS, web filtering, content security, and remote access; manage SD-WAN where applicable.
• Implement network segmentation, zero trust principles, and QoSespecially for VoIP and latency-sensitive apps.
• Manage PKI/certificates: CSR generation, issuance, renewal automation, and certificate lifecycle across servers, load balancers, and apps.

Windows Server, Active Directory & RDS

• Support data integration and reporting tools to improve visibility across the supply chain
• Ensure data accuracy and integrity in operational and customer-facing applications
• Govern SharePoint/OneDrive permissions, sharing policies, sensitivity labels, and DLP/retention, support migrations and information architecture.
• Operate Teams/Teams Phone interop with existing PBX/SBCs where needed.
• Deploy and support VoIP solutions: SIP trunks, SBCs, dial plans, call routing, E911/999 configuration, QoS tagging and monitoring.

Backup, DR & Security Operations

• Own backup strategy (3-2-1/immutability) for onprem, cloud, and Microsoft 365; monitor job success and conduct restoration tests.
• Coordinate vulnerability management and remediation (OS, apps, cloud); collaborate with SOC/MDR where applicable.
• Maintain security incident runbooks, access reviews, and change control (CAB) with strong documentation.

Service Delivery & Support

• Act as L3 escalation for complex incidents/problems; drive root cause analysis and permanent fixes.
• Create high-quality documentation, runbooks, and userfacing knowledge base articles.
• Automate routine tasks using PowerShell (and/or Python); contribute to CI/CD/IaC where appropriate.

Knowledge, skills and experience required

• 5+ years in enterprise IT with L3 support, networking, and systems administration responsibilities.
• Proven expertise across: AWS (EC2, VPC, IAM, Load Balancing, Auto Scaling), Windows Server/AD, Intune/Entra ID (including Conditional Access and Autopilot), and enterprise networking/security.
• Handson experience with VoIP deployments and QoS, and with SharePoint/OneDrive administration.
• Strong understanding of cyber security best practice (least privilege, patching, hardening, logging/monitoring, incident response).
• Excellent troubleshooting, documentation, and stakeholder communication skills.
• Experience in transport, logistics or supply chain systems
• Familiarity with TMS/WMS platforms and fleet management solutions
• AWS/Microsoft Certifications
• Networking / Security Certifications (ITIL, CompTIA Security+)

Personal Attributes

• Analytical mindset with a solutions-focused approach
• Strong communication and collaboration skills
• Ability to manage multiple tasks and deliver to deadlines
• Proactive, innovative, and adaptable in a changing environment
• Join a company focused on innovation, sustainability and growth
• Exposure to large-scale digital transformation projects in a leading logistics organisation
• Professional development and training opportunities
• A competitive salary and company benefits are available for the right candidate

Note: This description is intended to be a guide of what duties are most likely to be but should not be taken as a definitive list. Hannon may adapt duties as deemed necessary.