Job Information
Job Title
Senior IT Support Engineer
Department
IT
Reports To
IT Manager
Location
Aghalee (base location, travel expected)
Salary Range
£45k to £55k depending on experience
Job Purpose
Were seeking a hands-on Senior Networking & Support Engineer to lead complex incident resolution, own core infrastructure, and deliver cloud-first projects across AWS and Microsoft 365. Youll be our escalation point for networking/security, design and operate VPCs and IAM in AWS, implement Microsoft Intune/Entra ID (including SSO) at scale, and harden Windows Server/AD environments. The ideal candidate blends deep troubleshooting with solid project delivery and security-by-design.
Duties And Responsibilities
Cloud (AWS)
* Design, deploy, and operate EC2 workloads (Windows), Auto Scaling Groups, ALB/NLB, AMIs, and Systems Manager for patching and runbooks.
* Build and Maintain secure VPC architectures (subnetting, routing, NAT/IGW, Security Groups/NACLs, VPC endpoints, hybrid VPN/Direct Connect).
* Implement IAM roles, policies, instance profiles, and least-privilege RBAC; manage KMS for encryption at rest.
* Configure CloudWatch/CloudTrail, metrics/alarms, centralised logging, and cost optimisation
* Operate AWS Backup and snapshot policies; participate in DR planning and testing with defined RTO/RPO.
Microsoft Intune / Entra ID (Azure AD) & SSO
* Intune implementation: Windows Autopilot (Pre-provisioned/UGM), device enrolment (Azure AD Join/Hybrid), compliance policies, configuration profiles, baselines, and Endpoint Security (BitLocker, Defender, ASR, Firewall).
* Manage application lifecycle in Intune: Win32 packaging, LOB and Store apps, app protection policies (MAM), update rings/feature updates, and driver/firmware management.
* Architect Conditional Access (MFA, risk-based, compliant-device, location/network filters), device compliance posture, and group-based targeting/assignments.
Networking & Security
* Administer routing/switching (VLANs, STP, LACP), IPv4/IPv6, site-to-site/IPSec and SSL VPNs; DNS/DHCP, NTP, and network services resilience.
* Configure next-gen firewalls, IDS/IPS, web filtering, content security, and remote access; manage SD-WAN where applicable.
* Implement network segmentation, zero trust principles, and QoSespecially for VoIP and latency-sensitive apps.
* Manage PKI/certificates: CSR generation, issuance, renewal automation, and certificate lifecycle across servers, load balancers, and apps.
Windows Server, Active Directory & RDS
* Support data integration and reporting tools to improve visibility across the supply chain
* Ensure data accuracy and integrity in operational and customer-facing applications
Collaboration: Microsoft 365 (SharePoint/OneDrive/Teams)
* Govern SharePoint/OneDrive permissions, sharing policies, sensitivity labels, and DLP/retention, support migrations and information architecture.
* Operate Teams/Teams Phone interop with existing PBX/SBCs where needed.
Voice/Telephony (VoIP)
* Deploy and support VoIP solutions: SIP trunks, SBCs, dial plans, call routing, E911/999 configuration, QoS tagging and monitoring.
Backup, DR & Security Operations
* Own backup strategy (3-2-1/immutability) for onprem, cloud, and Microsoft 365; monitor job success and conduct restoration tests.
* Coordinate vulnerability management and remediation (OS, apps, cloud); collaborate with SOC/MDR where applicable.
* Maintain security incident runbooks, access reviews, and change control (CAB) with strong documentation.
Service Delivery & Support
* Act as L3 escalation for complex incidents/problems; drive root cause analysis and permanent fixes.
* Create high-quality documentation, runbooks, and userfacing knowledge base articles.
* Automate routine tasks using PowerShell (and/or Python); contribute to CI/CD/IaC where appropriate.
Essential
Knowledge, skills and experience required
* Bachelors degree in Computer Science / IT (or equivalent experience).
* 5+ years in enterprise IT with L3 support, networking, and systems administration responsibilities.
* Proven expertise across: AWS (EC2, VPC, IAM, Load Balancing, Auto Scaling), Windows Server/AD, Intune/Entra ID (including Conditional Access and Autopilot), and enterprise networking/security.
* Handson experience with VoIP deployments and QoS, and with SharePoint/OneDrive administration.
* Strong understanding of cyber security best practice (least privilege, patching, hardening, logging/monitoring, incident response).
* Excellent troubleshooting, documentation, and stakeholder communication skills.
Desirable
* Experience in transport, logistics or supply chain systems
* Familiarity with TMS/WMS platforms and fleet management solutions
* AWS/Microsoft Certifications
* Networking / Security Certifications (ITIL, CompTIA Security+)
Personal Attributes
* Analytical mindset with a solutions-focused approach
* Strong communication and collaboration skills
* Ability to manage multiple tasks and deliver to deadlines
* Proactive, innovative, and adaptable in a changing environment
Why join Hannon Transport
* Join a company focused on innovation, sustainability and growth
* Exposure to large-scale digital transformation projects in a leading logistics organisation
* Professional development and training opportunities
* A competitive salary and company benefits are available for the right candidate
Note: This description is intended to be a guide of what duties are most likely to be but should not be taken as a definitive list. Hannon may adapt duties as deemed necessary.