Job Information
Senior IT Support Engineer – Location: Aghalee (base location, travel expected). Salary Range: £45k to £55k depending on experience. Department: IT. Reports To: IT Manager.
Overview
We are seeking a hands-on Senior Networking & Support Engineer to lead complex incident resolution, own core infrastructure, and deliver cloud-first projects across AWS and Microsoft 365. You will be the escalation point for networking and security, design and operate AWS VPCs and IAM, implement Microsoft Intune/Entra ID (including SSO) at scale, and harden Windows Server/AD environments. The ideal candidate blends deep troubleshooting with solid project delivery and security-by-design.
Duties And Responsibilities
* Cloud (AWS)
o Design, deploy, and operate EC2 workloads (Windows), Auto Scaling Groups, ALB/NLB, AMIs, and Systems Manager for patching and runbooks.
o Build and maintain secure VPC architectures (subnetting, routing, NAT/IGW, Security Groups/NACLs, VPC endpoints, hybrid VPN/Direct Connect).
o Implement IAM roles, policies, instance profiles, and least-privilege RBAC; manage KMS for encryption at rest.
o Configure CloudWatch/CloudTrail, metrics/alarms, centralised logging, and cost optimisation.
o Operate AWS Backup and snapshot policies; participate in DR planning and testing with defined RTO/RPO.
* Microsoft Intune / Entra ID (Azure AD) & SSO
o Intune implementation: Windows Autopilot (Pre-provisioned/UGM), device enrolment (Azure AD Join/Hybrid), compliance policies, configuration profiles, baselines, and Endpoint Security (BitLocker, Defender, ASR, Firewall).
o Manage application lifecycle in Intune: Win32 packaging, LOB and Store apps, app protection policies (MAM), update rings/feature updates, and driver/firmware management.
o Architect Conditional Access (MFA, risk-based, compliant-device, location/network filters), device compliance posture, and group-based targeting/assignments.
* Networking & Security
o Administer routing/switching (VLANs, STP, LACP), IPv4/IPv6, site-to-site/IPSec and SSL VPNs; DNS/DHCP, NTP, and network services resilience.
o Configure next-gen firewalls, IDS/IPS, web filtering, content security, and remote access; manage SD-WAN where applicable.
o Implement network segmentation, zero trust principles, and QoS—especially for VoIP and latency-sensitive apps.
o Manage PKI/certificates: CSR generation, issuance, renewal automation, and certificate lifecycle across servers, load balancers, and apps.
* Windows Server, Active Directory & RDS
o Support data integration and reporting tools to improve visibility across the supply chain.
o Ensure data accuracy and integrity in operational and customer-facing applications.
* Collaboration: Microsoft 365 (SharePoint/OneDrive/Teams)
o Govern SharePoint/OneDrive permissions, sharing policies, sensitivity labels, and DLP/retention; support migrations and information architecture.
o Operate Teams/Teams Phone interop with existing PBX/SBCs where needed.
* Voice/Telephony (VoIP)
o Deploy and support VoIP solutions: SIP trunks, SBCs, dial plans, call routing, E911/999 configuration, QoS tagging and monitoring.
* Backup, DR & Security Operations
o Own backup strategy (3-2-1/immutability) for on-prem, cloud, and Microsoft 365; monitor job success and conduct restoration tests.
o Coordinate vulnerability management and remediation (OS, apps, cloud); collaborate with SOC/MDR where applicable.
o Maintain security incident runbooks, access reviews, and change control (CAB) with strong documentation.
* Service Delivery & Support
o Act as L3 escalation for complex incidents/problems; drive root cause analysis and permanent fixes.
o Create high-quality documentation, runbooks, and user-facing knowledge base articles.
o Automate routine tasks using PowerShell (and/or Python); contribute to CI/CD/IaC where appropriate.
Essential – Knowledge, Skills and Experience
* Bachelor’s degree in Computer Science / IT (or equivalent experience).
* 5+ years in enterprise IT with L3 support, networking, and systems administration responsibilities.
* Proven expertise across AWS (EC2, VPC, IAM, Load Balancing, Auto Scaling), Windows Server/AD, Intune/Entra ID (including Conditional Access and Autopilot), and enterprise networking/security.
* Hands-on experience with VoIP deployments and QoS, and with SharePoint/OneDrive administration.
* Strong understanding of cybersecurity best practices (least privilege, patching, hardening, logging/monitoring, incident response).
* Excellent troubleshooting, documentation, and stakeholder communication skills.
Desirable
* Experience in transport, logistics or supply chain systems.
* Familiarity with TMS/WMS platforms and fleet management solutions.
* AWS/Microsoft Certifications.
* Networking / Security Certifications (ITIL, CompTIA Security+).
Personal Attributes
* Analytical mindset with a solutions-focused approach.
* Strong communication and collaboration skills.
* Ability to manage multiple tasks and deliver to deadlines.
* Proactive, innovative, and adaptable in a changing environment.
Why join Hannon Transport
* Join a company focused on innovation, sustainability and growth.
* Exposure to large-scale digital transformation projects in a leading logistics organisation.
* Professional development and training opportunities.
* A competitive salary and company benefits are available for the right candidate.
Note: This description is intended to be a guide of what duties are most likely to be but should not be taken as a definitive list. Hannon may adapt duties as deemed necessary.
LNKD1_UKTJ
#J-18808-Ljbffr