About Visy:Visy is a family-owned Australian business and a global pioneer in sustainable packaging, recycling and logistics. They operate across 150 sites globally, including operations in Asia, Europe, and the USA, supported by a dedicated workforce of over 7,000 employees. It is Australia and New Zealand’s largest manufacturer of food and beverage packaging, made from household recycling. As Australia’s largest recycler, it processes 40% of Australian households recycling. Visy also supports customers with logistics, packaging supplies, point of sale displays and more. At Visy India, their technology hub in Hyderabad, they are expanding their technical capabilities to support their global business.Position Summary:The Senior Systems Engineer is a key leader in the delivery of cyber security projects focused on enterprise identity infrastructure, including Microsoft Active Directory (AD), Microsoft Entrance ID, Endpoint Manager, and server environments. This role is responsible for owning the full project lifecycle: from understanding project scope, planning, and conducting impact assessments, through implementation, communication, driving user adoption, and comprehensive documentation. The engineer leads these initiatives, collaborating closely with the AD architect and other system engineers, but is accountable for project outcomes and delivery. As a subject matter expert (SME) in identity and access management (IAM), the engineer drives modernization, automation, and governance of identity solutions.Additionally, the Senior Systems Engineer is responsible for managing the transition of new processes and enhancements introduced through their projects. This includes overseeing the hypercare phase to ensure stability and user support, followed by a seamless handover to business-as-usual (BAU) operations or the relevant system engineering teams. These activities are crucial to maximizing the effectiveness of security initiatives and supporting organizational change with minimal disruption.What are the primary responsibilities of the Role?- Manage and maintain Microsoft server environments, ensuring systems are secure, stable, and up to date. - Administer Active Directory, including users, groups, GPOs, and OU structures, with a focus on security and compliance. - Implement and manage Entra ID / Azure AD, including SSO configurations and identity/access management tasks. - Perform server hardening, patch management, and apply security baselines across on-premises and hybrid environments. - Review, audit, and remediate file server permissions and access controls to ensure proper security. - Automate administrative and security tasks using PowerShell scripting. - Work with VMware/virtualized environments to deploy and manage virtual servers. - Troubleshoot and resolve complex technical issues related to servers, AD, and identity systems. - Follow IT service management processes, including handling service tickets, change management, and documentation. - Participate in or lead security-related projects, ensuring timely and effective implementation of improvements. - Administer Active Directory, including users, groups, GPOs, and OU structures, with a focus on security and compliance. - Implement and manage Entra ID / Azure AD, including SSO configurations and identity/access management tasks. - Perform server hardening, patch management, and apply security baselines across on-premises and hybrid environments. - Review, audit, and remediate file server permissions and access controls to ensure proper security. - Automate administrative and security tasks using PowerShell scripting. - Work with VMware/virtualized environments to deploy and manage virtual servers. - Troubleshoot and resolve complex technical issues related to servers, AD, and identity systems. - Follow IT service management processes, including handling service tickets, change management, Project Management and documentation. - Participate in or lead security-related projects, ensuring timely and effective implementation of improvements.Additional Responsibilities for Strategic Projects:- Lead the strategy and implementation of passwordless authentication solutions, leveraging Microsoft Entra ID and related technologies to enhance security and user experience. - Design and enforce browser hardening policies to mitigate risks and improve endpoint security. - Plan and execute the migration of Active Directory on-premises Group Policies to Microsoft Endpoint Manager, including analysis, mapping, and testing for seamless transition. - Automate group membership management for Autopatching, streamlining patch deployment and reducing manual intervention. - Review, consolidate, and decommission duplicate or outdated Group Policies, ensuring only necessary and recommended policies are migrated to Intune. - Implement and support Web Application Firewall (WAF) solutions, collaborating with application and security teams to protect web assets. - Assist in Active Directory security uplift projects, including but limited to risk assessments, remediation activities, and adoption of best practices for identity protection and access control.Experience & Qualifications:Mandatory (critical for the Role)- 8+ years of experience working with Microsoft server environments (Windows Server 2016/2019/2022), including installation, configuration, and maintenance. - Hands-on Active Directory administration, managing users, groups, GPOs, OUs, and performing security-related tasks. - Strong knowledge and proven experience of Entra ID / Azure AD, including identity management, access control, and security hardening in hybrid environments. - Experience with server hardening and configuration security, including patch management, security baselines, and system-level hardening. - File server security management, including reviewing, auditing, and remediating NTFS/share permissions and access controls. - Ability to implement security best practices across Microsoft environments, including monitoring, auditing, and compliance. - Excellent troubleshooting and problem-solving skills for complex on-prem and cloud hybrid setups. - Proven experience leading or contributing to security projects with measurable results. - Demonstrated knowledge of security frameworks and standards, including: NIST Cybersecurity Framework 2.0 and Essential Eight. - Ability to translate framework requirements into actionable security controls, policies, and technical solutions for Active Directory, Entra ID, and related systems. - Experience planning and executing the uplift and migration of Group Policies from Active Directory on premises to Endpoint Manager, ensuring policy effectiveness and compliance in modern management environments.Key Technical Skills:Skills (Technical, Business, Leadership)- Solid experience with Windows Servers and server hardening. - Active Directory and on-prem AD security, including managing users, groups, GPOs, and OUs. - Entra ID / Azure AD administration and SSO configuration for enterprise applications. - Expertise in Microsoft Endpoint Manager (Intune) and System Center Configuration Manager (SCCM). - PowerShell scripting for automation, reporting, and security tasks. - Familiarity with VMware and virtualization, including deploying and managing virtual servers. - Experience in file server access management, auditing, reviewing, and fixing permissions. - Demonstrated ability to lead change management initiatives, impact assessment and drive user adoption. - Strong understanding of security best practices in hybrid Microsoft environments.
Job Title
Senior Systems Engineer (AD/Entra ID) [T500-22564]