Job Information Job Title Senior IT Support Engineer Department IT Reports To IT Manager Location Aghalee (base location, travel expected) Salary Range £45k to £55k depending on experience Job Purpose Were seeking a hands-on Senior Networking & Support Engineer to lead complex incident resolution, own core infrastructure, and deliver cloud-first projects across AWS and Microsoft 365. Youll be our escalation point for networking/security, design and operate VPCs and IAM in AWS, implement Microsoft Intune/Entra ID (including SSO) at scale, and harden Windows Server/AD environments. The ideal candidate blends deep troubleshooting with solid project delivery and security-by-design. Duties and Responsibilities Cloud (AWS) Design, deploy, and operate EC2 workloads (Windows), Auto Scaling Groups, ALB/NLB, AMIs, and Systems Manager for patching and runbooks. Build and Maintain secure VPC architectures (subnetting, routing, NAT/IGW, Security Groups/NACLs, VPC endpoints, hybrid VPN/Direct Connect). Implement IAM roles, policies, instance profiles, and least-privilege RBAC; manage KMS for encryption at rest. Configure CloudWatch/CloudTrail, metrics/alarms, centralised logging, and cost optimisation Operate AWS Backup and snapshot policies; participate in DR planning and testing with defined RTO/RPO. Microsoft Intune / Entra ID (Azure AD) & SSO Intune implementation: Windows Autopilot (Pre-provisioned/UGM), device enrolment (Azure AD Join/Hybrid), compliance policies, configuration profiles, baselines, and Endpoint Security (BitLocker, Defender, ASR, Firewall). Manage application lifecycle in Intune: Win32 packaging, LOB and Store apps, app protection policies (MAM), update rings/feature updates, and driver/firmware management. Architect Conditional Access (MFA, risk-based, compliant-device, location/network filters), device compliance posture, and group-based targeting/assignments. Networking & Security Administer routing/switching (VLANs, STP, LACP), IPv4/IPv6, site-to-site/IPSec and SSL VPNs; DNS/DHCP, NTP, and network services resilience. Configure next-gen firewalls, IDS/IPS, web filtering, content security, and remote access; manage SD-WAN where applicable. Implement network segmentation, zero trust principles, and QoSespecially for VoIP and latency-sensitive apps. Manage PKI/certificates: CSR generation, issuance, renewal automation, and certificate lifecycle across servers, load balancers, and apps. Windows Server, Active Directory & RDS Support data integration and reporting tools to improve visibility across the supply chain Ensure data accuracy and integrity in operational and customer-facing applications Collaboration: Microsoft 365 (SharePoint/OneDrive/Teams) Govern SharePoint/OneDrive permissions, sharing policies, sensitivity labels, and DLP/retention, support migrations and information architecture. Operate Teams/Teams Phone interop with existing PBX/SBCs where needed. Voice/Telephony (VoIP) Deploy and support VoIP solutions: SIP trunks, SBCs, dial plans, call routing, E911/999 configuration, QoS tagging and monitoring. Backup, DR & Security Operations Own backup strategy (3-2-1/immutability) for onprem, cloud, and Microsoft 365; monitor job success and conduct restoration tests. Coordinate vulnerability management and remediation (OS, apps, cloud); collaborate with SOC/MDR where applicable. Maintain security incident runbooks, access reviews, and change control (CAB) with strong documentation. Service Delivery & Support Act as L3 escalation for complex incidents/problems; drive root cause analysis and permanent fixes. Create high-quality documentation, runbooks, and userfacing knowledge base articles. Automate routine tasks using PowerShell (and/or Python); contribute to CI/CD/IaC where appropriate. Knowledge, skills and experience required Essential Bachelors degree in Computer Science / IT (or equivalent experience). 5+ years in enterprise IT with L3 support, networking, and systems administration responsibilities. Proven expertise across: AWS (EC2, VPC, IAM, Load Balancing, Auto Scaling), Windows Server/AD, Intune/Entra ID (including Conditional Access and Autopilot), and enterprise networking/security. Handson experience with VoIP deployments and QoS, and with SharePoint/OneDrive administration. Strong understanding of cyber security best practice (least privilege, patching, hardening, logging/monitoring, incident response). Excellent troubleshooting, documentation, and stakeholder communication skills. Desirable Experience in transport, logistics or supply chain systems Familiarity with TMS/WMS platforms and fleet management solutions AWS/Microsoft Certifications Networking / Security Certifications (ITIL, CompTIA Security+) Personal Attributes Analytical mindset with a solutions-focused approach Strong communication and collaboration skills Ability to manage multiple tasks and deliver to deadlines Proactive, innovative, and adaptable in a changing environment Why join Hannon Transport Join a company focused on innovation, sustainability and growth Exposure to large-scale digital transformation projects in a leading logistics organisation Professional development and training opportunities A competitive salary and company benefits are available for the right candidate Note: This description is intended to be a guide of what duties are most likely to be but should not be taken as a definitive list. Hannon may adapt duties as deemed necessary.