ESTREEM

Internal IT Manager

ESTREEM

full-time

Posted on:

Location Type: Hybrid

Location: ParisFrance

Visit company website

Explore more

AI Apply
Apply

Job Level

SeniorLead

Tech Stack

AzureDNSTypeScript

About the role

  • Ensure a high-quality employee experience
  • Deploy a smooth, consistent and user-friendly Digital Workplace for all employees.
  • Instill a service-oriented culture within the IT team: proactive communication, responsiveness, professionalism and a pedagogical approach.
  • Lead efforts to measure quality and employee satisfaction.
  • Industrialize onboarding and offboarding processes to make them simple, fast and reliable.
  • Identify and reduce user pain points through active listening and regular feedback loops.
  • Communicate changes to employees regarding their work environment.
  • Supervise and develop the Internal IT team.
  • Manage a service-oriented team distributed across Paris, Toulouse, Lyon and Porto.
  • Develop the team’s technical and interpersonal skills.
  • Structure processes, responsibilities and KPIs to support operations.
  • Oversee identity and access security management.
  • Lead the migration from AD to Entra ID (Azure AD), including RBAC, groups and roles management.
  • Ensure access management via SSO, enforced MFA, Conditional Access and Access Reviews.
  • Manage app registrations, SaaS connections (SAML/OIDC) and admin OAuth consents.
  • Automate the identity and access lifecycle (HRIS → IAM).
  • Administer the Digital Workplace and messaging/email systems.
  • Administer and secure Windows endpoints and mobile devices via Intune (MDM/MAM, hardening, encryption, compliance).
  • Secure email: Anti-Phish, Anti-Spam, Safe Links, Safe Attachments, SPF/DMARC/DKIM.
  • Manage Microsoft 365 collaboration tools: Teams, SharePoint, OneDrive, external sharing and B2B guest access.
  • Deploy data classification and DLP policies.
  • Support internal AI usage while ensuring security and confidentiality.
  • Administer Infrastructure and Network.
  • Manage remote access (VPN) and its security (MFA and Conditional Access).
  • Administer Wi‑Fi networks, guest networks and network segmentation.
  • Oversee the internal PKI (endpoint certificates, VPN, Wi‑Fi).
  • Administer DNS, DHCP, backups/restores and ensure infrastructure resilience.
  • Secure Internet exposure (reverse proxy, WAF, anti‑DDoS).
  • Ensure operational security and compliance.
  • Run security awareness campaigns (notably phishing simulations).
  • Monitor Internet exposure and rapidly remediate identified vulnerabilities.
  • Ensure application governance: qualification, periodic review and decommissioning.
  • Manage software and hardware obsolescence.
  • Optimize the IT budget and manage suppliers.
  • Build and manage the internal IT budget.
  • Optimize costs (Microsoft licenses, SaaS, hardware) without sacrificing service quality.
  • Manage procurement and hardware inventory.
  • Manage vendors, service providers and partners; track SLAs and contractual commitments.

Requirements

  • 8+ years of IT experience, including several years managing teams and running an internal IT environment.
  • Strong expertise with Microsoft environments (Entra ID, Intune, M365) and in IAM/SSO.
  • Proven experience securing environments (endpoints, network, email, access).
  • Solid hands-on experience managing network infrastructure, VPN and enterprise Wi‑Fi.
  • Experience in continuous improvement, process structuring and a service-oriented culture.
  • Comfortable working in demanding environments (fintech, SaaS, scaleups) and managing vendors & budgets.
Benefits
  • Meal vouchers
  • Company health insurance
  • Time Savings Account (Compte Épargne Temps - CET)
  • 50% public transport reimbursement
  • Attractive compensation package (base salary + variable linked to target achievement)
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
identity and access managementsingle sign-onmulti-factor authenticationAzure ADIntunenetwork infrastructureVPN managementdata loss preventionWindows endpoint securityemail security
Soft Skills
service-oriented cultureproactive communicationresponsivenessprofessionalismpedagogical approachteam developmentprocess structuringactive listeningfeedback loopsbudget optimization