About Graphcore 
Graphcore is one of the world’s leading innovators in Artificial Intelligence compute.  It is developing hardware, software and systems infrastructure that will unlock the next generation of AI breakthroughs and power the widespread adoption of AI solutions across every industry.  As part of the SoftBank Group, Graphcore is a member of an elite family of companies responsible for some of the world’s most transformative technologies. Together, they share a bold vision: to enable Artificial Super Intelligence and ensure its benefits are accessible to everyone.   Graphcore’s teams are drawn from diverse backgrounds and bring a broad range of skills and perspectives. A melting pot of AI research specialists, silicon designers, software engineers and systems architects, Graphcore enjoys a culture of continuous learning and constant innovation.  
Job Summary
We are seeking an experienced Windows Administrator responsible for managing and supporting the enterprise Windows environment. This will include supporting both on-prem Microsoft Active Directory and Entra ID (formerly Azure AD) (in a Hybrid deployment), Endpoint device management, Windows OS deployment/configuration, PowerShell scripting, automation, device security and patching compliance. The ideal candidate will have expertise in managing client devices, Active Directory Certificate Services, (ADCS), Public Key Infrastructure (PKI), and a broad range of other Windows Server and client technologies. 
They should feel comfortable working in a team of Windows Administrators and a wider team of multiple disciplines/skillsets and geographical areas. 
The Team
You’ll be joining a multi-disciplinary team with strong technical skills and a very supportive culture. We work closely together, regularly share knowledge, and your skills will make a direct impact on our business. It’s an exciting and pivotal moment for us right now, with plenty of new projects ahead. If you're looking to solve interesting problems and see your work deliver real-world results, this is the team for you.
Responsibilities and Duties
- Windows OS ‘bare-metal’ deployment to Laptops/Desktops/VMs
- This is currently MDT (Microsoft Deployment Toolkit), but transferable skills and knowledge from technologies like MECM, SCCM, Intune, WinPE and associated tools would be desirable.
- Perform application packaging, deployment, and lifecycle management. (Again there will be transferable skills from various products).
- Troubleshoot deployment issues and optimize software rollout processes.
- Entra ID (Azure AD):
- Administer and support Entra ID, including user management, access policies, and security configurations in a ‘hybrid’ configuration using Azure AD Connect.
- Implement and manage Single Sign-On (SSO), Multi-Factor Authentication (MFA) (Using Duo not Azure MFA), and conditional access policies.
- Integrate on-prem Active Directory with Entra ID for hybrid environments.
- PowerShell Scripting and Automation:
- Develop and maintain version-controlled PowerShell scripts for automation tasks related to user management, system administration, and software deployment. This could include querying AD, Entra ID, MS Graph etc.
- Create custom scripts to streamline repetitive tasks, enhance system monitoring, and improve operational efficiency.
- Active Directory (On-Prem):
- Manage and support on-prem Active Directory including Group Policy Objects (GPOs), domain controllers, user accounts, and permissions.
- Ensure AD replication, health, and availability across the organization.
- A knowledge of how to Implement and manage trust relationships, forests, and cross-domain management.
- Windows Public Key Infrastructure (PKI):
- Administer and maintain Windows PKI (ADCS) environments including certificate issuance, renewal, and revocation.
- Ensure secure communication within the organization by managing certificates for users, devices, and services.
- Client End-User (Endpoint) Device Management:
- Administer client devices (Windows workstations, laptops, etc.) ensuring they are compliant with corporate policies. This could have transferable skills from 3rd party tools).
- Troubleshoot hardware and software issues on end-user devices.
- Manage Windows updates, security patches, and antivirus solutions across the client environment.
- Ensure device encryption and endpoint security policies are enforced.
- Automation & System Integration:
- Implement automation solutions to optimize the efficiency of daily administrative tasks.
- Use configuration management tools (e.g., MECM/GPOs) to manage end-user devices, profiles, and policies.
- Integrate on-prem and cloud services for seamless IT operations.
- Monitoring & Reporting:
- Monitor system performance, event logs, and health metrics across all Windows systems.
- Generate reports on system health, performance, security posture, and compliance levels.
- Proactively resolve issues to maintain maximum system uptime.
- General Windows Administration:
- Manage Windows Server environments, ensuring regular updates, security patches, and performance optimization.
- Perform system backups and ensure disaster recovery readiness.
- Participate in system migrations, upgrades, and new infrastructure implementations.
- Collaboration & Support:
- Work closely with other IT teams (networking, security, application support) to provide an integrated service.
- Provide support to end-users and resolve escalated technical issues.
- Ensure compliance with organizational security policies and industry best practices.
- SharePoint Online (Office 365) Administration and Support:
- Administer and maintain SharePoint Online environments, ensuring proper permissions, security settings, and compliance with organizational policies.
- Provide support for SharePoint Online, including site creation, document libraries, lists, workflows, and integrations with other Office 365 services.
- Troubleshoot issues related to SharePoint performance, permissions, and user access.
- Assist with SharePoint Online migrations, upgrades, and site optimizations.
- Implement governance and best practices for SharePoint content management, site structures, and information architecture.
- Collaborate with teams to enhance SharePoint features, such as automating workflows using Power Automate and integrating with Microsoft Teams.
Candidate Profile 
Essential:
- Experience: hands on experience in Windows administration, MECM or MDT knowledge desirable, Active Directory and the wider Entra/Azure AD MS Suite – Exchange Online, SharePoint etc.
- Technical Skills:
- In-depth experience with OS and application deployment.
- Proficiency in Entra ID (Azure AD) and on-prem Active Directory.
- Strong PowerShell scripting skills and experience with automation tools.
- Knowledge of Windows PKI (ADCS) and certificate management.
- Experience with Windows Server and client device management.
- Familiarity with endpoint security tools, patch management, and software distribution.
- Certifications: Microsoft Certified: Azure Administrator Associate, Microsoft Certified: Windows Server Hybrid Administrator, or other relevant certifications preferred.
- Other Skills: Excellent problem-solving skills, attention to detail, strong communication, and ability to work independently and as part of a team.
Desirable:
- Experience with cloud environments, specifically Microsoft 365 and Azure.
- Knowledge of networking concepts, firewalls, and VPNs.
- Experience with virtualization technologies (e.g., Hyper-V, VMware).
- Experience with Intune or other Mobile Device Management (MDM) platforms.
- Experience with Microsoft SQL servers
- Experience with Microsoft Radius servers
Benefits
In addition to a competitive salary, Graphcore offers flexible working, a generous annual leave policy, private medical insurance and health cash plan, a dental plan, pension (matched up to 5%), life assurance and income protection. We have a generous parental leave policy and an employee assistance programme (which includes health, mental wellbeing, and bereavement support). We offer a range of healthy food and snacks at our central Bristol office and have our own barista bar! We welcome people of different backgrounds and experiences; we’re committed to building an inclusive work environment that makes Graphcore a great home for everyone. 
We offer an equal opportunity process and understand that there are visible and invisible differences in all of us. We can provide a flexible approach to interview and encourage you to chat to us if you require any reasonable adjustments.Applicants for this position must hold the right to work in the UK. Unfortunately at this time, we are unable to provide visa sponsorship or support for visa applications