Responsibilities:
Own Tickets End-to-End:
- Take complex SaaS and cloud tickets from intake to resolution without escalation.
- Communicate directly with clients in clear, professional written English throughout the lifecycle of every ticket.
- Document the resolution and update internal KB so the next person does not start from zero.
- Escalate only when truly necessary — and when you do, escalate with a clear summary, what you have tried, and a recommendation.
Cloud & SaaS Administration:
- Google Workspace: OU design, sharing policies, group management, security settings, Vault, admin console deep-dive.
- Microsoft 365: Entra ID, Exchange Online, SharePoint, Teams, Intune, Conditional Access, Defender.
- Identity & SSO: Okta, JumpCloud, Google as IdP, SAML/SCIM integrations.
- SaaS application administration across the accounting tech stack (QuickBooks Online, Xero, Karbon, Ignition, expense management tools, etc.).
- Endpoint management: Intune, JumpCloud, Kandji, or similar for Mac and Windows fleets.
- Email security: SPF, DKIM, DMARC; phishing investigation; spam/quarantine review.
Cybersecurity Advisory (For Accounting Firms):
- Advise clients on security best practices appropriate for accounting firms (data handling, client confidentiality, IRS Publication 4557 considerations, WISP requirements).
- Recommend and implement MFA strategies, password manager rollouts, conditional access policies.
- Triage suspected phishing, account compromise, and data exposure incidents.
- Help clients understand the "why" behind security recommendations, not just the "what."
- Guide clients through security questionnaires and basic compliance asks (SOC 2 vendor reviews, insurance questionnaires, etc.).
Client-Facing Communication:
- Write clear, professional emails and ticket responses — never leave a client confused about what is happening or what to do next.
- Translate technical issues into plain English for non-technical clients (accountants are smart but not IT people).
- Handle frustrated clients with patience and de-escalate without making promises we cannot keep.
- Run client-facing screen-share sessions when needed; walk through changes confidently.
Internal Contribution:
- Identify recurring ticket patterns and propose permanent fixes or documentation.
- Contribute to the knowledge base; keep runbooks current.
- Mentor junior technicians informally on harder tickets.
Requirements:
Must-Have Technical Skills:
- 4+ years in a cloud-focused support engineering or senior IT support role.
- Deep, hands-on expertise with both Google Workspace and Microsoft 365 admin consoles — not just end-user level, but real admin work (OU/group design, sharing controls, security configurations, audit logs).
- Strong understanding of identity and access management: SSO, SAML, MFA, conditional access policies.
- Working knowledge of endpoint management (Intune, JumpCloud, Kandji, Addigy, or similar).
- Familiarity with email authentication (SPF, DKIM, DMARC) and phishing investigation.
- Comfortable with basic scripting or APIs (PowerShell for M365, GAM/GAMADV-XTD3 for Google Workspace is a big plus).
Must-Have Soft Skills:
- Excellent written English — C1 minimum, C2 preferred. Your writing will be the primary thing clients see; if it is stiff, unclear, or full of errors, this role does not work. We will test this directly.
- Strong customer service instincts: patient, professional, never defensive.
- Ability to make judgment calls without asking permission for every step.
- Confident handling clients independently — you do not need a manager on standby.
Cybersecurity Mindset:
- Understands why accounting firms have elevated security requirements.
- Can think about a request from a security angle without being asked.
- Familiar with common security frameworks at a working level (not necessarily certified, but you know what SOC 2, NIST CSF, and WISP are and why they matter for an accounting firm).
Experience Indicators:
- Demonstrated tenure: at least one role of 3+ years in a similar position (we will verify).
- Experience working directly with US-based clients in a professional services context.
- Examples of complex tickets you owned end-to-end.
Nice-to-Have:
- Google Workspace Administrator certification.
- Microsoft 365 certifications (MS-102, SC-300, MS-900).
- Security certifications (Security+, SSCP, or similar).
- Experience working with accounting or financial services clients specifically.
- Familiarity with accounting-specific SaaS tools (QBO, Xero, Karbon, etc.).
The Right Mindset:
- You read a ticket and immediately think "what is the cleanest way to solve this," not "who can I send this to."
- You finish what you start.
- You take pride in writing emails clients actually understand.
- You think about security implications without being prompted.
- You would rather ask one clarifying question than make three wrong assumptions.
What This Role Is Not:
- Not a traditional MSP role with on-prem servers, switches, or firewalls.
- Not an L1 ticket-grinding role — AI and junior techs handle that.
- Not a strategy or vCIO role.
- Not a pure people management role.
Hiring Process:
- Screening call (30 min) — background and fit.
- Written communication test — we will send you a real (sanitized) client ticket and ask you to draft the response. This is the single biggest filter for this role.
- Technical interview (60 min) — scenario-based deep dive across Google Workspace, M365, identity, and security.
- Paid work sample (4-6 hours, paid at your hourly rate) — a real-world scenario you will work through, document, and present.
- Reference calls — including backchannel references.
- Final conversation with Support Desk Lead.
