Senior Systems Engineer, Microsoft

WHY HARVEY At Harvey, we’re transforming how legal and professional services operate — not incrementally, but end-to-end. By combining frontier agentic AI, an enterprise-grade platform, and deep domain expertise, we’re reshaping how critical knowledge work gets done for decades to come. This is a rare chance to help build a generational company at a true inflection point. With 1000+ customers in 60+ countries, strong product-market fit, and world-class investor support, we’re scaling fast and defining a new category in real time. The work is ambitious, the bar is high, and the opportunity for growth — personal, professional, and financial — is unmatched. Our team is sharp, motivated, and deeply committed to the mission. We move fast, operate with intensity, and take real ownership of the problems we tackle — from early thinking to long-term outcomes. We stay close to our customers — from leadership to engineers — and work together to solve real problems with urgency and care. If you thrive in ambiguity, push for excellence, and want to help shape the future of work alongside others who raise the bar, we invite you to build with us. At Harvey, the future of professional services is being written today — and we’re just getting started. ROLE OVERVIEW We are seeking a Senior Systems Engineer to own and manage Harvey's Microsoft platform across Intune, M365, and Entra ID. You will be the technical owner of our Microsoft ecosystem spanning corporate production, development, and demo environments — architecting device management policies, deploying and managing M365 tenants, and collaborating with our Security team on identity and access management through Entra. Harvey is a fast-growing legal AI company, and this role is critical to ensuring our employees — many of whom are lawyers and legal professionals — have a seamless, secure, and well-managed Microsoft experience from their first day. You'll also be responsible for building and maintaining viable demo and test environments that support Engineering, Product, and Sales. You'll work closely with teammates across Business Technology, Security, Engineering, and People teams in an environment where Okta serves as the primary identity provider and Microsoft is a key platform within a broader ecosystem. WHAT YOU'LL DO - Own end-to-end Microsoft 365 and Intune architecture across corporate production, dev, and demo environments, including tenant strategy, governance, and lifecycle management. - Build, automate, and maintain multi-tenant demo and test environments with seeded data, realistic users, and scripted resets for Engineering, Product, and Sales teams. - Standardize and streamline Intune device management: Autopilot, enrollment, configuration and compliance policies, Win32/MSIX app packaging and deployment, patching, and reporting for Windows and macOS endpoints. Manage iOS and Android MDM as needed. - Own laptop deployment configuration, including establishing golden Windows images, standard baselines, and endpoint hardening policies in partnership with the Security team. - Implement reusable infrastructure-as-code and automation (PowerShell, Microsoft Graph, Bicep/Terraform, CI/CD) for environment provisioning and policy enforcement. - Collaborate with the Security team to define and enforce Entra ID policies, including conditional access, MFA, RBAC/PIM, and zero trust configurations — integrating with our Okta-centric identity ecosystem. - Manage M365 tenant administration across multiple environments, including app registrations, Graph API scopes, licensing optimization, and Entra configuration. - Provide Tier 3 support and root-cause analysis for Microsoft platform issues; build monitoring, alerting, and reporting to proactively identify and resolve problems before they impact employees. - Create and maintain clear documentation, runbooks, architecture diagrams, and golden configurations; enable self-service where practical. - Partner with Engineering and Product on validation scenarios and with Sales on accurate, compelling demo environments; track KPIs on environment readiness and Intune adoption. WHAT YOU HAVE - 7+ years of experience in IT systems engineering, with deep expertise in Microsoft Intune and M365 administration at scale. - Hands-on experience managing multi-tenant Microsoft environments, including production, dev, and demo configurations. - Proven success building automated demo and test labs, including data seeding and environment reset workflows. - Strong PowerShell and Microsoft Graph API skills; solid infrastructure-as-code experience (Bicep or Terraform) and CI/CD pipelines. - Deep Intune experience: Autopilot, Win32/MSIX packaging, configuration and compliance policies, BitLocker/FileVault, patching, and endpoint analytics across both macOS and Windows. - Experience with Entra ID (Azure AD), including conditional access, SSO, identity governance, and integrat