POSITION SUMMARY
The IT Infrastructure & Security Manager is Leftbank Art's senior technical operator, responsible for the day-to-day reliability, security, and integrity of the company's IT environment. This role owns helpdesk operations, Microsoft 365 and Entra ID administration, endpoint and identity management, network and server infrastructure, SQL Server and database administration, and IT security operations.
A critical near-term priority for this role is the documentation of Leftbank Art's current IT environment — systems, configurations, integrations, and tribal knowledge — ahead of and in support of the company's planned migration from Sage 100c to Microsoft Dynamics 365 Business Central. This person will serve as the IT execution partner on that migration, working alongside the Director of Operations and any engaged implementation vendors, without owning ERP strategy or integration architecture independently.
Reporting directly to the Director of Operations, this manager leads a team of two and serves as a reliable, hands-on IT resource for department heads across operations, finance, sales, and creative. The role also supports responsible adoption of AI productivity tools — including Microsoft Copilot, Claude, and ChatGPT — in coordination with HR and Operations.
Location: La Mirada, CA | On-Site
Work Schedule: Monday–Friday, 6:00 a.m.–3:30 p.m. This is a full-time, exempt position with a minimum expected workweek of 45 hours.
KEY RESPONSIBILITIES
Helpdesk & End-User Support
- Manage day-to-day helpdesk operations for approximately 180 employees, ensuring timely resolution of hardware, software, and connectivity issues.
- Maintain ticket workflows, escalation paths, and response SLAs; provide regular reporting on support volume and resolution performance to the Director of Operations.
- Serve as the escalation point for complex or high-priority support issues.
- Maintain hardware inventory, device lifecycle tracking, and software licensing records across the organization.
Microsoft 365 & Identity Management
- Administer and maintain the Microsoft 365 tenant, including Exchange Online, Teams, SharePoint, OneDrive, and licensing.
- Manage Entra ID (Azure AD) and Active Directory, including user provisioning and deprovisioning, group policy, conditional access policies, and identity lifecycle coordination with HR.
- Maintain and improve the company's AD security group structure and role-based access controls.
- Administer Microsoft Intune for device enrollment, compliance policies, and mobile device management.
- Support Power Platform operations (Power Apps, Power Automate, SharePoint), including enforcing data loss prevention policies established by leadership.
ERP Support & Migration Participation
- Serve as the IT execution partner on the planned migration from Sage 100c (current production ERP, including vendor-held customizations, EDI, and e-commerce sync) to Microsoft Dynamics 365 Business Central.
- Coordinate with the Director of Operations, implementation vendors, and department leads on IT-side migration tasks including infrastructure readiness, user access setup, data transfer support, and cutover logistics.
- Maintain working knowledge of the current Sage 100c environment — including its customizations and integrations — to support documentation, troubleshooting, and transition planning.
- Support Business Central administration post-go-live, including user management, access controls, and coordination with the BC vendor on support issues.
- Do not independently own ERP strategy, integration architecture, or vendor selection — these are directed by the Director of Operations.
Infrastructure, Network & SQL Server
- Manage on-premises and cloud infrastructure including Windows servers, storage, networking equipment, and backup systems.
- Administer SQL Server instances supporting business applications, including Sage 100c and related integrations; responsible for database maintenance, backup and recovery, performance monitoring, and query support.
- Oversee network architecture, VPN, firewall configuration, and internet connectivity across the La Mirada facility.
- Plan and execute infrastructure projects — hardware refreshes, system migrations, and cloud initiatives — as directed by leadership.
- Ensure uptime, redundancy, and disaster recovery readiness across critical business systems.
Security & Compliance
- Maintain and improve the company's IT security posture, including endpoint protection, email security, multi-factor authentication, and threat monitoring.
- Implement and enforce IT security policies, acceptable use standards, and incident response procedures as defined by leadership.
- Conduct patch management, routine vulnerability remediation, and periodic security reviews.
- Support vendor risk management for third-party software, SaaS platforms, and IT service providers.
- Assist with compliance requirements related to data protection and business continuity.
AI Tool Support & Adoption
- Support the rollout and day-to-day administration of AI productivity tools in use across the organization, including Microsoft Copilot (M365), Claude (Anthropic), and ChatGPT (OpenAI).
- Enforce acceptable use policies and access controls for AI platforms as established by HR and Operations.
- Assist employees with AI tool questions, access issues, and appropriate use guidance.
- Flag new AI tool requests to the Director of Operations for evaluation prior to adoption.
Vendor & Asset Management
- Coordinate with IT vendors, managed service providers, and SaaS suppliers on support, renewals, and issue escalation.
- Track IT spend and assist the Director of Operations with budget planning and procurement decisions.
- Maintain software license compliance and hardware asset records.
REQUIRED QUALIFICATIONS
- Bachelor's degree in Information Technology, Computer Science, or a related field — or equivalent professional experience.
- 5+ years of hands-on IT systems administration or IT management experience in a business environment of 100+ employees.
- Demonstrated expertise administering Microsoft 365 and Entra ID, including Exchange Online, Teams, SharePoint, conditional access, and user lifecycle management.
- Solid working knowledge of Active Directory, group policy, and role-based access control.
- Experience managing endpoints with Microsoft Intune or a comparable MDM platform.
- Strong infrastructure background including Windows Server administration, networking fundamentals (TCP/IP, DNS, DHCP, VPN, firewall), and backup and recovery systems.
- Hands-on SQL Server administration experience, including database maintenance, backup and restore, performance monitoring, and support for application-connected databases.
- Practical experience with ERP systems in an administrative or support capacity; familiarity with Sage 100c, Microsoft Dynamics 365 Business Central, or similar mid-market ERP platforms is a strong plus.
- Demonstrated experience maintaining IT security operations, including endpoint protection, MFA enforcement, patch management, and incident response.
- Familiarity with AI productivity platforms (Microsoft Copilot, Claude, ChatGPT) and the IT administration and policy considerations they introduce.
- Clear, direct communicator who can work effectively with non-technical staff and report status and issues to leadership without requiring technical translation.
PREFERRED QUALIFICATIONS
- Microsoft certifications such as MS-102 (Microsoft 365 Enterprise Administrator Expert), SC-300 (Identity and Access Administrator), AZ-104 (Azure Administrator), or equivalent.
- Experience supporting a manufacturing, distribution, or wholesale product company.
- Direct experience with Sage 100c, including its customization and integration landscape (EDI, e-commerce sync).
- Hands-on participation in an ERP migration or major system cutover.
- Experience with Microsoft Dynamics 365 Business Central administration.
- Familiarity with Power Platform operations including Power Apps, Power Automate, and DLP policy enforcement.
- CompTIA Security+, CISSP, or equivalent security certification.
- Experience in a small IT team (1–3 people) where broad ownership and self-sufficiency are required.
WHAT SUCCESS LOOKS LIKE
In the first 12 months, the IT Infrastructure & Security Manager will:
- Produce a comprehensive written inventory of Leftbank Art's IT environment — systems, configurations, integrations, credentials, vendors, and known gaps — ensuring institutional knowledge is documented and no longer held by a single person.
- Establish reliable, documented helpdesk workflows with measurable SLA benchmarks and consistent reporting to the Director of Operations.
- Tighten identity and access management across Microsoft 365 and Entra ID, with clean, HR-coordinated provisioning and deprovisioning workflows.
- Demonstrate working familiarity with the current Sage 100c environment and actively contribute to the IT readiness work supporting the Business Central migration.
- Implement or validate patch management, endpoint protection, and MFA enforcement across all managed devices and accounts.
- Support the rollout of AI productivity tools in compliance with policies set by HR and Operations.
- Earn the trust of department heads as a responsive, dependable IT resource.
ABOUT LEFTBANK ART
Leftbank Art (Outlook Resources, Inc.) is a leading wholesale art publisher and distributor based in La Mirada, California. We produce and distribute fine art reproductions, décor, and licensed imagery to retailers, hospitality accounts, and interior designers across North America and Internationally. Our team of approximately 180 employees spans creative, operations, sales, and distribution — all supported by a growing technology infrastructure built on the Microsoft ecosystem.
Pay: $105,000.00 - $125,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Employee assistance program
- Life insurance
- Paid time off
- Retirement plan
- Vision insurance
Work Location: In person