Infrastructure Engineer IV

About The Position

Requirements

• A degree in Computer Science, Information Systems, Cybersecurity, or a related field; or equivalent work experience
• 3–5 years in cloud infrastructure, systems engineering, or security-focused roles
• Strong experience with Microsoft 365, Entra ID, Intune, Conditional Access, Defender for Endpoint/Identity and Microsoft Purview, Azure Sentinel or comparable SIEM platform, and PowerShell automation for identity and security tasks
• Solid understanding of firewalls, VLANs, and endpoint hardening practices
• Strong documentation habits and familiarity with NIST-CSF or similar frameworks
• Excellent collaboration and problem-solving skills

Nice To Haves

• Microsoft certifications (e.g., SC-200, AZ-500, MS-102)
• Experience with Fortinet firewalls and VLAN design
• Experience supporting compliance with NIST-CSF, GDPR, or CCPA
• Familiarity with SaaS security integration and Microsoft Secure Score initiatives

Responsibilities

• Maintain and optimize Entra ID Conditional Access policies, identity protection settings, and MFA enforcement rules
• Align infrastructure and security configurations with frameworks such as NIST-CSF to support compliance and risk reduction
• Define and administer Intune compliance policies; collaborate with the System Administrator on secure device enrollment standards
• Lead the configuration and oversight of Microsoft Defender for Endpoint, Identity, Office, and Cloud Apps; collaborate with the System Administrator on tuning and triage of security alerts.
• Design, enforce, and support Microsoft Purview policies (e.g., DLP, sensitivity labels, information protection)
• Collaborate on Secure Score improvements and risk remediation tracking
• Build and maintain Azure Sentinel rules, data connectors, and automation playbooks for incident detection and escalation
• Review cross-platform security alerts and lead triage, remediation, and reporting activities in collaboration with IT team members
• Document incident response processes and coordinate with the IT Director
• Configure and support Fortinet firewalls, VPN access, NAT rules, and segmentation of business/lab/Wi-Fi networks
• Administer managed switches, VLANs, firmware updates, internal DNS, public IPs, and cloud network architecture
• Perform quarterly configuration audits and respond to infrastructure performance issues via system health dashboards
• Maintain and periodically test Disaster Recovery (DR) runbooks in collaboration with the System Administrator and IT leadership
• Collect and organize evidence for customer security reviews, audits, and compliance assessments (NIST, ISO, etc.)
• Monitor and validate enforcement of internal IT policies (e.g., Password Policy, Limited Access Policy) through technical controls
• Maintain documentation of configurations, access controls, audit logs, and system control points
• Assist the System Administrator with escalations, endpoint troubleshooting, and scripting/automation
• Provide architectural guidance and act as escalation point for infrastructure-related issues
• Contribute to internal knowledge base, IT runbook development, and documentation standards
• Assist with SaaS intake security reviews and onboarding of new cloud applications
• Support IT roadmap planning, tool evaluations, and long-term scalability strategies

Benefits

• medical
• dental
• vision
• life insurance
• 401k
• paid sick time
• paid time off for vacation
• paid holidays
• paid community service days
• professional/personal learning program
• applicable state/federal paid family leave