Senior Infrastructure Engineer

About The Position

Requirements

• Minimum 7+ years in infrastructure engineering, systems engineering, or hybrid cloud operations.
• Hybrid infrastructure architecture (on-prem, SaaS, AWS, Azure)
• Networking: SD-WAN, VPN, firewalls, LAN/Wi-Fi
• Identity & Access Management: Azure AD / Entra ID, RBAC, SSO
• Infrastructure as Code: Terraform, CloudFormation
• Automation: Ansible, Intune, JAMF, scripting
• DevOps: CI/CD, Docker, Kubernetes
• Security tooling integration and Zero Trust enablement
• Monitoring, observability, and incident remediation
• Advanced troubleshooting and root-cause analysis
• Cross-functional technical leadership
• Clear technical documentation and communication
• Ability to operate autonomously with enterprise-level responsibility

Nice To Haves

• CompTIA Security+
• AWS Certified SysOps Administrator – Associate
• AWS Certified DevOps Engineer – Professional
• Certified Kubernetes Administrator (CKA)
• CISSP (Certified Information Systems Security Professional)
• Microsoft Azure Administrator Associate (AZ-104)

Responsibilities

• Serve as the Tier 4 escalation authority for infrastructure-related incidents, owning complex troubleshooting and resolution across multi-site environments.
• Define, track, and report infrastructure reliability and service metrics, including uptime, incident resolution time, and service health indicators, in partnership with Support Services staff.
• Provide technical mentorship and escalation guidance to Support Services staff and enable cross-training for site-based users to support baseline operational continuity.
• Architect, implement, and maintain hybrid and SaaS-first infrastructure, including on-premises systems, cloud platforms, and secure access services.
• Administer and optimize enterprise operating systems including Windows Server, Windows 10/11, MacOS, and Linux.
• Design, operate, and optimize virtualized and cloud environments (VMware, Hyper-V, AWS, Azure) with a focus on scalability, reliability, and cost efficiency.
• Establish and maintain Infrastructure as Code (IaC) standards using Terraform, CloudFormation, Ansible, Puppet or equivalent tools to ensure repeatable and auditable deployments.
• Own the design, implementation, and lifecycle management of enterprise network infrastructure, including: LAN and Wi-Fi platforms (Unifi Dream Machine SE, switches, access points) SD-WAN, VPN, and secure remote access solutions (RapidScale VeloCloud, FortiGate EMS)
• Ensure network architectures align with Zero Trust access principles, reliability standards, and business continuity requirements.
• Partner with DevOps teams to integrate infrastructure into CI/CD pipelines (GitHub Actions, Jenkins, Azure DevOps).
• Design and support containerized platforms using Docker and Kubernetes to enable scalable application delivery.
• Lead infrastructure automation for configuration, patching, deployment, and remediation using Ansible, Intune (Windows/Android), JAMF (Mac/iOS), and scripting (PowerShell, Bash, Python).
• Support application release processes through environmental design, infrastructure readiness, and rollback planning.
• Act as the infrastructure engineering partner to IT Security in the design and implementation of Zero Trust Architecture and micro-segmentation strategies.
• Integrate and operationalize EDR, SIEM, and monitoring platforms (e.g., Wazuh, Microsoft Defender, Splunk, Datadog) to ensure reliable telemetry and response workflows.
• Ensure infrastructure compliance with NIST, CIS v8, ISO 27001, SOC 2, and internal security standards.
• Lead infrastructure-side vulnerability remediation and coordinate penetration testing follow-up activities.
• Own identity and access governance, including RBAC and directory services using Azure AD / Entra ID.
• Support physical security systems (e.g., Alarm.com access control and cameras) in coordination with Facilities.
• Own infrastructure responsibilities within Disaster Recovery (DR) and Business Continuity Planning (BCP), including backup validation and recovery readiness.
• Manage and validate cloud-to-cloud and SaaS backup platforms (Barracuda for Microsoft 365, OWN for Salesforce).
• Participate in business continuity exercises and maintain multi-site recovery documentation.
• Design and maintain infrastructure observability standards using platforms such as Datadog and New Relic.
• Monitor third-party service health and vendor outages using external monitoring tools.
• Lead root-cause analysis and automated remediation development to prevent recurring incidents and improve platform reliability.
• Maintain authoritative technical documentation, including architecture diagrams, SOPs, and knowledge base articles using Confluence and SharePoint.
• Oversee hardware and software asset lifecycle management, inventory accuracy, and audit readiness using tools such as Snipe-IT and Smartsheet.
• Ensure reliable communication through Microsoft Teams, RingCentral, and Zoom.
• Collaborate with internal stakeholders (Support, DevOps, Security, Engineering, Product, and Data teams) to align IT services with business needs