Senior Network & Systems Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or related field preferred, or equivalent combination of education, certifications, and relevant experience.
• Must hold one or more Microsoft/Azure certifications: Azure Administrator, Azure Security Engineer, Azure Network Engineer, or Cybersecurity Architect Expert.
• Must hold one or more networking certifications: CCNP, CCNA, Network+, CCIE, JNCIA, or equivalent.
• 5+ years of experience in systems administration, security, and network management, preferably in financial services.
• 5+ years of experience managing enterprise networking infrastructure including firewalls (Palo Alto, FortiGate, preferably Cato), switches (Meraki, FortiSwitch), and technologies such as TCP/IP, DNS, DHCP, VLANs, BGP, OSPF, Wi-Fi, and VPNs.
• 5+ years of experience administering Microsoft 365, hybrid AD DS/Azure AD, Intune/Autopilot, Active Directory, Azure, Exchange (on-prem and online), and Microsoft collaboration tools.
• 5+ years of experience in IP addressing and Windows server/workstation administration, including router configuration.
• 5+ years supporting enterprise infrastructure operations, end-user computing, and advanced troubleshooting.
• 1+ year of experience supporting VoIP telephone systems.
• Experience with identity and access technologies: GPO to Intune migration, Entra ID SSO, SCIM provisioning, SAML 2.0, OAuth/OIDC, Conditional Access.
• Strong knowledge of LAN/WAN technologies: TCP, UDP, SNMP, IPv6, VLSM, CIDR, NAT (static, dynamic, PAT).
• Experience with secure remote access: IPsec VPN, SSL VPN, PKI, multi-factor authentication (LDAP, RADIUS, TACACS+, certificates, tokens, CAC cards).
• Working knowledge of security/compliance frameworks: NIST, ISO 27001, SOC 2; FFIEC preferred.
• Experience with endpoint security tools including antivirus/antimalware and EDR solutions.
• Experience with certificate management including SSL/TLS and PKI infrastructure.
• Experience with storage systems (NAS, SAN).
• Experience with infrastructure automation tools (Ansible, Terraform) and scripting (PowerShell, Python).
• Experience responding to security and network questionnaires and customer technical inquiries.
• Strong troubleshooting, problem-solving, and adaptability to new technologies.
• Excellent written and verbal communication skills, with ability to translate technical concepts for non-technical audiences and strong interpersonal skills.

Nice To Haves

• Preferred certifications include: CISSP, CCSP, CEH, GSEC, or equivalent.
• Equivalent hands-on experience may substitute for some certification requirements.

Responsibilities

• Deliver advanced technical support for complex system, infrastructure, and application issues by diagnosing root causes, implementing solutions, and managing incidents and service requests in alignment with service level agreements and escalation protocols; escalate risks or unresolved issues as needed.
• Manage and troubleshoot network, system, and end-user computing environments by administering user access, supporting onboarding/offboarding, and deploying, configuring, and maintaining hardware and software; manage escalated support requests in alignment with ITIL-based incident, change, and problem management practices.
• Monitor, maintain, and optimize network infrastructure to ensure performance, reliability, and scalability; support the design and implementation of network solutions and upgrades; investigate and resolve complex network and service issues, lead escalations, perform root cause analysis, and develop monitoring and troubleshooting workflows to improve network health, including Cato and Fortinet environments.
• Administer and support core infrastructure services and servers (e.g., DNS, DHCP, domain controllers, ERP), including installation, configuration, patching, and upgrades; manage SSL certificates, IP addressing, and network protocols; collaborate with security teams while supporting implementation and operation of infrastructure security controls; monitor and troubleshoot network performance and connectivity.
• Engineer and support enterprise identity and endpoint management solutions, including Active Directory (Sites & Services, multi-forest trusts, CIS hardening), hybrid identity with Entra ID (Azure AD Connect/Cloud Sync, SSO, provisioning), and full lifecycle deployment of Intune, Windows Autopilot, configuration profiles, and endpoint protection with Microsoft Defender.
• Architect, administer, and support Azure and Microsoft 365 environments, including IaaS/PaaS resources, collaboration and messaging platforms (Exchange, SharePoint, Teams, OneDrive), and endpoint security; implement and maintain email security, data protection, and threat defense solutions using Microsoft Defender and Bitdefender.
• Collaborate with leadership, vendors, and IS teams to evaluate and implement system integrations and resolve complex issues; lead solution recommendations, gather requirements, and support project planning; research, test, and implement hardware and software integrations, and analyze existing systems to improve efficiency and support evolving business needs.
• Develop and maintain comprehensive technical documentation, including systems, configurations, procedures, support processes, and internal standards, to support operational consistency, audit readiness, and knowledge transfer.
• Document all system changes clearly and ensure stakeholders are informed in advance.
• Monitor system jobs and performance across core, network, and banking applications to ensure efficient operation.
• Manage deployment of applications, software, and patches per guidelines, and support routine maintenance including proactive monitoring of server updates, patching system alert, and performance trends.
• Evaluate systems and processes to identify and implement improvements that enhance efficiency, reliability, security, and scalability, including opportunities for automation and innovation.
• Support vendor and asset management, project and administrative tasks, and ensure operational reliability, security, and regulatory compliance.
• Assist with IS/IT audits, including change request reviews, DR testing, access reviews, and issue escalation.
• Provide technical leadership, guidance and mentorship to team members, review scripts and automation workflows, and support ongoing infrastructure and process improvements, along with other assigned duties.