Sr Staff Infrastructure Systems Engineer
About The Position
We are looking for an Infrastructure Systems Engineer to build and own the internal platform that powers the company: identity, endpoints, networks, and security that will make company-wide impact. This role focuses on infrastructure for people and internal systems: Identity (SSO, RBAC, lifecycle), Endpoints (Mac, Windows, Linux), Access (device trust, zero-trust networking), Internal platform and automation, and IT Security & Compliance. We are an AI-forward engineering organization where engineers use AI as a force multiplier in their daily work, and systems are designed assuming AI-assisted development and operations. We value engineers who experiment, adapt quickly, and adopt better tools. If you are not already using AI tools to write code, automate workflows, and debug systems in your daily work, this role will not be a fit.
Requirements
- 12+ yrs proven experience building and owning infrastructure systems
- Deep experience with identity systems (Azure AD / Entra or equivalent; SAML/OAuth/SCIM)
- Strong experience managing heterogeneous endpoint fleets (Mac, Windows, Linux; MDM such as Intune/Jamf/Kandji)
- Hands-on experience with network security and modern connectivity patterns (VPNs, WireGuard, zero-trust networking)
- Strong scripting and automation skills (Python, Bash, or similar)
- Experience integrating systems via APIs and event-driven workflows
- Experience operating in regulated environments (CMMC, ITAR, FedRAMP-like)
Nice To Haves
- Treat internal infrastructure like a product, not a helpdesk
- Automate everything that happens more than once
- Reduce complexity instead of adding it
- Think in terms of identity-first and network-minimized architectures
- Can debug across identity, network, endpoint, and cloud boundaries
- Have strong opinions about how systems should be built—and can back them up
- Experience in GCC High environments (Microsoft Entra ID)
- Familiarity with Amazon Web Services GovCloud or Google Cloud Platform Assured Workloads
- Experience with WireGuard-based networking or modern secure access platforms (e.g., Tailscale, Cloudflare Zero Trust)
- Experience supporting hardware, lab, or manufacturing environments
- Experience designing zero-trust or device-trust architectures
Responsibilities
- Own identity as a first-class system (SSO, RBAC, lifecycle, device trust)
- Build a fully automated onboarding/offboarding pipeline
- Design and operate endpoint infrastructure across Mac, Windows, and Linux
- Eliminate manual IT work through automation, scripting, and tooling
- Architect secure network infrastructure across office, lab, and remote environments
- Design and implement modern access patterns (e.g., WireGuard-based networking, zero-trust, device-aware access)
- Own firewall and perimeter security (Palo Alto, Juniper, or equivalent)
- Enable secure, compliant access to cloud environments (AWS GovCloud, GCP Assured Workloads)
- Drive compliance (CMMC, ITAR) through systems—not paperwork
- Partner directly with engineering to remove friction and increase velocity
- High ownership and autonomy to define how these systems are built and operated
Benefits
- Equity as part of the package
- Health insurance
- Vision insurance
- Dental insurance
- 401K
- Lunch provided
- Snacks and drinks
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
