Systems Administrator (Server Administration & Security)

About The Position

Requirements

• Bachelor’s degree or equivalent combination of education and experience.
• 5–8+ years of hands-on Systems Administration experience supporting Windows and/or Linux server environments in production (data center and/or cloud).
• Strong knowledge of server fundamentals: OS installation and configuration, services, storage, networking basics (DNS/DHCP/NTP), virtualization concepts, and troubleshooting methodologies.
• Demonstrated experience implementing server hardening and secure configuration baselines; familiarity with CIS Benchmarks and applying controls mapped to NIST guidance.
• Experience with patching, vulnerability remediation, and operational change management; able to create implementation/rollback plans and execute within maintenance windows.
• Scripting/automation skills (PowerShell and/or Bash) and experience with configuration management/automation tooling (e.g., Ansible, Puppet, Chef, SCCM/MECM, Intune, or similar).
• Experience supporting security tooling on servers (EDR/AV, vulnerability scanning, centralized logging) and working with Security teams on findings and control requirements.
• Comfort operating in regulated or audit-driven environments; ability to produce evidence, document exceptions, and maintain control validation artifacts.
• Excellent written and verbal communication; proven ability to influence cross-functional teams and mentor others.
• Ability to work across multiple U.S. locations and travel to data center sites as needed; after-hours availability for high-priority server/security incidents when required.

Nice To Haves

• Experience with Windows Server and/or Linux (RHEL/Ubuntu or similar)
• Experience with Active Directory/Entra ID integration
• Experience with virtualization platforms (VMware/Hyper-V) and/or cloud IaaS
• Experience with patching and configuration management (WSUS/SCCM/MECM/Intune/Ansible or similar), monitoring (e.g., SCOM, Splunk, Sentinel, Prometheus/Grafana, or similar), vulnerability scanning and compliance reporting tools
• Experience with EDR/AV agents, backup/restore platforms, scripting (PowerShell/Bash), Git-based workflows, and ITSM/ticketing systems
• Familiarity with CIS Benchmarks and NIST-aligned security control implementation

Responsibilities

• Operate and maintain server platforms (Day-2): Administer Windows and/or Linux servers, including provisioning support, configuration, monitoring, performance tuning, capacity planning inputs, and lifecycle maintenance.
• Harden servers to approved baselines: Implement secure configuration standards and golden images aligned to CIS Benchmarks and internal hardening guides; ensure deviations are documented and risk-accepted where applicable.
• Patch and vulnerability management: Plan and execute OS and firmware patching, coordinate maintenance windows, validate outcomes, and remediate vulnerabilities identified by scanning tools within defined SLAs.
• Access control and privileged administration: Manage server access using least privilege, MFA where applicable, and privileged access workflows; perform periodic access reviews and ensure secure credential handling.
• Endpoint/security tooling on servers: Deploy and maintain required security agents (e.g., EDR, configuration management, vulnerability scanners, logging collectors) and troubleshoot agent health and coverage gaps.
• Monitoring, alerting, and incident response support: Maintain monitoring/alerting for server health and critical services; respond to incidents, perform triage and root-cause analysis, and coordinate recovery actions.
• Configuration management and automation: Use scripting and automation to standardize builds, enforce desired state, and reduce operational toil (e.g., PowerShell, Bash, Ansible, SCCM/Intune, or similar).
• Change, release, and maintenance governance: Follow change management processes; create implementation and rollback plans; document changes and ensure stakeholders are informed of risk and impact.
• Compliance alignment (NIST/CIS/internal standards): Implement and validate required controls (logging, time sync, encryption, secure services, firewall rules, etc.); support audits by producing evidence and remediation plans.
• Backup, restore, and disaster recovery readiness: Ensure backups are configured, tested, and monitored; perform periodic restore tests and participate in DR exercises for server services.
• Standard documentation and runbooks: Create and maintain build standards, hardening checklists, operational runbooks, and troubleshooting guides; keep CMDB/inventory details current.
• Continuous improvement of server security posture: Identify and remediate insecure configurations, reduce attack surface, implement baseline drift detection, and partner with Cybersecurity on new controls and security initiatives.

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)
• Short Term & Long Term Disability
• Training & Development
• Wellness Resources
• annual bonus
• flexible time off (vacation)
• 401k