Senior Cloud Infrastructure Engineer I Job at Heartland Business Systems, Mountainside, NJ

WGVjWEJFY1ZGaEFPM0dSa29iemtsSkNTOWc9PQ==
  • Heartland Business Systems
  • Mountainside, NJ

Job Description



Full-time

Description

Position Summary:

The Senior Cloud Infrastructure Engineer - I role will develop, implement, and support related services and solutions for consulting clients. This position will build a customer-focused relationship with clients to identify business challenges and develop specifications and requirements to arrive at the best solution.

This is a highly technical and challenging but exciting and rewarding role that brings expectations for expertise across Azure Infrastructure, M365, and Entra ID – with security throughout, and extending into adjacent technologies. Our team is predominantly customer-facing, dedicating most of each work week to direct consultations with clients.

The role will develop specializations around technology sets such as platform, infrastructure, and security and around multiple target customer profiles such as K-12, higher education, SMB, enterprise/commercial, and/or government. The Senior Cloud Infrastructure Engineer I’s are expected to obtain and hold eight (8+) certifications, to meet the demand and expectations of our customers and to meet the requirements of our partner designations. An individual certification path towards meeting these goals will be included on a professional development plan upon hire.

The Senior Cloud Infrastructure Engineer I will specialize or possess a well-rounded combination of one of the following Microsoft Cloud focus areas: Azure Infrastructure (IaaS/PaaS); End-user Compute (EUC): Microsoft Intune and Defender for Endpoint/Server; and/or Security, with a focus on Microsoft Purview.

Roles and Responsibilities/ Essential Functions:

  • Work as a member of the HBS Cloud Architecture Team (CAT) as a leader and contributor that provides consultative and proactive project support to Heartland Business Systems’ (HBS) account base.
  • Collaborate and be a leader across multiple internal teams to ensure successful delivery and timely execution of the scope of work.
  • Research new products for selection, enhance configuration standards and best practices, and educate team members on these products and services to enhance the sales process.
  • Provide senior-level support, maintenance, and administration for customer environments and review for other potential concerns or enhancement opportunities.
  • Assist with the development and implementation of the Azure cloud security architecture for protecting PHI/PII/PCI data deployed into various cloud, hybrid, HBS Cloud, and on-premises systems.
  • Implement and manage security architectures for cloud/hybrid systems.
  • Assess, develop, implement, optimize, and document a comprehensive set of security technologies and processes, data protection, cryptography, key management, identity, and access management (IAM) within SaaS, IaaS, PaaS, and other cloud environments.
  • Work in and always model a positive team atmosphere between regional and virtual practices while maintaining a professional and respectful demeanor. 
  • Provide input to the development of career plans and education goals for engineers, including mentoring college Interns or recent college graduates.
  • Create and maintain detailed documentation of past projects to potentially provide time estimates and project scopes for new related projects.
  • Obtain and maintain current vendor/industry specific certifications and stay current on new products and solutions by utilizing networks of resources.
  • Minimum of 1,450 hours (billable + presales) per fiscal year prorated based on start date. These charge hour requirements will be balanced against professional development and on-the-job training.

Requirements

Competencies:

  • Accountability - Ability to accept responsibility and account for his/her actions.
  • Adaptability - Ability to fit into a changing environment.
  • Ambition - Extent that an individual demonstrates drive and initiative in seeking personal advancement or recognition.
  • Applied Learning - Applied learning looks at whether an individual takes part in needed learning activities in a way that makes the most of the learning experience.
  • Decision Making - Selecting an effective course of action while controlling resources and expenditures.
  • Detail Orientated - Ability of an individual to pay meticulous attention to all aspects of a situation or task, no matter how small or seemingly unimportant.
  • Ethical - Ability to be guided by the company’s accepted principles of moral conduct.
  • Interpersonal - Interpersonal skills look at the ability of the individual to develop and maintain relationships with others.
  • Organized - Ability of an individual to be structured and methodical in working skills.
  • Persistence - Ability to continue in a course of action in the face of adversity.
  • Technical Aptitude - Ability to relate to topics which require an understanding or specialized knowledge.

Required Experience:

  • 3+ years of experience in a technical-related field.
  • Designing and architecting Microsoft Cloud and Identity solutions – Including but not limited to: 
  • Entra ID (EID / Azure AD / AAD)
  • Entra Connect
  • SAML SSO and OpenID Connect (OIDC)
  • Conditional Access
  • Multi-Factor Authentication (MFA)
  • Self-Service Password Reset (SSPR)
  • Password Protection
  • Passwordless Authentication
  • Privileged Identity Management (PIM)

Preferred Experience:

  • 3 - 5 years in a technical-related field. 
  • 3+ years’ experience working as a consultant.
  • Microsoft Azure Infrastructure:
  • Virtual Machines and Azure Virtual Desktop (AVD)
  • Networking and DNS, including Network Security Groups (NSGs), VPN Gateways, Traffic Managers, Load Balancers, Private Link, and ExpressRoute.
  • Storage
  • Azure Backup, Azure Site Recovery
  • Azure Update Manager
  • Pricing & Cost Management
  • Azure Secure Score
  • Designing and architecting systems-based solutions with a focus on the cloud: IaaS, PaaS, and SaaS.
  • Installing and supporting Microsoft enterprise products, including Active Directory (AD) Domain Services (ADDS).
  • Comprehensive understanding of IP networking protocols, including DNS, static routing, TCP, UDP, and ICMP.
  • Configuring on-premises networking, especially firewalls (Palo Alto, Cisco, and/or Fortinet) – towards creating and supporting site-to-site IKE/IPSEC site-to-site (S2S) VPN connections with Azure environments.
  • Microsoft Intune and Defender for Endpoint / Server:
  • Intune
  • Endpoint Management
  • Endpoint Security
  • Application Management
  • Windows Autopilot
  • Defender for Endpoint (MDfE / MDATP)
  • Defender for Servers
  • Attack Surface Reduction (ASR) rules
  • Secure Score
  • Microsoft Security:
  • Purview – including, but not limited to: Audit, Data Lifecycle Management / Retention Policies, eDiscovery, Data Loss Prevention (DLP), Information Protection (AIP)
  • Defender for Office 365 (MDO / M365D)
  • Defender for Identity (MDI / AATP)
  • Defender for Cloud
  • Defender for Cloud Apps (MCAS / MDCA)
  • Secure Score
  • PowerShell, Python, or other scripting and development background.
  • Azure Sentinel, including Kusto Query Language (KQL).
  • Public Key Infrastructure (PKI), including working with X.509 certificates and CSRs.
  • Orchestration and automation of cloud deployment (Bicep & ARM Templates, Terraform, Chef, Ansible, etc.)
  • Developing and maintaining security architecture for PHI/PII/PCI data in various cloud, hybrid-cloud, HBS Cloud and on-premises systems.
  • Thycotic / Delinea Secret Server Cloud (SSC) – deployment and configuration.
  • Dynamic IP routing protocols, including BGP.
  • Familiarity or experience with Microsoft Exchange, Linux, Cisco (Hyperflex, Nexus, UCS), HPE Nimble, HPE ProLiant, Dell PowerEdge, VMware ESXi, Nutanix, Hyper-V, and Software Defined Networking (SDA, SD-WAN).
  • Experience with Microsoft 365, including Exchange Online, SharePoint, OneDrive, Teams, ConnectWise and Hudu.

Required Skills, Education and/or Certifications:

  • Bachelor’s Degree or equivalent (or relevant) certifications.
  • At least one or more of the below preferred certifications.
  • Must be able to successfully pass a background check per Criminal Justice Information Services (CJIS) requirements, including fingerprinting and criminal history review.

Preferred Skills, Education and/or Certifications:

  • All focus areas:
  • Microsoft Certified: Security Operations Analyst Associate (SC-200)
  • Microsoft Certified: Identity and Access Administrator Associate (SC-300)
  • Microsoft 365 Certified: Administrator Expert (MS-102)
  • Microsoft 365 Certified: Security Administrator Associate (MS-500, retired)
  • Microsoft Azure Infrastructure:
  • Microsoft Certified: Azure Administrator Associate (AZ-104)
  • Microsoft Certified: Azure Virtual Desktop Specialty (AZ-140)
  • Microsoft Certified: Azure Developer Associate (AZ-204)
  • Microsoft Certified: Azure Solutions Architect Expert (AZ-305)
  • Microsoft Certified: Azure Security Engineer Associate (AZ-500)
  • Microsoft Certified: Azure Network Engineer Associate (AZ-700)
  • Certified Linux Administrator (LPIC-1)
  • Cisco Certified Network Associate (CCNA)
  • VMware Certified Professional (VCP)
  • Microsoft Intune and Defender for Endpoint / Server:
  • Microsoft 365 Certified: Endpoint Administrator Associate (MD-102)
  • Microsoft Certified: Windows Server Hybrid Administrator Associate (AZ-800, AZ-801)
  • Microsoft Security / Purview:
  • Microsoft Certified: Information Security Administrator Associate (SC-401)
  • Microsoft Certified: Cybersecurity Architect Expert (SC-100)
  • (ISC)2 Certified Information Systems Security Professional (CISSP)
  • (ISC)2 Certified Cloud Security Professional (CCSP)
  • (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP)

Equal Opportunity Employer - Including Disabled and Veterans #HBS

Job Tags

Full time, Work at office,

Similar Jobs

YMCA of Greater Boston

Program Director, Sports (Boston) Job at YMCA of Greater Boston

 ...Join to apply for the Program Director, Sports role at YMCA of Greater Boston Continue with Google Continue with Google Join...  ...participants. Marketing and distribution of program information. Managements program rosters, enrollment and reporting. Evaluate program... 

ASM Global

Event Staff Job at ASM Global

 ...SUMMARY ASM Global, the leader in privately managed public assembly facilities, has an excellent opportunity for part-time Event Staff at Osceola Heritage Park, Kissimmee, Florida. The Event Staff are responsible for directing patrons to their seats for shows or events... 

WELLS FARGO BANK

Branch Manager Central South Dakota District Job at WELLS FARGO BANK

 ...Fargo is seeking a Senior Branch Network Management Trainee (SAFE) for National Branch Network as part of the Consumer, Small and Business Banking division. This is an interim non-exempt position. Successful completion and certification of the Branch Manager Readiness... 

millenniumsoft

Medical Writer (Must Have EU MDR) Job at millenniumsoft

Position : Medical Writer (Must Have EU MDR)Location : Franklin Lakes, NJDuration : 12 Months ContractTotal Hours/week : 40.00Description:The Medical Writer in client Medical Pharmaceutical Systems Medical Affairs is responsible for the generation and development... 

Twelve31

Remote Customer Service Representative Job at Twelve31

About the Customer Service Representative Position Our customer service representative, or CSR, will act as a connection, providing product/services information and resolving developing problems that our clients might face with precision and competence. The best ...