Heartland Business Systems

Cloud Infrastructure Engineer I

Heartland Business Systems

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Manual Apply

Job Level

Junior

Tech Stack

AnsibleAzureChefCloudCyber SecurityDNSFirewallsJavaScriptLinuxPythonTerraformVMware

About the role

  • Roles and Responsibilities/ Essential Functions: Work as a member of the HBS Cloud Architecture Team (CAT) as a leader and contributor that provides consultative and proactive project support to Heartland Business Systems’ account base. Collaborate across multiple internal teams to ensure successful delivery and timely execution of the scope of work. Contribute to product selection, configuration standards, and best practices. Provide support, maintenance, and administration for customer environments. Assist with the development and implementation of the Azure cloud security architecture for protecting PHI/PII/PCI data deployed into various cloud, hybrid, HBS Cloud, and on-premises systems. Implement and manage security architectures for cloud/hybrid systems. Assist in the process to assess, develop, implement, optimize, and document a comprehensive set of security technologies and processes, data protection, cryptography, key management, identity, and access management (IAM) within SaaS, IaaS, PaaS, and other cloud environments. Work in and always model a positive team atmosphere between regional and virtual practices while maintaining a professional and respectful demeanor. Create and maintain detailed documentation of past projects to potentially provide time estimates and project scopes for new related projects. Obtain and maintain current vendor/industry certifications and stay current on new products and solutions by utilizing networks of resources. Minimum of 1,450 hours (billable + presales) per fiscal year prorated based on start date. These charge hour requirements will be balanced against professional development and on-the-job training.

Requirements

  • Bachelor's Degree or equivalent (or relevant) certifications
  • One or more of the following certifications (or equivalent): Microsoft Certified: Azure Fundamentals (AZ-900) or Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900) and others as listed
  • CJIS background check requirements, including fingerprinting and criminal history review
  • 6 months to 1 year in a technical-related field, internship, or equivalent; 1+ year preferred
  • Experience with Microsoft Cloud and Identity solutions – Entra ID (EID / Azure AD / AAD), Entra Connect, SAML SSO and OpenID Connect (OIDC), Conditional Access, Multi-Factor Authentication (MFA), Self-Service Password Reset (SSPR), Password Protection, Passwordless Authentication, Privileged Identity Management (PIM)
  • Microsoft Azure Infrastructure: Virtual Machines and Azure Virtual Desktop (AVD); Networking and DNS; Network Security Groups (NSGs); VPN Gateways; Traffic Managers; Load Balancers; Private Link, and ExpressRoute
  • Storage Azure Backup, Azure Site Recovery; Azure Update Manager; Pricing & Cost Management; Azure Secure Score
  • Designing and architecting systems-based solutions with a focus on the cloud: IaaS, PaaS, and SaaS
  • Installing and supporting Microsoft enterprise products, including Active Directory (AD) Domain Services (ADDS)
  • IP networking protocols: DNS, static routing, TCP, UDP, and ICMP; on-premises networking; firewalls (Palo Alto, Cisco, Fortinet)
  • Microsoft Intune and Defender for Endpoint / Server: Intune, Endpoint Management, Endpoint Security, Application Management, Windows Autopilot, Defender for Endpoint (MDfE / MDATP), Defender for Servers, Attack Surface Reduction rules, Secure Score
  • Microsoft Security / Purview: Audit, Data Lifecycle Management / Retention Policies, eDiscovery, Data Loss Prevention (DLP), Information Protection (AIP), Defender for Office 365, Defender for Identity, Defender for Cloud, Defender for Cloud Apps, Secure Score
  • PowerShell, Python, or other scripting and development background
  • Azure Sentinel (Kusto Query Language - KQL)
  • Public Key Infrastructure (PKI), including working with X.509 certificates and CSRs
  • Orchestration and automation of cloud deployment (Bicep & ARM Templates, Terraform, Chef, Ansible, etc.)
  • Thycotic / Delinea Secret Server Cloud (SSC) – deployment and configuration
  • Dynamic IP routing protocols, including BGP
  • Familiarity or experience with Microsoft Exchange, Linux, Cisco, HPE/Nimble/ProLiant/Dell servers, VMware ESXi, Nutanix, Hyper-V, Software Defined Networking (SDA/SD-WAN)
  • ConnectWise and Hudu
  • Required Skills, Education and/or Certifications: Bachelor's Degree or equivalent (or relevant) certifications
  • One or more of the following certifications (or another equivalent or higher certification): Microsoft Certified: Azure Fundamentals (AZ-900); SC-900; SC-200; SC-300; MS-102; MS-500; AZ-104; AZ-140; AZ-204; AZ-305; AZ-500; AZ-700; LPIC-1; CCNA; VCP; MD-102; AZ-800/801; SC-401; SC-100; CISSP; CCSP; CSSLP
  • CJIS background check requirements
  • Must pass background check per CJIS requirements
  • Equal Opportunity Employer requirements disclosure