Heartland Business Systems

Senior Cloud Infrastructure Engineer

Heartland Business Systems

full-time

Posted on:

Origin:  • 🇺🇸 United States • Wisconsin

Visit company website
AI Apply
Manual Apply

Job Level

Senior

Tech Stack

AnsibleAzureChefCloudCyber SecurityDNSFirewallsJavaScriptLinuxPythonTerraformVMware

About the role

  • Position Summary: The Senior Cloud Infrastructure Engineer - I role will develop, implement, and support related services and solutions for consulting clients.
  • This role will build a customer-focused relationship with clients to identify business challenges and develop specifications and requirements to arrive at the best solution.
  • Focus areas include Azure Infrastructure, M365, and Entra ID with security across cloud, hybrid, and on-premises systems.
  • Responsibilities include leading and collaborating with internal teams, researching new products, and documenting project scopes and timelines.

Requirements

  • 3+ years of experience in a technical-related field
  • Designing and architecting Microsoft Cloud and Identity solutions – Including but not limited to: Entra ID (EID / Azure AD / AAD) Entra Connect SAML SSO and OpenID Connect (OIDC) Conditional Access Multi-Factor Authentication (MFA) Self-Service Password Reset (SSPR) Password Protection Passwordless Authentication Privileged Identity Management (PIM)
  • Preferred Experience: 3 - 5 years in a technical-related field.
  • 3+ years’ experience working as a consultant.
  • Microsoft Azure Infrastructure: Virtual Machines and Azure Virtual Desktop (AVD) Networking and DNS, including Network Security Groups (NSGs), VPN Gateways, Traffic Managers, Load Balancers, Private Link, and ExpressRoute.
  • Storage Azure Backup, Azure Site Recovery Azure Update Manager
  • Pricing & Cost Management Azure Secure Score
  • Designing and architecting systems-based solutions with a focus on the cloud: IaaS, PaaS, and SaaS.
  • Installing and supporting Microsoft enterprise products, including Active Directory (AD) Domain Services (ADDS).
  • Comprehensive understanding of IP networking protocols, including DNS, static routing, TCP, UDP, and ICMP.
  • Configuring on-premises networking, especially firewalls (Palo Alto, Cisco, and/or Fortinet) – towards creating and supporting site-to-site IKE/IPSEC site-to-site (S2S) VPN connections with Azure environments.
  • Microsoft Intune and Defender for Endpoint / Server: Intune Endpoint Management Endpoint Security Application Management Windows Autopilot Defender for Endpoint (MDfE / MDATP) Defender for Servers Attack Surface Reduction (ASR) rules Secure Score
  • Microsoft Security: Purview – including, but not limited to: Audit, Data Lifecycle Management / Retention Policies, eDiscovery, Data Loss Prevention (DLP), Information Protection (AIP) Defender for Office 365 (MDO / M365D) Defender for Identity (MDI / AATP) Defender for Cloud Defender for Cloud Apps (MCAS / MDCA) Secure Score
  • PowerShell, Python, or other scripting and development background.
  • Azure Sentinel, including Kusto Query Language (KQL).
  • Public Key Infrastructure (PKI), including working with X.509 certificates and CSRs.
  • Orchestration and automation of cloud deployment (Bicep & ARM Templates, Terraform, Chef, Ansible, etc.)
  • Developing and maintaining security architecture for PHI/PII/PCI data in various cloud, hybrid-cloud, HBS Cloud and on-premises systems.
  • Thycotic / Delinea Secret Server Cloud (SSC) – deployment and configuration.
  • Dynamic IP routing protocols, including BGP.
  • Familiarity or experience with Microsoft Exchange, Linux, Cisco (Hyperflex, Nexus, UCS), HPE Nimble, HPE ProLiant, Dell PowerEdge, VMware ESXi, Nutanix, Hyper-V, and Software Defined Networking (SDA, SD-WAN).
  • Experience with Microsoft 365, including Exchange Online, SharePoint, OneDrive, Teams, ConnectWise and Hudu.