Senior System Engineer

As BWE’s Systems Engineer, your role is foundational to keep our environment secure, consistent, and ready for what is next.

We depend on you to design and optimize BWE’s infrastructure, networking, and security platforms.

We depend on you to implement cloud architecture enhancements, strengthen our compliance, and lead business continuity strategies while ensuring the environment is prepared, resilient, and aligned with evolving business needs.

Responsibilities: Design, build, and secure Azure IaaS environments, including servers, virtual networks, route tables, subnets, and custom Network Security Groups.

Develop and maintain Azure architectural layouts, aligning with business requirements and compliance standards.

Create and configure Azure Virtual Desktop environments to enable secure, scalable remote access.

Deploy and manage external cloud gateways using Azure Virtual Network Gateways and Local Network Gateways.

Configure and maintain site-to-site VPN connectivity between on-premises environments and Azure, including Meraki vMX solutions.

Implement network peering and private endpoints for secure, high-speed interconnectivity.

Manage on-premises Active Directory and RADIUS services for Wi-Fi and VPN authentication.

Design, configure, and manage Azure Firewall, firewall rules, and traffic filtering policies to secure inbound and outbound traffic.

Implement Microsoft Entra multi-factor authentication, Conditional Access policies, and Named Locations.

Configure Azure Policy for consistent deployment standards and compliance enforcement.

Manage privileged accounts via Azure Privileged Identity Management.

Configure and manage Azure Key Vault for secure key, secret, and certificate storage.

Review vulnerability scans (Tenable) and remediate identified risks.

Monitor and analyze security alerts using Azure Log Analytics Workspace, Microsoft Sentinel, and Microsoft Defender for Cloud.

Deploy and support AI-enabled monitoring and threat detection tools to improve performance, anomaly detection, and incident response.

Configure and test disaster recovery solutions, including Recovery Services Vault and AI-driven predictive planning, to ensure readiness and minimize downtime.

Perform semi-annual disaster recovery testing to validate business continuity strategies.

Integrate and support AI-driven tools and PaaS solutions (e.g., Logic Apps, Azure Container Instances) within the cloud environment.

Manage enterprise applications, Single Sign-On, and application registrations.

Configure and maintain DNS records through GoDaddy for cloud and application integrations.

Execute data and email migrations to Microsoft 365 Exchange Online and archive data during employee offboarding.

Configure and manage Azure Update Management for virtual machines and resources.

Build and optimize Azure storage accounts for scalability, performance, and compliance.

Create detailed system diagrams showing application/server communication flows, points, and dependencies.

Maintain a comprehensive IT documentation library covering infrastructure, security, and operations, incorporating AI-based knowledge resources to improve accessibility and accuracy.

Serve on the IT Change Committee, reviewing and approving infrastructure changes to ensure stability and security compliance.

Partner with the Director of Security to align endpoint protection standards and incident protocols while assessing AI-enhanced security monitoring solutions.

Minimum Qualifications: 5+ years of experience in systems engineering, infrastructure, or cloud administration Bachelor’s degree in Computer Science, Information Technology, or related field, or equivalent professional experience.

Hands-on experience with Microsoft Azure (IaaS, networking, security, identity, and governance tools). Proficiency with Active Directory, DNS, VPNs, and enterprise networking concepts.

Familiarity with security tools (e.g., Microsoft Sentinel, Defender for Cloud, vulnerability scanning tools such as Tenable). Strong documentation skills and ability to create system diagrams and operational playbooks.

Experience participating in change management and compliance-driven environments.

Preferred Qualifications: Microsoft certifications (e.g., Azure Administrator Associate, Azure Security Engineer Associate, Azure Solutions Architect Expert). 7+ years of enterprise systems engineering experience in hybrid cloud environments.

Experience with disaster recovery planning, testing, and business continuity frameworks.

Familiarity with AI-driven monitoring, automation, and threat detection tools.

Knowledge of Microsoft Entra ID, Conditional Access, and Privileged Identity Management.

Experience with Azure PaaS services (Logic Apps, Containers, Key Vault, Recovery Services Vault) Strong collaboration skills with Security, IT Ops, and cross-functional teams.