Position Overview:

A Senior Systems Engineer will serve as a key technical subject matter expert that ensures optimum levels of system and infrastructure availability and resiliency. The Senior Systems Engineer at Affinity Plus will be responsible for identifying enterprise-level solutions for complex problems that result in the secure design and lifecycle management of the hybrid systems infrastructure. This role maintains a bias toward reduction of risks to security, availability, latency and efficiency. Identified operational and security risks to the credit union will require their collaboration with a multidisciplinary team, including senior leadership to assess and mitigate those risks.

Duties and Responsibilities:

• Collaborate and drive conversations with team members in the development and design of complex architecture and functional requirements to derive and deliver the highest quality environment for critical business services
• Lead in prioritizing day-to-day operational support, design, and analysis efforts to ensure the highest levels of site resilience and site reliability engineering objectives
• Research, analyze, and compile complex technical data in projected operational environments to optimize effectiveness in design as well as operational cost
• Design for and implement observability in solutions
• Work effectively with cross-functional teams using a hybrid approach of agile and waterfall methodologies for project and product delivery
• Use the AWS well-architected framework best practices when engineering AWS data center services
• Maintain, monitor and test backup solutions and high availability designs for business continuity
• Monitor and analyze systems for optimal performance and recommend strategies for future growth and scaling
• Research, test and implement automation solutions to remove repetitiveness in provisioning infrastructure and improving operational processes.
• Communicate technical requirements and risk effectively with messaging appropriate to the audience
• Analyze, derive and assign least privilege access-level assignments to staff, systems, and vendors
• Analyze operational requirements to identify functional and cross-functional requirements
• Apply technical knowledge and experience to assess new technologies and innovations to develop recommendations
• Perform security reviews in the context of our environment using industry and regulatory guidance and when needed, conduct remediations promptly.
• Maintain, analyze, and administer a VMware infrastructure including installing, upgrading and patching
• Maintain and monitor a Cisco UCS environment, as well as upgrading and patching
• Build and administer hybrid on-premise Active Directory and Azure AD
• Maintain, update and monitor Exchange on-premise system
• Research and focus on the roadmap for the email system and associated productivity tool integrations
• Maintain a Cisco MDS Fibre Channel and Pure Storage SAN environment for performance, and availability
• Leverage Splunk Enterprise for log and event analysis
• Create and maintain architecture diagrams, playbooks and documentation of system infrastructure
• Administer and monitor Windows Server, Microsoft SQL Red Hat and CentOS Linux operating systems
• Report to leadership on outages, updates on key infrastructure, audit mitigation progress, and project assignments
• Other duties as assigned

Qualification and Skills:

• 8+ years of progressive experience in an IT System Engineer or similar role
• Bachelor's degree in MIS, Computer Science, Engineering or similar field or equivalent combination of work experience or education preferred
• Certifications in AWS, Azure, VMware, Redhat, and Microsoft preferred
• Proven experience in system design, optimization, and delivery
• In-depth infrastructure knowledge and skillset to implement multiple layers of protection for the resiliency and security of a multi-layer environment
• Expertise in change and release management, including
• Functional knowledge and experience with collaboration and unified communication services, Cisco experience preferred
• Functional knowledge and experience with Cisco IOS and NX-OS administration of routers, switches, Palo Alto firewalls and fabric devices (VLANs, Port Channels, ACLs, Spanning Tree, Data Center Network Manager)
• Functional knowledge and experience with configuration and management of enterprise level web and email filtering devices and endpoint security including anti-virus, spam and other malware protections
• Expertise knowledge: Windows and/Azure Active Directory, Domain Controllers, DNS, DHCP, DFS, LDAP; Group Policy; and Kerberos.
• Functional knowledge and experience of measuring and troubleshooting application performance. SIEM and Application Performance Management tool experience preferred.
• Working knowledge of AWS data center delivery services: EC2, VPCs, Load Balancers, Transit gateways, Backup, S3, Route 53, Cloudtrail, etc.
• Proficiency in Identity Services management - authentication methods (MFA, SSO (SAML/ADFS), client-server, distribution system); encryption/decryption; PKI; Layer 2 and Layer 3
• Demonstrated willingness to learn new skills and adapt easily to change by adopting new technologies and accepting increased responsibility
• Expert in managing Exchange on-premise with a willingness to move us forward
• Strong verbal and written communication skills with ability to explain technical matters in an understandable manner
• Time Management skills and the ability to prioritize workload
• Flexibility to adapt and succeed in a dynamic environment
• Strong analytical and decision-making skills required with a high degree of accuracy

Workplace Environment:

• Working in a stationary position for 80% of the work day
• Utilizing the telephone 10-20% of the day
• Moving, lifting and/or carrying 30 pounds with or without accommodations
• Bending, twisting, kneeling, stooping or crouching when appropriate, on occasion
• Repetitive movements, including but not limited to typing, mousing, phones, etc.
• Requires onsite presence based on coordination of work with other employees and/or departments. May require travel to attend on-site meetings/events for collaboration, connection, project work, All-Employee Day, etc.

Required Work Schedule:

Standard Monday through Friday business hours with participation in a 24/7 on-call rotation as well as a willingness to work after hours as needed for product delivery, upgrades, equipment replacement, etc. Consistent and reliable attendance is a required essential function of this role to meet the needs of the department/team and organization.

This position is mostly remote, with occasional on-site work for in-person meetings, and team or company events in St. Paul, MN or the surrounding metro.