A Senior Systems Engineer will serve as a key technical subject matter expert that ensures optimum levels of system and infrastructure availability and resiliency. The Senior Systems Engineer at Affinity Plus will be responsible for identifying enterprise-level solutions for complex problems that result in the secure design and lifecycle management of the hybrid systems infrastructure. This role maintains a bias toward reduction of risks to security, availability, latency and efficiency. Identified operational and security risks to the credit union will require their collaboration with a multidisciplinary team, including senior leadership to assess and mitigate those risks.
Duties and Responsibilities:
- Collaborate and drive conversations with team members in the development and design of complex architecture and functional requirements to derive and deliver the highest quality environment for critical business services
- Lead in prioritizing day-to-day operational support, design, and analysis efforts to ensure the highest levels of site resilience and site reliability engineering objectives
- Research, analyze, and compile complex technical data in projected operational environments to optimize effectiveness in design as well as operational cost
- Design for and implement observability in solutions
- Work effectively with cross-functional teams using a hybrid approach of agile and waterfall methodologies for project and product delivery
- Use the AWS well-architected framework best practices when engineering AWS data center services
- Maintain, monitor and test backup solutions and high availability designs for business continuity
- Monitor and analyze systems for optimal performance and recommend strategies for future growth and scaling
- Research, test and implement automation solutions to remove repetitiveness in provisioning infrastructure and improving operational processes.
- Communicate technical requirements and risk effectively with messaging appropriate to the audience
- Analyze, derive and assign least privilege access-level assignments to staff, systems, and vendors
- Analyze operational requirements to identify functional and cross-functional requirements
- Apply technical knowledge and experience to assess new technologies and innovations to develop recommendations
- Perform security reviews in the context of our environment using industry and regulatory guidance and when needed, conduct remediations promptly.
- Maintain, analyze, and administer a VMware infrastructure including installing, upgrading and patching
- Maintain and monitor a Cisco UCS environment, as well as upgrading and patching
- Build and administer hybrid on-premise Active Directory and Azure AD
- Maintain, update and monitor Exchange on-premise system
- Research and focus on the roadmap for the email system and associated productivity tool integrations
- Maintain a Cisco MDS Fibre Channel and Pure Storage SAN environment for performance, and availability
- Leverage Splunk Enterprise for log and event analysis
- Create and maintain architecture diagrams, playbooks and documentation of system infrastructure
- Administer and monitor Windows Server, Microsoft SQL Red Hat and CentOS Linux operating systems
- Report to leadership on outages, updates on key infrastructure, audit mitigation progress, and project assignments
- Other duties as assigned
Qualification and Skills:
- 8+ years of progressive experience in an IT System Engineer or similar role
- Bachelor's degree in MIS, Computer Science, Engineering or similar field or equivalent combination of work experience or education preferred
- Certifications in AWS, Azure, VMware, Redhat, and Microsoft preferred
- Proven experience in system design, optimization, and delivery
- In-depth infrastructure knowledge and skillset to implement multiple layers of protection for the resiliency and security of a multi-layer environment
- Expertise in change and release management, including
- Functional knowledge and experience with collaboration and unified communication services, Cisco experience preferred
- Functional knowledge and experience with Cisco IOS and NX-OS administration of routers, switches, Palo Alto firewalls and fabric devices (VLANs, Port Channels, ACLs, Spanning Tree, Data Center Network Manager)
- Functional knowledge and experience with configuration and management of enterprise level web and email filtering devices and endpoint security including anti-virus, spam and other malware protections
- Expertise knowledge: Windows and/Azure Active Directory, Domain Controllers, DNS, DHCP, DFS, LDAP; Group Policy; and Kerberos.
- Functional knowledge and experience of measuring and troubleshooting application performance. SIEM and Application Performance Management tool experience preferred.
- Working knowledge of AWS data center delivery services: EC2, VPCs, Load Balancers, Transit gateways, Backup, S3, Route 53, Cloudtrail, etc.
- Proficiency in Identity Services management - authentication methods (MFA, SSO (SAML/ADFS), client-server, distribution system); encryption/decryption; PKI; Layer 2 and Layer 3
- Demonstrated willingness to learn new skills and adapt easily to change by adopting new technologies and accepting increased responsibility
- Expert in managing Exchange on-premise with a willingness to move us forward
- Strong verbal and written communication skills with ability to explain technical matters in an understandable manner
- Time Management skills and the ability to prioritize workload
- Flexibility to adapt and succeed in a dynamic environment
- Strong analytical and decision-making skills required with a high degree of accuracy
- Working in a stationary position for 80% of the work day
- Utilizing the telephone 10-20% of the day
- Moving, lifting and/or carrying 30 pounds with or without accommodations
- Bending, twisting, kneeling, stooping or crouching when appropriate, on occasion
- Repetitive movements, including but not limited to typing, mousing, phones, etc.
- Requires onsite presence based on coordination of work with other employees and/or departments. May require travel to attend on-site meetings/events for collaboration, connection, project work, All-Employee Day, etc.
Required Work Schedule:
Standard Monday through Friday business hours with participation in a 24/7 on-call rotation as well as a willingness to work after hours as needed for product delivery, upgrades, equipment replacement, etc. Consistent and reliable attendance is a required essential function of this role to meet the needs of the department/team and organization.
This position is mostly remote, with occasional on-site work for in-person meetings, and team or company events in St. Paul, MN or the surrounding metro.