The Infrastructure Engineer IV supports the secure, scalable, and efficient operation of ZincFive’s IT infrastructure, including Microsoft 365, Azure, endpoint systems, and network platforms. This role combines infrastructure and security responsibilities to protect company systems, data, and intellectual property. The Infrastructure Engineer IV is responsible for securing and maintaining ZincFive’s network and system infrastructure, including firewalls, managed switches, VLANs, and security platforms such as Microsoft Defender and Sentinel. The role provides deep technical ownership of monitoring, access enforcement, and system configuration integrity. While the System Administrator manages day-to-day user and device operations, and Microsoft 365 administration, the Infrastructure Engineer provides architectural and security oversight of these environments, ensuring policy compliance, alert visibility, and incident readiness. This position will be worked at ZincFive headquarters and reports to the Director of Information Technology & Systems.

Infrastructure Engineer IV Job Duties:

• Maintain and optimize Entra ID Conditional Access policies, identity protection settings, and MFA enforcement rules
• Align infrastructure and security configurations with frameworks such as NIST-CSF to support compliance and risk reduction
• Define and administer Intune compliance policies; collaborate with the System Administrator on secure device enrollment standards
• Lead the configuration and oversight of Microsoft Defender for Endpoint, Identity, Office, and Cloud Apps; collaborate with the System Administrator on tuning and triage of security alerts.
• Design, enforce, and support Microsoft Purview policies (e.g., DLP, sensitivity labels, information protection)
• Collaborate on Secure Score improvements and risk remediation tracking
• Build and maintain Azure Sentinel rules, data connectors, and automation playbooks for incident detection and escalation
• Review cross-platform security alerts and lead triage, remediation, and reporting activities in collaboration with IT team members
• Document incident response processes and coordinate with the IT Director
• Configure and support Fortinet firewalls, VPN access, NAT rules, and segmentation of business/lab/Wi-Fi networks
• Administer managed switches, VLANs, firmware updates, internal DNS, public IPs, and cloud network architecture
• Perform quarterly configuration audits and respond to infrastructure performance issues via system health dashboards
• Maintain and periodically test Disaster Recovery (DR) runbooks in collaboration with the System Administrator and IT leadership
• Collect and organize evidence for customer security reviews, audits, and compliance assessments (NIST, ISO, etc.)
• Monitor and validate enforcement of internal IT policies (e.g., Password Policy, Limited Access Policy) through technical controls
• Maintain documentation of configurations, access controls, audit logs, and system control points
• Assist the System Administrator with escalations, endpoint troubleshooting, and scripting/automation
• Provide architectural guidance and act as escalation point for infrastructure-related issues
• Contribute to internal knowledge base, IT runbook development, and documentation standards
• Assist with SaaS intake security reviews and onboarding of new cloud applications
• Support IT roadmap planning, tool evaluations, and long-term scalability strategies

Requirements:

• A degree in Computer Science, Information Systems, Cybersecurity, or a related field; or equivalent work experience
• 3–5 years in cloud infrastructure, systems engineering, or security-focused roles
• Strong experience with Microsoft 365, Entra ID, Intune, Conditional Access, Defender for Endpoint/Identity and Microsoft Purview, Azure Sentinel or comparable SIEM platform, and PowerShell automation for identity and security tasks
• Solid understanding of firewalls, VLANs, and endpoint hardening practices
• Strong documentation habits and familiarity with NIST-CSF or similar frameworks
• Excellent collaboration and problem-solving skills

Preferred Experience/Skills:

• Microsoft certifications (e.g., SC-200, AZ-500, MS-102)
• Experience with Fortinet firewalls and VLAN design
• Experience supporting compliance with NIST-CSF, GDPR, or CCPA
• Familiarity with SaaS security integration and Microsoft Secure Score initiatives

Key Competencies:

• Attention to detail
• Excellent communication skills - verbal and written
• Good judgment
• Solid decision-making
• Teamwork

Physical Requirements and Working Conditions:

• Work involves sitting, standing, occasional walking, and lifting up to 30pounds
• Ability to wear Personal Protective Equipment when required
• Manufacturing, warehouse, lab, and office environments

Salary offers will depend on factors that include the location you work from, your level, education, training, specific skills, years of experience and comparison to other employees already in this role.

In addition, the successful candidate for this position will become eligible for a comprehensive set of outstanding benefits, including medical, dental, vision, life insurance, 401k, paid sick time, paid time off for vacation, paid holidays, paid community service days, professional/personal learning program, and applicable state/federal paid family leave.

ZincFive is committed to employing a diverse workforce. As an Equal Opportunity and Affirmative Action Employer all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status. We maintain a safe workplace and perform pre-employment testing. ZincFive is a participant in E-Verify and receives employment authorization of new hires through Social Security and the Department of Homeland Security databases.