Senior Cloud & Systems Engineer

Responsibilities:

Lead infrastructure modernization - own the transition from hybrid on-premises and Azure to a fully cloud-native, domain-free environment; manage Azure and AWS workloads outside of DevOps scope; drive identity and platform consolidation as the company evolves
Own identity governance end to end - Entra ID, Active Directory, hybrid identity, Azure AD Connect, conditional access, and access lifecycle
Own the full Microsoft 365 tenant including Exchange Online, SharePoint, Teams, and licensing; administer Intune and Autopilot for endpoint lifecycle management across Windows, macOS, iOS, and Android.
Own the traditional systems administration layer that underpins the business - Windows Server, Hyper-V, DNS, DHCP, Group Policy, patching, firmware, and backup administration
Build and own automation that makes the business more agile - PowerShell, API integrations, and AI-assisted development to reduce manual work and accelerate delivery
Own network infrastructure across all office locations - Cisco Meraki switching, wireless, VLANs, DHCP, ISP management, and VPN connectivity; maintain PRTG monitoring and respond proactively to infrastructure health issues; keep firmware current across all network hardware
Evaluate, recommend, and lead the migration to a modern cloud telephony platform; own the current phone system through the transition including user provisioning, call routing, and licensing
Partner with the DevOps, helpdesk and security team on complex escalations, identify root causes rather than symptoms, and build solutions that prevent repeat issues

Qualifications:

Bachelor’s degree in computer science, information technology, or equivalent experience; Certifications such as CompTIA Security+, Microsoft AZ-104 or MS-102 are a strong plus
5+ years of experience in systems administration or infrastructure engineering with meaningful time in hybrid Windows and Azure environments; you have done real sysadmin work and you also know your way around modern cloud
Strong hands-on Azure experience required - Entra ID, Azure Virtual Desktop, Azure Files, Azure Arc, Azure Update Manager, and IaaS VM administration; solid Microsoft 365 administration across Exchange Online, SharePoint, Teams, Intune, and Autopilot
PowerShell proficiency including Microsoft Graph API, Active Directory automation, and Exchange Online management; comfortable with API integrations and scripted workflows; experience using AI tools to accelerate engineering
Solid on-premises Windows Server background including AD DS, DNS, DHCP, and Group Policy; you are not afraid of legacy infrastructure and know how to manage it safely while moving toward something better
Experience with enterprise backup platforms and restore validation practices; working knowledge of Cisco Meraki or equivalent enterprise network platform
Strong security awareness and good judgment around security decisions; familiarity with SOC 2 or similar compliance frameworks is a plus
AWS experience is a plus — legacy workloads exist in AWS; disciplined about change management and documenting infrastructure changes before executing them

Success Criteria:

• Ownership and execution - identifies what needs to be done, builds a plan, executes it, and closes the loop without needing to be followed up with; nothing goes into the environment undocumented or untested
• Strong communication - leadership knows what is happening without having to ask; blockers and risks are surfaced early; ideas and recommendations come from you proactively
• Forward thinking - understands where the company is heading and makes decisions that move toward it; brings a point of view on what should be done next and why; sees a complex environment mid-transformation as an opportunity
• Work ethic that corresponds with KPA’s core values: Integrity - Helpful - Excellence - Agile - Respectful - Teamwork

Physical Requirements:

Physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Working at a computer typing and view a screen - Constantly
Stationary sitting or standing - Constantly
Visual Recognition - Constantly
Hearing/Listening - Occasionally
Communicating verbally and/or in writing - Occasionally
Travel - Seldom

Compensation:

• Annual base salary range between $110-125k commensurate with experience.
• Bonus potential of 10% annually