Systems Engineer I

Sentinel Blue is hiring a Systems Engineer I for our Operations team. This role focuses on day-to-day engineering work in client environments across endpoints, identity, and core systems. Systems Engineers at Sentinel Blue operate within both traditional on-premise infrastructure and Microsoft cloud services.

Our ideal candidate is someone who learns quickly, communicates clearly, and takes pride in clean execution. You will work alongside experienced engineers, but you will also be expected to run with defined tasks, document the work performed and have impeccable follow-through.

This is a full-time position that is fully remote. 

This position may require access to technology, technical data, or information that is subject to U.S. export control laws and regulations. Employment in this position is contingent upon either verification of U.S. person status as defined under applicable export control regulations (which includes U.S. citizens, lawful permanent residents, and certain protected individuals such as refugees and asylees) or the ability to obtain any required export authorization. The company reserves the right not to apply for an export license and to decline to proceed with any applicant on that basis. All qualified applicants will receive consideration for employment without regard to citizenship status, national origin, or immigration status.

A day in the Systems Engineer I role: You may configure endpoint policies, troubleshoot access or device issues, run patching and lifecycle tasks, and implement approved changes through our Change Request process. You will keep your work well-documented, validate outcomes, and make sure the next person who touches the environment has the context they need.

Responsibilities:

• Configure and maintain endpoint management baselines in Intune (compliance policies, configuration profiles, and remediation work tied to standards).
• Support hybrid identity systems, including Entra ID and on-premises Active Directory.
• Execute patching and lifecycle workflows for operating systems and common applications, including remediation tasks and exceptions.
• Perform change implementation work through Change Requests, including rollout steps, rollback planning, and post-change validation.
• Assist with backup and recovery tasks when assigned, including restore validation.
• Troubleshoot issues that cross endpoint, identity, and core infrastructure, escalating with clear notes and relevant logs when needed.
• Use existing automation and tooling; write small task-level scripts when appropriate, with review from more senior engineers.
• Contribute to KBs, SOPs, runbooks, and clear ticket notes; create new documentation occasionally when a gap is identified.
• Participate in client calls as needed for troubleshooting, change discussions, and project work.

What We Can Offer:

Sentinel Blue is a young company with a focused mission: We’re bringing enterprise-class cybersecurity to small and medium sized businesses. Frankly, we’re pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission. The pace is fast, and we’re always learning new things. This is a great place if you want to expose yourself to new and emerging technologies, want to be challenged, and want to build your skills. Further, success in this role can quickly transition into a more senior engineering role or even technical leadership opportunities. The right person will find themselves in a fun, dynamic environment, working on interesting problems and making a real difference.

You will be required to achieve a Security+ certification in the first 6 months of hire; we’ll cover your certification costs and provide paid time for you to study!

Requirements:

• 2+ years of hands-on experience in IT operations, systems administration, or engineering work.
• Practical experience with Intune, Entra, and Azure in production environments.
• Solid fundamentals across Windows administration, identity basics, and general troubleshooting.
• Experience supporting on-premise Windows environments, including Active Directory, DNS, DHCP, and GPO management.
• Clear written and verbal communication, including the ability to explain work and outcomes on calls.
• Scripting fundamentals (PowerShell preferred).
• CompTIA Security+ required within 6 months of hire if not already held.

Desired Qualifications:

• Familiarity with Azure Government, Microsoft 365 GCC High, and other FedRAMP Moderate platforms.
• Backup exposure, especially Veeam, including restores and validation.
• Working knowledge of networking fundamentals (DNS, DHCP, routing, VPN basics).
• Prior experience in a managed services or multi-client environment.
• Familiarity with CMMC, NIST 800-171, CIS Controls, or similar frameworks.
• Bachelor’s or Master's degree in Cybersecurity, Information Systems, Computer Science, Business, or a related field.

Benefits:

• Fully paid individual healthcare, vision and dental insurance for the employee.
• Paid certification and training opportunities.
• Three weeks of paid vacation + 10 paid holidays.
• A supportive environment with a focus on keeping healthy work-life balance.
• Retirement benefit (401k) with company match.