Senior Infrastructure Engineer

Hands-on experience with Azure-native tools such as Log Analytics, Azure Monitor, Cost Management, and Microsoft Defender for CloudAdminister cloud-hosted infrastructure in Microsoft Azure, ensuring adherence to security, performance, and cost management standards appropriate for financial systemsConfigure and maintain Microsoft 365 services including Exchange Online, SharePoint, Teams, and OneDrive, with a focus on uptime, data protection, and service integrityManage Windows Server infrastructure and Active Directory, including DNS, DHCP, and Group Policy, supporting authentication, authorization, and access management across the firmUse Microsoft Intune to manage workstation configurations, software deployments, device compliance, and zero-touch provisioning for a secure and scalable endpoint experienceAssist with the configuration and support of network services and cloud connectivityImplement and maintain technical controls aligned to security policies, regulatory requirements (e.g., SEC, FINRA), and data classification standards; support internal and external auditsDevelop PowerShell scripts and leverage Microsoft automation tools to streamline provisioning, maintenance, and monitoring tasksMaintain clear documentation for system configurations, access policies, and operational procedures; ensure traceability of changes and adherence to change management protocolsExposure to IT service management (ITSM) practices and tools such as Jira and BomgarAbility to interpret and implement security and compliance controls in partnership with cross-functional teamsQualifications:5+ years of relevant experience in infrastructure or systems engineering roles, ideally in financial services or investment management industryExpertise in Windows Server, Active Directory, DNS, DHCP, and Group PolicyProficient with Microsoft 365 administration, especially Exchange Online and SharePointStrong security mindset, attention to auditability, and experience delivering infrastructure solutions in a regulated industryExperience managing and deploying endpoints using Microsoft Intune and enforcing device complianceStrong PowerShell scripting and automation skills to support custom telemetry, log analysis, and data integrationExperience with Cisco Meraki (switching, firewalls, wireless) is strongly preferredFamiliarity with Azure networking concepts (NSGs, VNets, VPN Gateway, etc.)Sound understanding of enterprise networking and security concepts, including firewalls, VPNs, and identity governanceBachelor's degree in information technology, computer science, or a related field — or equivalent practical experience in a financial services environmentLocation:Applicants are expected to work onsite in our San Francisco office in accordance with our hybrid working policy.