{"schemaVersion":"jobsearcher.job.v1","id":"d00cf2e036b498b6ee180e2b","url":"https://jobsearcher.com/jobs/d00cf2e036b498b6ee180e2b","canonicalUrl":"https://jobsearcher.com/jobs/d00cf2e036b498b6ee180e2b","title":"Infrastructure & Security Engineer","description":"On-site travel required for project deployments\r\nPacific or Mountain time zone required\r\nReports to Technical Operations Manager\r\nAbout the Role\r\nPacket6 is looking for a skilled Infrastructure & Security Engineer to take ownership of enterprise-grade infrastructure and security initiatives for our client with sites across the West Coast and Hawaii. This is a technically deep role requiring hands-on expertise in cybersecurity, identity and access management, infrastructure monitoring and systems management, and security management.\r\nYou will report to the Technical Operations Manager and collaborate closely with the broader Packet6 engineering team, the CISO, and client. The role is hybrid, based on the Pacific or Mountain time zone, with on-site travel to client sites as projects require. You'll be driving infrastructure and security projects from design through implementation — not just executing projects, but shaping how systems are built and secured. This role includes on-call rotation for critical systems support.\r\nThis is an excellent opportunity for an experienced engineer who wants ownership of meaningful projects, enjoys working across a diverse technology stack, and thrives in a lean, trust-based environment where good work speaks for itself.\r\nDay-to-Day Responsibilities\r\nLead and execute Okta deployment as the central Identity Provider (IdP), integrating with downstream applications and enforcing phishing-resistant authentication\r\nDeploy and manage Zero Trust Network Access (ZTNA) and SASE solutions, including GlobalProtect VPN and related access control frameworks\r\nConduct Google Groups and permissions audits, establishing least-privilege access policies across Google Workspace\r\nManage endpoint security platforms including CrowdStrike — redeployment, policy tuning, and ongoing monitoring\r\nEvaluate, deploy, and manage a SIEM solution for centralized logging and security visibility across all network devices and applications\r\nDeploy and maintain enterprise network infrastructure across multi-site environments including firewalls, switches, access points, and WAN connectivity\r\nMonitor and respond to security events and alerts across endpoint, network, and identity systems\r\nManage Okta policies, user lifecycle, group policies, and access reviews\r\nMonitor Okta for suspicious login activity, MFA anomalies, and indicators of account compromise\r\nPerform regular vulnerability scans and remediate findings in collaboration with the vCISO\r\nPerform ISP and backup connectivity deployments including Starlink rollouts across all sites\r\nManage IT asset inventory and IP address management (IPAM) in NetBox, ensuring accuracy across all sites\r\nLead and participate in change management activities, coordinating maintenance windows and communicating impact to stakeholders and principals\r\nParticipate in firewall upgrades and replacement projects with the Jr. Network Engineer (e.g., Palo Alto Networks, Meraki, or Ubiquiti) including policy review, migration planning, and cutover execution\r\nAssist with configuration and management of site-to-site VPNs with BGP for ISP redundancy and dynamic failover across dual-WAN sites\r\nSupport network camera systems — evaluating vendors, managing migrations, cross-team collaboration, and ensuring systems meet access and retention requirements\r\nMaintain IT SOPs, network & system diagrams, and technical documentation in Confluence\r\nDrive automation initiatives to reduce manual repetitive tasks and improve consistency across environments\r\nActive Projects You'll Inherit and Drive\r\nFrom day one, you will step into a portfolio of active infrastructure and security initiatives.\r\nCurrent projects include\r\nSecurity & Access Control\r\nCrowdStrike deployment and policy tuning\r\nOkta deployment as central Identity Provider\r\nGoogle Workspace Enterprise upgrade (DLP, attachment protection, link scanning, external sender banner)\r\nOngoing CISO-aligned cybersecurity task execution\r\nZero Trust Network Access (ZTNA) architecture and rollout\r\nGlobalProtect VPN Rollout\r\nSASE VPN implementation\r\nSIEM solution evaluation and deployment\r\nNAC evaluation and deployment\r\nUpgrade Windows servers OS\r\nOperations & Compliance\r\nIT inventory and IPAM audit using NetBox\r\nGoogle Groups and permissions audit\r\nIT SOP documentation\r\nNetwork Infrastructure\r\nBackup ISP deployment across all sites\r\nFirewall upgrades at multiple sites\r\nSite-to-site VPN with BGP for dual-ISP sites\r\nTools You Will Use\r\nIdentity & Access: Okta, Google Workspace Admin, Microsoft 365\r\nAutomation: Scripting tools (Bash, Python), APIs for platform integration\r\nTicketing & Documentation: Jira, Confluence\r\nRequired Qualifications\r\n3+ years of hands-on experience in security engineering, infrastructure, and/or network administration\r\nExperience deploying or administering an Identity Provider such as Okta, Azure AD, or Ping Identity\r\nFamiliarity with Zero Trust principles and SASE/ZTNA architecture\r\nWorking knowledge of endpoint security platforms (CrowdStrike or equivalent)\r\nDeep experience designing and managing enterprise firewall environments (Palo Alto, Juniper, or equivalent)\r\nProficiency with BGP, VPN technologies (site-to-site, remote access), and WAN redundancy architectures\r\nExperience with wireless infrastructure — design, deployment, and management (Juniper Mist, Meraki, or UniFi)\r\nStrong documentation habits — you write clear playbooks, diagrams, and SOPs\r\nAbility to manage multiple simultaneous projects with competing priorities\r\nComfortable working in a hybrid remote model with occasional travel to client sites\r\nValid driver's license and ability to travel to West Coast and Hawaii sites as needed\r\nPreferred Qualifications\r\nExperience in a Managed Service Provider (MSP) or managed security environment\r\nExperience managing Google Workspace at an enterprise level (DLP, security controls, Admin SDK)\r\nFamiliarity with SIEM platforms (e.g., Splunk or similar)\r\nHands-on experience with Juniper Mist and/or Mist Access Assurance\r\nProficiency with NetBox or another IPAM/DCIM platform\r\nScripting or automation skills (Bash, Python, or PowerShell) for infrastructure tasks\r\nExperience with physical IT tasks in multi-site environments (rack and stack, cabling, hardware staging)\r\nWhat Success Looks Like\r\nIn your first 90 days, you have a clear handle on the active project portfolio, understand the current state of infrastructure across all sites, and have begun moving key initiatives forward. The Okta deployment roadmap is defined. Firewall upgrades are scoped and scheduled. Documentation gaps are identified and being addressed. You're a trusted voice in architecture decisions, and the team knows they can hand you a complex problem and you'll come back with a plan.\r\nAt six months, you've delivered multiple projects end-to-end: CrowdStrike is cleanly deployed across endpoints, VPN configurations are live, and the SIEM is ingesting logs. Security posture has measurably improved. You're not just completing tasks — you're anticipating what comes next and helping shape the roadmap.\r\nWorking at Packet6\r\nWe're a small, tight-knit team and we like it that way. No corporate fluff, no endless approval chains. Just a group of people who genuinely love technology and take pride in doing the work right.\r\nOur team is distributed, so we stay connected through clear communication and a whole lot of trust. You won't have someone breathing down your neck — but you will have a crew that's got your back when things get weird (and in infrastructure and security, things sometimes get weird).\r\nAs an Infrastructure & Security Engineer at Packet6, you'll have real ownership of real systems. Bring your experience, bring your opinions, and bring your drive — because we're building something here and we want people who are excited to be part of it.\r\nIf you think infrastructure work is just keeping the lights on, this probably isn't the right fit. But if you care deeply about how systems are built, get fired up about security done right, and want to work alongside people who share that energy — let's talk.\r\nJ-18808-Ljbffr","company":"Packet6","rawCompany":"packet6","city":"California","state":"MO","isRemote":false,"isActive":false,"createdAt":"2026-04-09T09:12:46.655Z","occupations":[{"code":"15-1244.00","title":"Network and Computer Systems Administrators","slug":"network-and-computer-systems-administrators"},{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"},{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541513","title":"Computer Facilities Management Services","slug":"computer-facilities-management-services"},{"code":"541519","title":"Other Computer Related Services","slug":"other-computer-related-services"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Infrastructure & Security Engineer","description":"On-site travel required for project deployments\r\nPacific or Mountain time zone required\r\nReports to Technical Operations Manager\r\nAbout the Role\r\nPacket6 is looking for a skilled Infrastructure & Security Engineer to take ownership of enterprise-grade infrastructure and security initiatives for our client with sites across the West Coast and Hawaii. This is a technically deep role requiring hands-on expertise in cybersecurity, identity and access management, infrastructure monitoring and systems management, and security management.\r\nYou will report to the Technical Operations Manager and collaborate closely with the broader Packet6 engineering team, the CISO, and client. The role is hybrid, based on the Pacific or Mountain time zone, with on-site travel to client sites as projects require. You'll be driving infrastructure and security projects from design through implementation — not just executing projects, but shaping how systems are built and secured. This role includes on-call rotation for critical systems support.\r\nThis is an excellent opportunity for an experienced engineer who wants ownership of meaningful projects, enjoys working across a diverse technology stack, and thrives in a lean, trust-based environment where good work speaks for itself.\r\nDay-to-Day Responsibilities\r\nLead and execute Okta deployment as the central Identity Provider (IdP), integrating with downstream applications and enforcing phishing-resistant authentication\r\nDeploy and manage Zero Trust Network Access (ZTNA) and SASE solutions, including GlobalProtect VPN and related access control frameworks\r\nConduct Google Groups and permissions audits, establishing least-privilege access policies across Google Workspace\r\nManage endpoint security platforms including CrowdStrike — redeployment, policy tuning, and ongoing monitoring\r\nEvaluate, deploy, and manage a SIEM solution for centralized logging and security visibility across all network devices and applications\r\nDeploy and maintain enterprise network infrastructure across multi-site environments including firewalls, switches, access points, and WAN connectivity\r\nMonitor and respond to security events and alerts across endpoint, network, and identity systems\r\nManage Okta policies, user lifecycle, group policies, and access reviews\r\nMonitor Okta for suspicious login activity, MFA anomalies, and indicators of account compromise\r\nPerform regular vulnerability scans and remediate findings in collaboration with the vCISO\r\nPerform ISP and backup connectivity deployments including Starlink rollouts across all sites\r\nManage IT asset inventory and IP address management (IPAM) in NetBox, ensuring accuracy across all sites\r\nLead and participate in change management activities, coordinating maintenance windows and communicating impact to stakeholders and principals\r\nParticipate in firewall upgrades and replacement projects with the Jr. Network Engineer (e.g., Palo Alto Networks, Meraki, or Ubiquiti) including policy review, migration planning, and cutover execution\r\nAssist with configuration and management of site-to-site VPNs with BGP for ISP redundancy and dynamic failover across dual-WAN sites\r\nSupport network camera systems — evaluating vendors, managing migrations, cross-team collaboration, and ensuring systems meet access and retention requirements\r\nMaintain IT SOPs, network & system diagrams, and technical documentation in Confluence\r\nDrive automation initiatives to reduce manual repetitive tasks and improve consistency across environments\r\nActive Projects You'll Inherit and Drive\r\nFrom day one, you will step into a portfolio of active infrastructure and security initiatives.\r\nCurrent projects include\r\nSecurity & Access Control\r\nCrowdStrike deployment and policy tuning\r\nOkta deployment as central Identity Provider\r\nGoogle Workspace Enterprise upgrade (DLP, attachment protection, link scanning, external sender banner)\r\nOngoing CISO-aligned cybersecurity task execution\r\nZero Trust Network Access (ZTNA) architecture and rollout\r\nGlobalProtect VPN Rollout\r\nSASE VPN implementation\r\nSIEM solution evaluation and deployment\r\nNAC evaluation and deployment\r\nUpgrade Windows servers OS\r\nOperations & Compliance\r\nIT inventory and IPAM audit using NetBox\r\nGoogle Groups and permissions audit\r\nIT SOP documentation\r\nNetwork Infrastructure\r\nBackup ISP deployment across all sites\r\nFirewall upgrades at multiple sites\r\nSite-to-site VPN with BGP for dual-ISP sites\r\nTools You Will Use\r\nIdentity & Access: Okta, Google Workspace Admin, Microsoft 365\r\nAutomation: Scripting tools (Bash, Python), APIs for platform integration\r\nTicketing & Documentation: Jira, Confluence\r\nRequired Qualifications\r\n3+ years of hands-on experience in security engineering, infrastructure, and/or network administration\r\nExperience deploying or administering an Identity Provider such as Okta, Azure AD, or Ping Identity\r\nFamiliarity with Zero Trust principles and SASE/ZTNA architecture\r\nWorking knowledge of endpoint security platforms (CrowdStrike or equivalent)\r\nDeep experience designing and managing enterprise firewall environments (Palo Alto, Juniper, or equivalent)\r\nProficiency with BGP, VPN technologies (site-to-site, remote access), and WAN redundancy architectures\r\nExperience with wireless infrastructure — design, deployment, and management (Juniper Mist, Meraki, or UniFi)\r\nStrong documentation habits — you write clear playbooks, diagrams, and SOPs\r\nAbility to manage multiple simultaneous projects with competing priorities\r\nComfortable working in a hybrid remote model with occasional travel to client sites\r\nValid driver's license and ability to travel to West Coast and Hawaii sites as needed\r\nPreferred Qualifications\r\nExperience in a Managed Service Provider (MSP) or managed security environment\r\nExperience managing Google Workspace at an enterprise level (DLP, security controls, Admin SDK)\r\nFamiliarity with SIEM platforms (e.g., Splunk or similar)\r\nHands-on experience with Juniper Mist and/or Mist Access Assurance\r\nProficiency with NetBox or another IPAM/DCIM platform\r\nScripting or automation skills (Bash, Python, or PowerShell) for infrastructure tasks\r\nExperience with physical IT tasks in multi-site environments (rack and stack, cabling, hardware staging)\r\nWhat Success Looks Like\r\nIn your first 90 days, you have a clear handle on the active project portfolio, understand the current state of infrastructure across all sites, and have begun moving key initiatives forward. The Okta deployment roadmap is defined. Firewall upgrades are scoped and scheduled. Documentation gaps are identified and being addressed. You're a trusted voice in architecture decisions, and the team knows they can hand you a complex problem and you'll come back with a plan.\r\nAt six months, you've delivered multiple projects end-to-end: CrowdStrike is cleanly deployed across endpoints, VPN configurations are live, and the SIEM is ingesting logs. Security posture has measurably improved. You're not just completing tasks — you're anticipating what comes next and helping shape the roadmap.\r\nWorking at Packet6\r\nWe're a small, tight-knit team and we like it that way. No corporate fluff, no endless approval chains. Just a group of people who genuinely love technology and take pride in doing the work right.\r\nOur team is distributed, so we stay connected through clear communication and a whole lot of trust. You won't have someone breathing down your neck — but you will have a crew that's got your back when things get weird (and in infrastructure and security, things sometimes get weird).\r\nAs an Infrastructure & Security Engineer at Packet6, you'll have real ownership of real systems. Bring your experience, bring your opinions, and bring your drive — because we're building something here and we want people who are excited to be part of it.\r\nIf you think infrastructure work is just keeping the lights on, this probably isn't the right fit. But if you care deeply about how systems are built, get fired up about security done right, and want to work alongside people who share that energy — let's talk.\r\nJ-18808-Ljbffr","datePosted":"2026-04-09T09:12:46.655Z","dateModified":"2026-04-09T09:12:46.655Z","hiringOrganization":{"@type":"Organization","name":"Packet6","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"California","addressRegion":"MO","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"d00cf2e036b498b6ee180e2b"},"url":"https://jobsearcher.com/jobs/d00cf2e036b498b6ee180e2b"}}