About the Role
We are seeking a Senior Wintel Infrastructure Engineer to join a high-performing Network and Server Infrastructure team. This is a critical technical role responsible for the design, implementation, and ongoing management of enterprise Microsoft environments across a hybrid infrastructure.
You will play a key role in delivering a major cybersecurity uplift program, ensuring secure, scalable, and compliant Windows-based platforms across both on-premises and Microsoft Azure environments.
Team & Environment
You will be part of a collaborative Infrastructure team consisting of:
- Infrastructure Manager
- Infrastructure Team Lead
- Server & Network Engineers
- System & Network Administrators
- Cloud Engineers
You will report to the Infrastructure Team Lead and work closely with:
- Cyber Uplift Project Team
- System Integration Vendors
- Cyber Implementation Lead
We're looking for a proactive team player who takes ownership and can effectively self-manage their workload.
Key Responsibilities
Infrastructure Engineering
- Design, deploy, and maintain enterprise-grade Wintel environments
- Administer Microsoft Active Directory (AD) and Microsoft Entra ID
- Develop and manage Group Policy Objects (GPOs)
- Support hybrid cloud environments (on-premises & Azure)
- Ensure system performance, availability, and patch compliance
Cybersecurity Uplift (Core Focus)
- Implement and manage Multi-Factor Authentication (MFA)
- Deliver passwordless and phishing-resistant authentication solutions
- Apply system hardening standards across endpoints
- Maintain role-based security groups aligned to least privilege principles
- Develop secure and compliant GPO structures
Endpoint Management
- Administer Microsoft SCCM (Endpoint Configuration Manager)
- Deploy applications, task sequences, and updates
- Manage endpoint compliance, patching, and lifecycle
- Administer Microsoft Intune and enforce compliance policies
Automation & Scripting
- Develop and maintain PowerShell scripts
- Automate operational and security tasks
- Maintain script repositories with version control
- Support Infrastructure-as-Code (IaC) practices
Security, Encryption & PKI
- Configure TLS and secure communication protocols
- Harden systems by disabling insecure ciphers and protocols
- Design and manage Public Key Infrastructure (PKI)
- Manage certificates for systems, applications, and users
- Ensure secure key management practices
Operational Excellence
- Provide Level 3 support across infrastructure and security services
- Troubleshoot across hybrid environments
- Produce and maintain technical documentation (runbooks, MOPs, as-builts)
- Collaborate with cross-functional teams to improve services
Desirable Experience
- Application Control solutions (e.g. Airlock Digital)
- Microsoft Defender suite (Endpoint, Identity, Office 365)
- Azure Conditional Access policies
- Privileged Access Management (PAM)
- Microsoft Privileged Identity Management (PIM)
- Office macro security controls and signing
Working Arrangements
- Hybrid model - minimum 2 days onsite
- After-hours and weekend work required for upgrades and deployments
Why Apply?
- Work on a large-scale cybersecurity transformation program
- Exposure to modern Microsoft cloud and security technologies
- Collaborative, high-performing infrastructure team
- Opportunity to influence enterprise-wide platform and security design
