Senior Network & Cloud Infrastructure Administrator - ZipRecruiter : Job Details

Job DescriptionJob DescriptionJob Title: Senior Network & Cloud Infrastructure AdministratorLocation: FMReps, 40701 Woodward Ave., Suite 300, Bloomfield Hills, MI 48304.Job Type: Full-Time | ExemptDepartment: Information Technology / Software DevelopmentReports To: COO/IT DirectorMetro Detroit area candidates only. No third party recruitersPosition Summary:We're seeking a highly skilled and security-conscious Senior Network & Cloud Infrastructure Administrator to take ownership of our evolving IT landscape. In this strategic and hands-on role , you'll design, maintain, and secure the technology backbone that powers our operations — directly impacting business continuity, data protection, workforce productivity, and long-term scalability.You'll architect and optimize robust LAN/WAN, SD-WAN, VPN, and Wi-Fi environments while leading our shift toward scalable, secure cloud infrastructure in Azure and AWS. Your work will span advanced on-prem networking — from VLAN segmentation to global site-to-site VPNs — as well as modern cloud architectures using VNets, VPCs, transit gateways, and private endpoints. You'll ensure secure, resilient connectivity through solutions like ExpressRoute, Direct Connect, and hybrid load balancing.Security and compliance will be foundational to your approach: you'll enforce Zero Trust models, manage hybrid (Active Directory, Entra ID/Azure AD, IAM), administer MFA, RBAC, and integrate SIEM platforms such as Microsoft Sentinel and Splunk. You'll champion automation through Infrastructure-as-Code (Terraform, Bicep, PowerShell) and collaborate with DevOps teams to embed infrastructure and security directly into CI/CD pipelines.This is a unique opportunity to lead, standardize, and modernize infrastructure across cloud, hybrid, and on-prem environments , while also shaping internal IT policies and working cross-functionally with DevOps, Call Centers, 3rd-party service providers, and end-user teams. If you thrive balancing complex networking with cloud-first strategies, and you're driven by improving availability, security, and well-documented operations, we'd like to talk.Network & Infrastructure Management• Architect, deploy, and maintain secure, scalable LAN/WAN/Wi-Fi/SD-WAN/VPN systems across on-premises and hybrid environments.• Configure and manage firewalls, routers, switches, wireless controllers, and load balancers (e.g., SonicWall, Fortinet, Cisco, Meraki, pfSense).• Optimize and troubleshoot protocols including BGP, OSPF, NAT, DNS, DHCP, VLANs, and QoS for high availability and performance.• Monitor uptime and availability using tools such as PRTG, SolarWinds, Uptime Robot, and integrate cloud- monitoring (Azure Monitor, AWS CloudWatch).• Administer VoIP systems, manage call flows, and maintain network-level QoS for voice/video services (e.g., FreePBX).Cloud & Endpoint Operations• Design and manage secure, high-performance cloud networking and hybrid integrations (Azure VNets, ExpressRoute, VPN Gateways, Private Links, AWS VPCs, Transit Gateways, Load Balancers, Azure Front Door).• Implement cost estimates, budgets, and ongoing cloud spend management across Azure, AWS, and GCP; support FinOps initiatives to optimize consumption.• Build and enforce cloud architectures following Azure & AWS Cloud Adoption Frameworks (CAF), including governance and landing zones.• Automate deployments and enforce configuration consistency using Infrastructure-as-Code (Terraform, Bicep, ARM templates, CloudFormation), and integrate with CI/CD.• Configure endpoint security and MDM tools (Intune, JAMF, SCCM), enforce patching and compliance, and secure remote device access.• Integrate and manage SaaS environments (Microsoft 365, Google Workspace) with enterprise solutions, SSO, and compliance requirements.Security, , & Compliance• Conduct regular security reviews, vulnerability scans, and partner on penetration testing efforts (using Microsoft Defender for Cloud, Nessus, Atera, etc.).• Administer & access controls across hybrid environments: Active Directory, Entra ID (Azure AD), LDAP, IAM, RBAC, MFA, and conditional access.• Manage password vaults and secrets management platforms (Hudu, Bitwarden, CyberArk, HashiCorp Vault).• Oversee SSL/TLS certificate lifecycles, implement DNS security (SPF, DKIM, DMARC), and manage secure domain configurations.• Maintain SIEM integrations (Splunk, Sentinel), support log review, and contribute to incident response & forensic investigations.• Document and uphold compliance with frameworks like SOC 2, HIPAA, ISO 27001, NIST, and PCI-DSS.Business Continuity & Documentation• Design and routinely test disaster recovery and business continuity plans, including hybrid/offsite/cloud backups (Acronis, Veeam, Rubrik, Azure Backup).• Maintain detailed infrastructure diagrams, SOPs, runbooks, asset inventories, change logs, and incident response processes.• Create user onboarding guides and internal IT documentation to streamline training and knowledge sharing.• Oversee physical server room infrastructure: UPS systems, HVAC/environmental monitoring, structured cabling, and rack management.Governance, Vendors & Cross-Team Support• Develop, enforce, and regularly update IT policies (acceptable use, encryption, mobile device, remote access, credential standards).• Lead strategic projects: infrastructure upgrades, new site launches, Wi-Fi redesigns, telephony migrations, and cloud transformations.• Manage relationships with third-party vendors, ISPs, cloud providers, and support partners, including negotiating SLAs and renewals.• Collaborate with DevOps teams to integrate infrastructure, security, and networking into CI/CD workflows; support automation pipelines with Infrastructure-as-Code (Terraform, Bicep, Ansible, PowerShell).• Track software/cloud licensing, renewals, and IT asset lifecycle in a CMDB or equivalent asset platform.Technical Expertise• Networking & Connectivity: Advanced knowledge of TCP/IP, subnetting, BGP, OSPF, NAT, DHCP, DNS, VLANs, VRF, multicast; configuring and troubleshooting firewalls, routers, switches, wireless controllers, load balancers; SD-WAN, global VPNs, QoS for VoIP/video.• Cloud Infrastructure & Hybrid Networking: Azure networking (VNets, NSGs, App Gateways, ExpressRoute, Private Link, Bastion), AWS VPCs, Route 53, Transit Gateway, Direct Connect, NAT, ALBs/ELBs; designing secure hybrid models and leveraging Azure Front Door, CDN, WAF.• Security & : IAM, RBAC, PIM, MFA, conditional access; SSL/TLS, DNS security (DNSSEC, SPF, DKIM, DMARC); vulnerability scanning, patch compliance, EDR, SIEM (Sentinel, Splunk).• Systems & Endpoint Management: Windows Server (AD, GPO, DFS, DHCP, DNS), Linux (Ubuntu, CentOS), Intune, JAMF, SCCM, remote access/secure desktop support.• Automation & DevOps Integration: PowerShell, Python, Bash; IaC (Terraform, Bicep, ARM, CloudFormation); CI/CD integration.• Monitoring & Observability: PRTG, SolarWinds, Nagios, Azure Monitor, AWS CloudWatch; log aggregation and alerting tied to SIEM/SOAR.• DR & Business Continuity: Backups, replication, geo-redundancy, recovery tests with Acronis, Veeam, Rubrik, Azure .• Documentation & Tooling: Confluence, Hudu, IT Glue; diagramming with Visio/Lucidchart.Education & Experience• Bachelor's degree in computer science, IT, or related field—or equivalent practical experience.• 5–10 years in progressive network/system roles with at least 2–3 years in a senior or team lead capacity.Certifications ()• Core Cloud Certifications: Azure Administrator, Azure Solutions Architect, Security Ops Analyst, & Access Admin; AWS Solutions Architect; GCP Professional Cloud Architect.• Core Security Certifications: CISSP, CISM, CEH.• Core Networking & Infrastructure Certifications: CCNA, CCNP, CompTIA Network+, Security+, Windows Server Hybrid Admin, Modern Desktop Admin.• Desirable Additional Certifications: Terraform, Zero Trust, DevSecOps, Sentinel/Splunk, Fortinet NSE, Palo Alto PCNSE, SonicWall CSSP.Soft Skills• Excellent troubleshooting, communication, and project management skills.• Ability to translate complex technical details for non-technical stakeholders.• Strong documentation habits, accountability, and attention to detail.• Ability to balance daily operational needs with strategic improvements.• Driven by innovation and continuous learning#J-18808-Ljbffr