Serve as a Tier 3/4 escalation point, responsible for triaging and resolving critical P1-P2 incidents.
Architect and manage cloud environments in AWS, including designing and implementing VPC, Security Groups, NACLs; configuring and optimizing EC2, RDS, NLB/ALB, and WAF; and hardening IAM policies.
Administer and secure Microsoft 365 environments, configure and maintain Conditional Access Policies, Autopilot, Defender for Endpoint, and device compliance rules in Intune/Entra ID.
Manage Exchange Online hygiene and security.
Configure and maintain a variety of networking equipment, including SonicWall, Fortinet, and Ubiquiti firewalls.
Implement and manage secure connectivity with WireGuard/S2S VPNs and VLANs.
Manage TLS/PKI lifecycles and implement email security protocols like SPF, DKIM, and DMARC.
Develop and maintain scripting baselines and fixes using PowerShell and Bash.
Keep SOPs, asset inventories, and configurations current and well-documented.
Lead and execute end-to-end projects from initial design and planning through implementation, cutover, and final documentation.

5-7+ years of experience in a Managed Service Provider (MSP) or multi-tenant environment, with sustained Tier 3/4 ownership.
Expert-level proficiency in at least three of the following domains: AWS networking and IAM
Microsoft Entra ID, Intune, and Autopilot
Windows Server and Active Directory
Firewalls and VPN technologies
Microsoft 365 and Exchange Online administration
Expert proficiency with PowerShell and a solid understanding of Bash scripting.
Familiarity with Git for version control is required.
Proven track record of delivering at least 3 end-to-end projects, with a focus on comprehensive design, implementation, and documentation.
Excellent written communication skills, including meticulous ticket hygiene, detailed change plans, and thorough Root Cause Analysis (RCA) reports.
Strong command of English language, TOEFL minimal score 100+.
Ability to match US Time (Eastern) Zone M-F

Managed Services Engineer

Key skills