Level 2 IT Support Engineer - MSP

As a Level 2 Engineer, you'll own complex tickets escalated from our Level 1 team, lead small- to mid-sized client projects, and serve as a technical point of contact for the clients you work with. You'll work from our San Diego office handling remote support and projects for clients, with onsite client visits as needed - sometimes independently for project work, sometimes alongside a senior engineer on larger engagements.

This is a hands-on production role with real autonomy. We're looking for someone who can take an escalation, own it from diagnosis to resolution, communicate clearly with the client throughout, and push documentation back into our systems when done. This is not a promotion role for someone still operating at the Level 1 tier - you should already be comfortable with server administration, firewall work, and leading project deliverables without step-by-step direction.

Responsibilities

· Own Level 2 escalations from the L1 team - diagnose, resolve, document, and communicate back to the client.

· Lead small- to mid-sized client projects: server deployments and migrations, M365 or Google Workspace tenant work, firewall refreshes, network upgrades, and backup implementations.

· Administer Windows Server environments (2016/2019/2022), Active Directory, Group Policy, and DNS/DHCP at production scale across multiple client tenants.

· Configure and troubleshoot firewalls - rules, site-to-site and client VPN, content filtering, and security policy work.

· Design and deploy network changes - VLANs, switch configuration, wireless controllers, and routing.

· Administer Microsoft 365 at the tenant level - Exchange Online, Entra ID, Intune/Autopilot, Conditional Access, and security/compliance baselines.

· Support and administer Google Workspace at the tenant level - Admin Console, Context-Aware Access, and security/compliance baselines.

· Configure, monitor, and test backups and disaster recovery for client environments.

· Serve as a client-facing technical contact - scope work, recommend solutions, and document decisions.

· Mentor Level 1 engineers through escalation handoffs, technical coaching, and knowledge transfer.

· Maintain accurate, useful documentation in our RMM/PSA - environments, runbooks, and client standards.

· Participate in platform evolution - help review, test, and roll out new RMM and PSA tooling alongside the team.

· Occasional voluntary after-hours or on-call work available; compensation discussed during interview.

Do you have experience in Wireless network configuration?, 4+ years of hands-on IT experience in an MSP or equivalent multi-client environment required. Academic, or home lab experience alone is not sufficient - MSP-scale work across many client environments is a different discipline.

· Demonstrated ownership of Level 2-tier work - escalations, projects, and client-facing technical decisions.

· Strong Windows Server administration (2016/2019/2022), Active Directory, Group Policy, DNS, and DHCP.

· Microsoft 365 administration at the tenant level - Exchange Online, Entra ID, and Intune basics.

· Google Workspace administration at the tenant level - Admin Console, user/group management, and security policies.

· Firewall configuration and troubleshooting on at least one major SMB/SME platform - rules, VPN, and policy.

· Solid networking - VLANs, routing, switching, wireless, and site-to-site plus client VPN.

· Working knowledge of virtualization (XCP-ng, Hyper-V, and/or VMware).

· Backup and disaster recovery experience - configuration, monitoring, and restore testing.

· Strong written documentation and clear client-facing communication.

· Ability to pass a full criminal and financial background check (required due to our client base in financial services, law enforcement, and regulated industries).

Preferred Skills

· Experience with ConnectWise Automate and ConnectWise Manage, or similar RMM/PSA tools (Datto RMM, NinjaOne, Kaseya, Syncro, Atera, HaloPSA).

· Experience with WatchGuard firewalls and the broader WatchGuard stack (EPDR, AuthPoint, ThreatSync, MDR), or similar SMB platforms (SonicWall, Fortinet, Meraki).

· Advanced Entra ID / Azure AD - Conditional Access, SSO, and identity governance.

· EDR/MDR platforms - SentinelOne, CrowdStrike, or similar.

· PowerShell scripting for automation, reporting, or bulk administration.

· 3CX or other hosted/on-prem VoIP platforms.

· Microsoft (AZ-104, MS-102), WatchGuard, Cisco, or CompTIA (Network+, Security+) certifications.

· Prior experience mentoring or technically coaching junior engineers.

Pulled from the full job description

• Professional development assistance
• 401(k)
• Health insurance
• 401(k) matching
• Paid time off
• Vision insurance
• Dental insurance, Role includes expanding scope over the first year - project leadership, named client technical ownership, and mentorship of Level 1 engineers.

For team members who demonstrate strong performance and ownership, we offer:

· Clear path from Level 2 * Level 3 * Senior / Lead roles.

· Time and support to study for in-house certifications across the key platforms we deploy - covering cybersecurity, networking, VoIP, and productivity tools.

· Performance-based bonuses for completing approved certifications.

· Expected completion of initial certifications within approximately 6 months.

Pay: From $31.00 per hour, * 401(k)

• 401(k) matching
• Dental insurance
• Health insurance
• Life insurance
• Paid time off
• Professional development assistance
• Vision insurance

We're a San Diego-based Managed Service Provider (MSP) supporting small and mid-sized businesses with their day-to-day IT, projects, and cybersecurity. Our team manages everything from desktop support to servers, networks, firewalls, and cloud services for clients in multiple states.