Sr. Infrastructure and Cloud Engineer

BSF runs a 24/7 production and cold-chain distribution operation across two organizations, 254 users, and 50+ servers. The Sr. Infrastructure and Cloud Engineer is one of two senior engineers who together own the full infrastructure stack: both seats carry equal responsibility, full cross-coverage of every system, and shared ownership of BSF's active migration from VMware vSphere/vSAN to Microsoft Azure.

The scope is both worlds. On-premises and Azure are not separate tracks here. You keep the current environment running while building the future one. When the migration is complete, this role co-owns BSF's Azure environment long-term alongside your peer engineer. The expectation is depth in both directions: the legacy environment well enough to migrate it safely, and the cloud platform well enough to run it properly.

You report to the Infrastructure Manager and work closely with the full infrastructure team and Data Engineering on shared platform dependencies. This is a building environment - the work is active, the scope is real, and the standard is high., * Administer BSF's Windows Server environment: Active Directory, Group Policy, DNS, DHCP, DFS, and file services across BSF Seafood and Tropic Seafood (TSF)

• Manage VMware vSphere and vSAN virtualization estate: VM provisioning, capacity planning, host maintenance, snapshots, and hypervisor health monitoring across 50+ virtual machines
• Administer enterprise backup infrastructure including Backup Exec and Synology NAS-based backup at 10Gbps: policy configuration, scheduled jobs, recovery testing, and DR validation
• Own Windows Server patching and update management enterprise-wide: patch lifecycle, scheduling, testing, and coordinated rollout using SCCM and ManageEngine
• Maintain and support AIX server environments at BSF Seafood and Tropic Seafood: availability, patching cadence, and operational continuity

Azure Cloud and Migration

• Co-own Azure tenant administration with your peer engineer: virtual machines, resource groups, storage accounts, Entra ID, and enterprise application administration
• Support BSF's active on-premises-to-Azure migration: server assessment, workload migration sequencing, and Azure landing zone build-out using Azure Migrate
• Contribute to Azure governance standards: Management Groups, Azure Policy, group-based RBAC via Entra ID security groups, mandatory tagging, and PIM for admin-tier access
• Administer Azure Backup and Azure Site Recovery: establish and maintain RTO/RPO targets, backup policies, and DR validation as on-premises workloads move to Azure
• Lead Reserved Instance optimization and FinOps governance when migration experience applies: cost dashboards, budget alerts, and monthly cost reviews
• Develop and maintain PowerShell, Azure CLI, and Infrastructure as Code automation for repeatable, version-controlled deployments

Network and Security

• Support network operations alongside the Infrastructure Manager: Layer 3 switching, VLAN management, and troubleshooting across BSF's multi-site LAN/WAN environment
• Administer Zscaler ZPA and FortiGate firewall operations: firewall rule management, VPN configurations, and zero trust access policy enforcement
• Support Ruckus Cloudpath 802.1X port security administration: certificate-based authentication enforcement across wired and wireless infrastructure
• Manage endpoint security and compliance via Microsoft Intune and Defender for Endpoint: device enrollment, compliance policies, and security posture monitoring across Windows and macOS fleets

Collaboration and Documentation

• Operate as a true peer to the other Sr. Infrastructure and Cloud Engineer: cross-cover all infrastructure responsibilities so neither engineer is a single point of failure
• Serve as the primary technical resource for infrastructure project execution: system upgrades, migrations, platform rollouts, and technology transitions assigned by the Infrastructure Manager
• Provide Level 3 advanced technical support for infrastructure-related escalations from the Service Desk team
• Maintain accurate, current infrastructure documentation: network diagrams, server inventories, runbooks, Azure architecture records, and operational procedures that someone else can use without a hand-off from you

Do you have experience in Shell Scripting?, * 5 or more years of hands-on enterprise IT infrastructure experience with demonstrated ownership of both on-premises and cloud environments

• Strong Windows Server administration: Active Directory, Group Policy, DNS, DHCP, DFS, and file services in a multi-site environment
• Hands-on VMware vSphere/vSAN experience: VM administration, host management, and virtualization platform operations
• Working Azure experience: virtual machines, Entra ID, Azure networking (VNet, NSG, DNS), and Azure Backup
• Experience with Microsoft 365 administration: Exchange Online, Teams, OneDrive, and Entra ID user management
• Proficiency in PowerShell scripting for infrastructure automation, bulk administration, and operational tasks
• Experience with enterprise backup platforms: Backup Exec, Veeam, Azure Backup, or equivalent
• Solid troubleshooting skills across the full stack: servers, virtualization, networking, endpoints, and cloud
• AZ-104 Microsoft Azure Administrator Associate (active or in progress) is a meaningful plus
• Experience with on-premises-to-Azure migration tooling (Azure Migrate, Azure Site Recovery, landing zone design) is a meaningful plus
• VMware VCP, SCCM, or ManageEngine endpoint management experience is a meaningful plus
• Experience in food distribution, cold chain, manufacturing, or logistics IT environments is a meaningful plus

We are a team that turns the business's toughest problems into technology that actually works. That requires more than technical skill: it requires showing up the right way every day.

• Flexibility: You adapt when priorities shift, when systems behave unexpectedly, and when the business needs something it didn't know how to ask for. Change is part of the job, not an interruption to it.
• Integrity: You do the right thing when no one is watching, in your documentation, your work, and how you treat the people you support.
• Spirit of Curiosity: You ask questions before you assume, explore ideas before you settle, and look for a better way even when the current way works fine.
• Helping Each Other: You don't solve problems alone and hoard the answer. You share what you know, support your teammates, and remember that IT wins as a team or not at all.

WHAT THIS ROLE REQUIRES

• You own both environments simultaneously: the on-premises systems that run the business today and the Azure platform that will run it tomorrow cannot both be someone else's problem
• You document as you go: infrastructure that only you understand is a liability, not an asset
• You cross-cover your peer fully: if your teammate is out, the business should not feel it
• You communicate clearly about risks before they become incidents: the Infrastructure Manager and CIO should hear about problems from you, not from an outage notification
• You finish the migration with integrity: a workload that looks migrated but isn't fully validated is worse than one still on-prem
• You treat an after-hours maintenance window as a commitment, not a suggestion

Pay: $110,000.00 - $115,000.00 per year