Champlain is seeking an experienced IT Infrastructure and Security Engineer who is detail-oriented, proficient with technologies and hardware, and who flourishes in high-pressure environments. This is a key role at a lean, yet highly effective firm, as all business units rely heavily on an optimized and secure cloud-centric tech-stack, especially as the firm expands its Data Management platform. This role requires someone who is experienced at: managing and optimizing robust and reliable high-availability cloud-centric IT infrastructure solutions; development of testing methodologies; and who has a background in systems and infrastructure engineering. This individual should also have a strong proficiency with network security administration, tooling, and management/deployment of security solutions. This position reports directly to the Director of Technology and will be part of the IT Infrastructure and Operations Team.
Key responsibilities include:
- 40% System Administration
- Maintain, optimize, design and build essential high-availability IT infrastructure, local/cloud/hybrid-cloud
- Manage, monitor, and configure Azure infrastructure and systems, including vNets, Resource Groups, Network Security Groups, Backup and DR sets, Storage Accounts, Key Vaults, Data Factories, etc.
- Manage and build out Microsoft O365 application ecosystem such as Teams and SharePoint
- Assist and/or lead deployment of IT solutions in on-premises, hybrid, and cloud environments
- 40% Network and Security Administration
- Monitor, manage and triage SIEM or other EDR security tools and perform follow-up investigation and remediation activity
- Tune security tools used for monitoring and managing the firm’s various environments
- Participate in security incident investigations and respond to potential intrusions
- Assist and/or lead deployment of new security solutions and tools
- 20% IT Operations
- Create and maintain IT and IS Standard Operating Procedures
- Consult with IT Infrastructure and Operations Team to communicate security risks and analysis
- Serve as the subject matter expert and escalation point for infrastructure management and security incidents
- Serve as backup to internal and external support teams as needed to manage and triage IT incidents and on-call schedule
- Assist with vendor management as it relates to IT and IS solutions, especially Managed Service Providers
About the successful candidate:
The successful candidate will have good communication and collaboration skills; excellent analytical, problem-solving and time-management skills; and extensive knowledge of system and network administration of a multi-office Microsoft-based hybrid-cloud infrastructure environment. Ideal candidates will also have experience with various SIEM, EDR and Vulnerability Management tools.
The successful candidate will have the following experience, skills, and interests:
- Bachelor’s degree in computer science/engineering or related field
- At least 7 years hands-on IT experience including implementing and managing VMware virtualization, Windows systems administration, switchgear/firewall management, implementing and managing enterprise storage, AD management, file sharing and scripting, MSFT O365 and Azure infrastructure management (vNets, Resource Groups, Key Vaults, Storage Accounts, Azure AD, Conditional Access, Enterprise Applications, Exchange Online, etc.)
- Familiarity or understanding of security standards, access controls and compliance requirements based on industry standards and guidelines (ISO27001, NIST Cybersecurity Framework, PCI-DSS-DSS, FINRA, SEC, etc.)
- Experience with identity and account management (Okta, Azure or other SAML, Kerberos)
- Familiarity with security and hardware solutions from Duo, Nutanix, Zscaler, CrowdStrike and WinMagic SecureDoc
- Familiarity with Snowflake, FreshService (or other ITIL solutions), GitHub
- Experience with Rapid7, Nessus, or other vulnerability management and SIEM solutions
- Experience with Sophos and Cisco firewalls preferred
- Experience in provisioning solutions with appropriate levels of user enablement and access in cloud and hosted platforms
- Self-starter who offers suggestions and thrives on optimizing new processes
- The following qualifications are preferred, but not required:
- Advanced knowledge of areas listed above as well as Security, VoIP, VPN, VLAN, DNS, AD, GC
- Azure data platform: Data Factory, Data Lake, Data Bricks, Power BI, Power Automate
- Microsoft ecosystem: O365 apps, Teams, SharePoint Administration
- Certifications: Azure, Cisco, CompTIA, VMware, CISA
- Financial Services industry experience a plus
Champlain is committed to providing and preserving a work environment that promotes diversity and inclusion and is free from discrimination or harassment. Working with diverse teams help us become better humans, make better decisions, and execute on our mission to deliver exceptional investment results and develop enduring client relationships. We strive to build a firm culture that welcomes employees from a wide range of backgrounds, perspectives, and life experiences and fosters equitable opportunities for growth and success.
We recognize there are many opportunities to further this commitment to diversity and inclusion and, in that spirit, have undertaken numerous initiatives focused on various components of a more inclusive workplace, including firm-wide training on strategies for fostering inclusion, feedback and management training for multiple employee cohorts in leadership roles and unconscious bias training for all Partners, among others; the firm’s Sustainability and Culture & Development Committees also continue to look for additional ways to further this commitment.