Senior Infrastructure Engineer

Senior Infrastructure Engineer

MSP4, LLC  |  Full-Time  |  Remote  |  Up to 25% Travel

About the Role

MSP4 operates as the embedded IT department for a portfolio of clients spanning professional services, legal, distribution, manufacturing, and government sectors. Environments range from 50 to 1,500 users and carry real compliance weight: CMMC L2, NIST 800-171, and SOC 2 are active requirements across this client base.

This role owns infrastructure delivery across that portfolio. You design, implement, and support on-premises and hybrid cloud environments: bare metal, virtualization, SAN and HCI storage, backup and recovery, and hardened Windows Server configurations. Cloud work spans AWS, Azure Commercial, and Azure Government. Design authority sits with our Principal Solutions Architect. The expectation is clean execution, thorough documentation, and the judgment to improve what exists rather than rebuild it.

Remote. Travel up to 25% for major client project deployments. Day-to-day work is executed remotely.

What You Will Do

• Deploy and maintain Windows Server environments on bare metal and virtualized platforms: VMware vSphere, Microsoft Hyper-V, and Proxmox
• Design and implement SAN and HCI solutions (NetApp, Pure Storage, Nutanix, VMware vSAN) and manage Mellanox/RDMA high-speed fabric infrastructure
• Architect and operate hybrid cloud environments across AWS, Azure Commercial, and Azure Government, covering IaaS, identity, and landing zone configurations
• Own Veeam-based backup and disaster recovery implementations: design, deployment, testing, and documentation
• Apply STIG hardening and NIST 800-171 controls across Windows Server environments in support of CMMC L2 and SOC 2 compliance requirements
• Support the infrastructure layer for enterprise business applications across the client base, including legal practice management (TR Prolaw), petroleum distribution (iRely), manufacturing ERP platforms (Epicor, Infor SyteLine), and accounting and operations platforms (Sage 100, Sage 300). Windows Server, SQL Server, storage performance, and connectivity are your domain. The application runs on what you build and maintain.
• Own the SQL Server platform layer for client ERP and line-of-business applications. Scope includes installation, licensing, patching and version upgrades, Always On Availability Groups or failover cluster instances, application-consistent backup coordination with Veeam, storage layout for tempdb and data and log files, and baseline instance configuration. DBA-level query tuning, indexing strategy, and application-side schema work sit with client DBAs or application vendors. The instance and the infrastructure underneath it are yours.
• Support the infrastructure layer for Citrix Virtual Apps and Desktops deployments: VDA compute and storage provisioning, machine catalog management, hypervisor integration, and NetScaler gateway configuration. Dedicated Citrix specialists on the team own application delivery and session configuration; your ownership is the layer underneath.
• Produce documentation that meets audit standards and enables other engineers to maintain what you build
• Travel to client sites up to 25% for major project-based deployments

What You Bring

• 6 or more years of infrastructure engineering experience in production environments across professional services, manufacturing, distribution, legal, or government sectors
• US person status and US-based work location. You must be based in the United States and qualify as a US person (US citizen, US national, lawful permanent resident, or protected individual under US law). This role's access to Controlled Unclassified Information (CUI) and export-controlled systems is restricted under CMMC L2 and US export control regulations.
• Deep Windows Server expertise: Active Directory, DNS, DHCP, Group Policy, PKI, and server lifecycle management. Operational depth, not surface familiarity.
• Operational SQL Server depth: installation, patching, licensing model (core vs. CAL), Always On Availability Groups or Failover Cluster Instances, application-consistent backup coordination with Veeam, tempdb sizing, memory configuration, and storage layout for OLTP workloads. Platform-level ownership of the instance and the environment it runs in, without crossing into DBA-level query optimization or indexing strategy.
• Hands-on virtualization experience across at least two platforms (VMware vSphere, Hyper-V, or Proxmox), including vMotion, HA, and DRS configuration
• Working knowledge of SAN and HCI storage: NetApp ONTAP, Pure Storage, Nutanix AHV, or VMware vSAN
• AWS and Azure deployment experience covering IaaS, Entra ID (formerly Azure AD), ExpressRoute/VPN connectivity, and hybrid identity
• Veeam Backup & Replication design and administration experience
• Familiarity with STIG application, NIST 800-171 controls, and CMMC compliance requirements
• Ability to read and apply documentation, runbooks, and standards established by others without requiring constant design input
• Working familiarity with Citrix Virtual Apps and Desktops at the infrastructure layer: VDA provisioning, machine catalog design, storage sizing for VDI workloads, and NetScaler at a working level. Application delivery configuration sits with dedicated specialists; you need enough Citrix context to support them without creating hand-off gaps.
• Ability to produce clear technical documentation: runbooks, build guides, change records, and audit-ready configuration documentation that another engineer can follow without asking you questions
• Relevant certifications are a plus, not a requirement. Useful credentials include Microsoft Azure Administrator Associate (AZ-104), Windows Server Hybrid Administrator Associate (AZ-800/AZ-801), Azure Solutions Architect Expert (AZ-305), VMware VCP, and AWS Solutions Architect Associate.
• Prior experience in a multi-client service delivery environment is an advantage. Comfort adapting to established standards across varied client environments matters here.

How We Work

MSP4 does not operate like a traditional IT department or a ticket-centric help desk. We function as embedded IT leadership for our clients, accountable to their outcomes.

Our Principal Solutions Architect owns the design framework. Engineers at every level, including senior, execute within that framework. The tier structure keeps a multi-client portfolio consistent and audit-ready. Candidates who need design authority to feel effective should pass on this role. Candidates who find satisfaction in high-quality execution and in earning client trust through reliability will do well here.

We are building the operating model in real time. Some processes are documented; others are being written as we go. Senior engineers help shape what does not yet exist while executing reliably within what does.

Senior engineers at MSP4 operate with a forward-deployed posture. You own the outcome at the client in front of you. You carry their context into every change. You exercise judgment inside the framework the Principal owns. Push back when something is wrong; do not redesign based on personal preference. The tier structure is what keeps judgment consistent across a multi-client portfolio and defensible under audit.

About MSP4

MSP4, LLC provides infrastructure, security, and IT advisory services to mid-market professional services, manufacturing, distribution, legal, and government clients across the United States. Our commercial practice and regulated practice serve organizations with serious compliance requirements including SOC 2 Type II and CMMC Level 2.

We are a small team. Every person on it has direct impact on client outcomes. The ladder is tiered for scope and audit; access is not. Everyone here has direct access to everyone else, up to and including the CEO.

How to Apply

Alongside your resume, submit a one-page cover page in PDF. Name the file CoverPage_LastName_FirstName_SeniorInfrastructureEngineer.pdf. Include a header line with your name, the date, and the JD version string shown at the bottom of this posting.

On the cover page, answer the following in order:

1. Reference two specific bullets from "What You Will Do" in this JD. For each, describe the closest example from your own production experience: what you owned, the platform mix, the scale, and the outcome.
2. Describe one architecture or operational decision you disagreed with at a prior role. What was your position, what did you do about it, and how did it resolve?
3. Name one platform or technology listed in this JD where your depth is shallow. Describe how you would come up to speed in your first 90 days.

Close with the following statement exactly: "I understand that design authority for this role sits with the Principal Solutions Architect, and that my role is to execute within that framework."

One page. PDF only.

JD v2.0. Retain this version string on your cover page.