Job Details

Position Summary

Sapient Logic is seeking a Senior Windows Systems Engineer to support the Joint Fires Network (JFN) program in San Diego, CA. This position requires an expert-level engineer with mastery of Windows Server, Active Directory, RBAC, and automation frameworks used to deploy and sustain enterprise Windows domains across multiple environments (on-premises and cloud). The ideal candidate will lead complex system integrations, design domain architectures, and ensure secure, policy‑compliant operations in line with DoD Zero Trust principles.

Responsibilities

• Architect, deploy, and maintain Windows Server (2019/2022) across multi‑site, multi‑domain architectures.
• Lead configuration and management of Active Directory, DNS, DHCP, and Group Policy (GPOs).
• Implement Role‑Based Access Control (RBAC) and least‑privilege models.
• Design and administer Active Directory Certificate Services (AD CS), PKI, and Kerberos authentication.
• Manage RADIUS authentication for network devices and infrastructure systems.
• Administer SCCM/MECM and WSUS for patch management, software deployment, and configuration compliance.
• Develop and maintain PowerShell and Ansible automation scripts for provisioning, configuration, and monitoring.
• Collaborate with Linux and Network Engineering teams to ensure secure interoperability (Kerberos, LDAP, RADIUS).
• Perform system hardening and validation in compliance with DoD STIGs, CIS Benchmarks, and Zero Trust frameworks.
• Design and oversee SQL Server deployments for integrated Windows services.
• Create and maintain detailed technical documentation, including configuration guides, design diagrams, and test procedures.
• Provide technical mentorship and oversight across enterprise Windows projects.

Required Qualifications

• 15+ years of progressive experience designing and maintaining enterprise Windows environments; OR 17 years IT networking experience; OR 20 years IT networking experience with High School Diploma/GED.
• Expert knowledge of Active Directory, DNS, DHCP, and GPOs.
• Expertise in RBAC, AD CS, PKI, Kerberos, and RADIUS authentication integration.
• Experience with Windows Server 2019/2022 configuration and hardening.
• Proficiency managing SCCM/MECM and WSUS for enterprise patching and software deployment.
• Automation with PowerShell and Ansible; experience with Git/CI‑CD for Infrastructure‑as‑Code.
• Familiarity with Linux interoperability and cross‑domain authentication.
• Knowledge of DoD cybersecurity frameworks (STIGs, CIS, Zero Trust).
• IAT Level II (Security+ CE) and OS/Computing Environment certification.
• Active DoD Secret clearance (ability to obtain Top Secret).

Microsoft Certifications

• Windows Server Hybrid Administrator Associate (AZ‑800/AZ‑801) – strongly preferred.
• Identity and Access Administrator Associate (SC‑300) – preferred.
• Enterprise Administrator Expert – nice to have (hybrid identity/M365 integration).
• Cybersecurity Architect Expert (SC‑100) – nice to have (Zero Trust strategy).
• Endpoint Administrator (MD‑102) – nice to have (SCCM/Intune co‑management).
• Legacy MCSE/MCITP on Windows Server recognized as equivalent experience.

Desired Skills

• Experience with Azure, AWS, or GCP cloud environments.
• Understanding of Docker, Kubernetes, and microservices architectures.
• Strong analytical, leadership, and documentation skills.
• Proficiency using Jira, Confluence, and GitLab for Agile collaboration.

Schedule

Monday to Friday – 8‑hour shift

Salary Range

$170,000 – $205,000 (DOE)

Location

San Diego, CA

Job Type

Full‑time