Systems Engineer II

Sentinel Blue

5d•Remote

About The Position

Sentinel Blue is hiring a Systems Engineer II for our Operations team. This role owns systems work across client environments and is expected to drive reliable delivery through clean change execution, solid documentation, and reusable automation. Systems Engineers at Sentinel Blue operate within both traditional on-premise infrastructure and Microsoft cloud services. Our ideal candidate executes independently, leads changes end-to-end, and communicates clearly with stakeholders. You will collaborate with other engineers, but you are expected to own outcomes, drive issues to resolution, and turn repeat work into clear documentation and reusable automation. This is a full-time position that is fully remote. Due to the nature of our work, you must be a U.S. citizen with eligibility for a clearance. No exceptions. A day in the Systems Engineer II role: You may run point on endpoint compliance and remediation, work hybrid identity issues end-to-end, drive patching and lifecycle execution, and complete complex changes through the Change Request process from planning to validation. You will join client calls as needed, communicate status clearly, and regularly improve SOPs and automation so recurring work becomes more efficient. What We Can Offer: Sentinel Blue is a young company with a focused mission: We’re bringing enterprise-class cybersecurity to small and medium sized businesses. Frankly, we’re pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission. The pace is fast, and we’re always learning new things. This is a great place if you want to expose yourself to new and emerging technologies, want to be challenged, and want to build your skills. Further, success in this role can quickly transition into a senior engineering, architectural, or technical leadership role. The right person will find themselves in a fun, dynamic environment, working on interesting problems and making a real difference. You will be required to achieve a Security+ certification in the first 6 months of hire; we’ll cover your certification costs and provide paid time for you to study!

Requirements

U.S. citizenship – by nature of our work with the defense industry, all employees must be eligible for a Secret clearance.
3-5 years of relevant engineering experience, including ownership of operational delivery across multiple systems.
Hands-on experience with Intune, Entra, and Azure in production environments.
Strong knowledge of on-premises Window infrastructure, including Active Directory, DNS, DHCP, and GPO management.
Proven ability to troubleshoot complex issues, implement durable fixes, and validate outcomes.
Clear written and verbal communication, including client-facing technical discussions.
Proficiency in PowerShell and comfort improving or designing reusable automation.
CompTIA Security+ required within 6 months of hire if not already held.

Nice To Haves

Experience working in Azure Government, Microsoft 365 GCC High, and other FedRAMP Moderate platforms.
Practical familiarity with backup and restore validation practices, especially with Veeam.
Proficiency with core networking fundamentals and practical exposure to platforms such as Fortinet, Meraki, Ubiquiti UniFi, and Cloudflare Zero Trust.
Experience in a managed services or consulting environment with multiple client contexts and competing priorities.
Familiarity with compliance-driven engineering expectations (CMMC, NIST 800-171, CIS Controls), including documentation, baselines, and disciplined change control.
Bachelor’s or Master's degree in Cybersecurity, Information Systems, Computer Science, Business, or a related field.

Responsibilities

Own endpoint management across client environments (Intune compliance, baselines, configuration profiles, firewall rules, and remediation).
Operate and manage hybrid identity systems, including Entra ID and on-premises Active Directory.
Drive patching and lifecycle execution, including exception handling, remediation planning, and follow-through for endpoints and on-premise servers.
Coordinate local/cloud backup and recovery systems and processes, including restore validation and reliability improvements (Veeam exposure is a plus).
Implement and validate systems changes across servers, virtualization, and core infrastructure fundamentals within approved standards.
Run changes and projects end-to-end through Change Requests: plan the work, call out risk, execute cleanly, validate results, and document outcomes.
Build and improve reusable automation (PowerShell, Graph, workflow tooling) and refine existing scripts and patterns with a focus on repeatability.
Produce SOPs, runbooks, KBs, and diagrams on a regular basis, especially for recurring tasks and common failure modes.
Participate in client calls as needed and communicate status, options, and next steps in plain language.