Klio Systems, Inc.
Website:
kliosystems.com
Job details:
Job Title: Senior IT Support Engineer (L2/L3 | Infrastructure & Security)
Overview
We’re looking for a Senior IT Support Engineer who thrives in complex environments and enjoys solving deep technical problems across infrastructure, endpoints, identity, and security. This is not a traditional support role—you’ll operate at L2/L3, own critical systems, and play a key role in strengthening our modern workplace built on Microsoft technologies, Zero Trust principles, and secure infrastructure design.
What You’ll Own
Infrastructure & Server Operations
- Manage and optimize Windows Server environments (AD, DC, DNS, DHCP, GPO) with a focus on reliability, scalability, and security
- Proactively monitor, patch, and tune servers; resolve complex issues across authentication, replication, and system performance
- Lead backup and disaster recovery strategies, including validation and periodic restore testing
- Drive server lifecycle activities, including upgrades, migrations, and hardening aligned with CIS and industry standards
Modern Endpoint Management (Intune)
- Own Microsoft Intune end-to-end: device lifecycle, compliance, configuration, and application management
- Design and enforce security baselines across Windows, iOS, and Android devices
- Implement Autopilot and zero-touch provisioning for seamless onboarding
- Troubleshoot deeply using logs, diagnostics, and policy analysis to resolve complex deployment issues
Identity & Access (Microsoft Entra ID)
- Architect and manage Conditional Access, MFA, and Zero Trust policies
- Administer SSO integrations across SaaS platforms using modern authentication protocols
- Implement identity governance (access reviews, PIM, lifecycle workflows)
- Investigate and resolve advanced authentication and access issues
Apple Device Management
- Manage Apple Business Manager (ABM) and integrate with MDM (Intune or equivalent)
- Enable automated device enrollment and enforce security/compliance controls
- Handle complex enrollment and device management challenges with vendor coordination when needed
Network & Security Engineering
- Configure and manage firewalls, VPNs, and secure access controls
- Troubleshoot network issues across switching, VLANs, routing, DNS, and connectivity layers
- Strengthen network segmentation and enforce least-privilege access
- Monitor and respond to network and security events using logs and analysis tools
Security Operations
- Own endpoint and email security platforms (EDR/MDR, anti-phishing, DLP, encryption)
- Investigate and respond to security incidents across endpoints, identity, and network layers
- Drive vulnerability management and patching initiatives
- Implement and enforce security frameworks (CIS, NIST, ISO 27001) and Zero Trust principles
Microsoft 365 Administration
- Manage M365 services (Exchange Online, Teams, SharePoint, OneDrive)
- Configure advanced email security (SPF, DKIM, DMARC, Safe Links/Attachments)
- Troubleshoot complex mail flow, access, and integration issues
- Support compliance features like retention, eDiscovery, and audit
Advanced Support (L2/L3 Escalations)
- Handle critical escalations from L1 teams with deep technical ownership
- Perform root cause analysis and implement long-term fixes—not just quick resolutions
- Improve system stability by identifying recurring issues and eliminating them
Process, Automation & Leadership
- Build and maintain high-quality documentation, SOPs, and runbooks
- Automate repetitive tasks using PowerShell or similar tools
- Mentor junior engineers and elevate team capability
- Contribute to change management, CAB reviews, and continuous improvement initiatives
What You Bring
Experience
- 8–12 years in IT infrastructure and support, with strong L2/L3 ownership
- Solid hands-on experience across Windows Server, Intune, Entra ID, and enterprise networking
- Proven track record managing production environments and handling critical incidents
Technical Strength
- Deep expertise in:
- Windows Server (AD, DNS, DHCP, GPO)
- Microsoft Intune and endpoint security
- Microsoft Entra ID (Conditional Access, MFA, SSO, Identity Governance)
- Network fundamentals (firewalls, VPNs, switching, routing)
- Strong experience with EDR/MDR, email security, and vulnerability management
- Familiarity with Apple device management via ABM and MDM platforms
Mindset
- Strong problem-solver who digs into root causes, not just symptoms
- Security-first approach with a clear understanding of Zero Trust
- Comfortable owning systems end-to-end in a fast-paced environment
- Clear communicator who can document, explain, and mentor effectively
Must have anyone
- Microsoft certifications (AZ-104, SC-300, MD-102)
- Networking certifications (CCNA, Network+)
- Security certifications (Security+, etc.)
- ITIL Foundation
Click on Apply to know more.