Sapient Logic LLC
Senior Windows Systems Engineer
Sapient Logic LLC, San Diego, California, United States, 92189
Position Summary
Sapient Logic is seeking a Senior Windows Systems Engineer to support the Joint Fires Network (JFN) program in San Diego, CA. This position requires an expert-level engineer with mastery of Windows Server, Active Directory, RBAC, and automation frameworks used to deploy and sustain enterprise Windows domains across multiple environments (on-premises and cloud). The ideal candidate will lead complex system integrations, design domain architectures, and ensure secure, policy‑compliant operations in line with DoD Zero Trust principles. Responsibilities
Architect, deploy, and maintain Windows Server (2019/2022) across multi‑site, multi‑domain architectures. Lead configuration and management of Active Directory, DNS, DHCP, and Group Policy (GPOs). Implement Role‑Based Access Control (RBAC) and least‑privilege models. Design and administer Active Directory Certificate Services (AD CS), PKI, and Kerberos authentication. Manage RADIUS authentication for network devices and infrastructure systems. Administer SCCM/MECM and WSUS for patch management, software deployment, and configuration compliance. Develop and maintain PowerShell and Ansible automation scripts for provisioning, configuration, and monitoring. Collaborate with Linux and Network Engineering teams to ensure secure interoperability (Kerberos, LDAP, RADIUS). Perform system hardening and validation in compliance with DoD STIGs, CIS Benchmarks, and Zero Trust frameworks. Design and oversee SQL Server deployments for integrated Windows services. Create and maintain detailed technical documentation, including configuration guides, design diagrams, and test procedures. Provide technical mentorship and oversight across enterprise Windows projects. Required Qualifications
15+ years of progressive experience designing and maintaining enterprise Windows environments; OR 17 years IT networking experience; OR 20 years IT networking experience with High School Diploma/GED. Expert knowledge of Active Directory, DNS, DHCP, and GPOs. Expertise in RBAC, AD CS, PKI, Kerberos, and RADIUS authentication integration. Experience with Windows Server 2019/2022 configuration and hardening. Proficiency managing SCCM/MECM and WSUS for enterprise patching and software deployment. Automation with PowerShell and Ansible; experience with Git/CI‑CD for Infrastructure‑as‑Code. Familiarity with Linux interoperability and cross‑domain authentication. Knowledge of DoD cybersecurity frameworks (STIGs, CIS, Zero Trust). IAT Level II (Security+ CE) and OS/Computing Environment certification. Active DoD Secret clearance (ability to obtain Top Secret). Microsoft Certifications
Windows Server Hybrid Administrator Associate (AZ‑800/AZ‑801) – strongly preferred. Identity and Access Administrator Associate (SC‑300) – preferred. Enterprise Administrator Expert – nice to have (hybrid identity/M365 integration). Cybersecurity Architect Expert (SC‑100) – nice to have (Zero Trust strategy). Endpoint Administrator (MD‑102) – nice to have (SCCM/Intune co‑management). Legacy MCSE/MCITP on Windows Server recognized as equivalent experience. Desired Skills
Experience with Azure, AWS, or GCP cloud environments. Understanding of Docker, Kubernetes, and microservices architectures. Strong analytical, leadership, and documentation skills. Proficiency using Jira, Confluence, and GitLab for Agile collaboration. Schedule
Monday to Friday – 8‑hour shift Salary Range
$170,000 – $205,000 (DOE) Location
San Diego, CA Job Type
Full‑time
#J-18808-Ljbffr
Sapient Logic is seeking a Senior Windows Systems Engineer to support the Joint Fires Network (JFN) program in San Diego, CA. This position requires an expert-level engineer with mastery of Windows Server, Active Directory, RBAC, and automation frameworks used to deploy and sustain enterprise Windows domains across multiple environments (on-premises and cloud). The ideal candidate will lead complex system integrations, design domain architectures, and ensure secure, policy‑compliant operations in line with DoD Zero Trust principles. Responsibilities
Architect, deploy, and maintain Windows Server (2019/2022) across multi‑site, multi‑domain architectures. Lead configuration and management of Active Directory, DNS, DHCP, and Group Policy (GPOs). Implement Role‑Based Access Control (RBAC) and least‑privilege models. Design and administer Active Directory Certificate Services (AD CS), PKI, and Kerberos authentication. Manage RADIUS authentication for network devices and infrastructure systems. Administer SCCM/MECM and WSUS for patch management, software deployment, and configuration compliance. Develop and maintain PowerShell and Ansible automation scripts for provisioning, configuration, and monitoring. Collaborate with Linux and Network Engineering teams to ensure secure interoperability (Kerberos, LDAP, RADIUS). Perform system hardening and validation in compliance with DoD STIGs, CIS Benchmarks, and Zero Trust frameworks. Design and oversee SQL Server deployments for integrated Windows services. Create and maintain detailed technical documentation, including configuration guides, design diagrams, and test procedures. Provide technical mentorship and oversight across enterprise Windows projects. Required Qualifications
15+ years of progressive experience designing and maintaining enterprise Windows environments; OR 17 years IT networking experience; OR 20 years IT networking experience with High School Diploma/GED. Expert knowledge of Active Directory, DNS, DHCP, and GPOs. Expertise in RBAC, AD CS, PKI, Kerberos, and RADIUS authentication integration. Experience with Windows Server 2019/2022 configuration and hardening. Proficiency managing SCCM/MECM and WSUS for enterprise patching and software deployment. Automation with PowerShell and Ansible; experience with Git/CI‑CD for Infrastructure‑as‑Code. Familiarity with Linux interoperability and cross‑domain authentication. Knowledge of DoD cybersecurity frameworks (STIGs, CIS, Zero Trust). IAT Level II (Security+ CE) and OS/Computing Environment certification. Active DoD Secret clearance (ability to obtain Top Secret). Microsoft Certifications
Windows Server Hybrid Administrator Associate (AZ‑800/AZ‑801) – strongly preferred. Identity and Access Administrator Associate (SC‑300) – preferred. Enterprise Administrator Expert – nice to have (hybrid identity/M365 integration). Cybersecurity Architect Expert (SC‑100) – nice to have (Zero Trust strategy). Endpoint Administrator (MD‑102) – nice to have (SCCM/Intune co‑management). Legacy MCSE/MCITP on Windows Server recognized as equivalent experience. Desired Skills
Experience with Azure, AWS, or GCP cloud environments. Understanding of Docker, Kubernetes, and microservices architectures. Strong analytical, leadership, and documentation skills. Proficiency using Jira, Confluence, and GitLab for Agile collaboration. Schedule
Monday to Friday – 8‑hour shift Salary Range
$170,000 – $205,000 (DOE) Location
San Diego, CA Job Type
Full‑time
#J-18808-Ljbffr