Systems and Network Engineer

NYSTEC is a nonprofit technology consulting company, advising agencies, organizations, institutions, and businesses since 1996. We're independent and vendor-neutral, so we have our clients' best interests at heart. At NYSTEC, we know that we succeed when individuals and teams flourish personally and professionally, so our benefits and perks support that mindset.

The systems and network engineer is a versatile technologist responsible for the health, security, and evolution of NYSTEC's hybrid infrastructure. As a primary administrator in a heavily Meraki environment, this role uses the Meraki dashboard to manage a seamless connection between our physical offices and our Microsoft Azure cloud ecosystem. This role balances core networking with broad exposure to Windows Server, Microsoft 365 (M365), and emerging artificial intelligence (AI) tools.

• Unified Infrastructure - Design, configure, and maintain the full Meraki stack, including Meraki Security (MX) firewalls, Microsoft (MS) switches, and Maraki Radios (MR) wireless access points.
• Software-Defined Wide Area Network (SD-WAN) and Connectivity - Implement and optimize Meraki Auto virtual private network (VPN) and SD-WAN policies to ensure secure, high-performance connectivity between NYSTEC office locations and the Azure cloud.
• Meraki Dashboard Mastery - Use the Meraki dashboard for real-time monitoring, automated alerting, and remote troubleshooting of network-wide event logs.
• Advanced Security - Configure Layer 7 application-aware firewall policies, content filtering, and intrusion prevention systems (IPS) via the Meraki security appliance.
• Cloud Networking - Manage Azure Virtual Network (VNets), network security groups (NSGs), and Meraki Virtual Meraki Security Appliance (vMX) virtual appliances for shaping cloud-based traffic.
• Hybrid Identity - Administer Microsoft Entra ID (Azure AD) and on-premises Active Directory, focusing on multi-factor authentication (MFA) and conditional access.
• Server Ecosystem - Support and manage Windows Server environments, managing domain name system (DNS), Dynamic Host Configuration Protocol (DHCP), and Group Policy Object (GPO), and file services.
• M365 and AI Exposure - Provide administrative support for the Microsoft 365 stack and assist in deploying AI-driven tools (e.g., Copilot) to enhance internal productivity.
• Cloud Infrastructure (IaaS and PaaS) - Provision, configure, and monitor Azure virtual machines (infrastructure as a service [IaaS]) and app services (platform as a service [PaaS]), ensuring optimal performance, scaling, and cost-efficiency through Azure Monitor and automation scripting.
• Documentation and Reporting - Create and maintain documentation related to network and system management processes and procedures and generate reports on overall network and system health.
• Collaboration - Work with other IT professionals, such as architects, security administrators, and other workload administrators, to implement and maintain the organization's IT strategy.
• After-Hours Support - Provide technical assistance outside of standard business hours, including evenings and weekends, as needed periodically.
• Travel - Travel to different NYSTEC office locations to provide hands-on technical support for issues that cannot be resolved remotely, as needed periodically.

• Meraki Ecosystem Mastery - Deep knowledge of the Cisco Meraki product line, including MX security appliances, MS switches, and MR wireless access points.
• Network Protocols - Profound understanding of Transmission Control Protocol/Internet Protocol (TCP/IP), domain name system (DNS), DHCP, virtual local area network (VLAN) tagging (802.1Q), and routing protocols like Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP).
• SD-WAN and Hybrid Connectivity - Skilled in designing and maintaining Meraki Auto VPN, site-to-site VPNs, and Azure VPN gateways to bridge on-premises offices with cloud environments.
• Azure IaaS, PaaS, and Software as a Service (SaaS) - Ability to provision and manage Azure Virtual Machines (IaaS) and app services (PaaS) and to integrate enterprise SaaS applications into the corporate identity framework.
• Virtualization - Knowledge of Hyper-V or VMware environments, including migrating on-premises workloads to Azure IaaS.
• Automation and Scripting - Proficiency in MS PowerShell, Terraform, or AzureCLI to automate repetitive administrative tasks and manage cloud resources at scale.
• Adaptability - Ability to pivot quickly between diverse tasks - from physical rack/stack work to high-level cloud architecture support.
• Troubleshooting Skills - Ability to diagnose and resolve technical issues related to hardware, software, and network connectivity.
• Communication Skills - Excellent verbal and written communication skills to effectively interact with end users and other teams within the organization.
• Documentation/Analytical Skills - Effective documentation and critical thinking skills.

• Knowledge of scripting languages like Microsoft PowerShell, and Microsoft Graph API, which can be beneficial in automating tasks and troubleshooting issues with end-user devices and Microsoft Intune.
• Microsoft certified, fundamentals; Cisco Meraki network associate (CMNA); Microsoft AZ-104; and/or Cisco certified network associate (CCNA).

• A bachelor's degree in computer science, engineering, information systems, or a similar discipline and three years of experience in a hybrid network/systems role, with two years of hands-on experience in a Cisco Meraki environment.
• An equivalent combination of advanced education, training, and experience will be considered.

It is NYSTEC's policy to provide equal employment opportunity (EEO) to all individuals, regardless of actual or perceived race, color, creed, religion, sex, or gender (including pregnancy, childbirth, and related medical conditions), gender identity or gender expression (including transgender status), age, national origin, ancestry, citizenship status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, military service and veteran status, sexual orientation, marital status, or any other characteristic protected by local, state, or federal laws and ordinances. NYSTEC is strongly committed to this policy and believes in the concept and spirit of the law.

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact recruitment@nystec.com if you require a reasonable accommodation to apply for or to perform this job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future.

Learn more about NYSTEC by visiting www.nystec.com.