American National Standards Institute
Senior System Administrator
American National Standards Institute, New York, New York, us, 10261
Position SummaryThe Senior System Administrator is responsible for operating secure computing platforms and enterprise applications in the Institute's network. Responsible for operating and maintaining the Institute's enterprise systems, including Windows and Linux servers, and Windows network services. Deploy, install, upgrade, and continuously improve the Institute's operating environment, and maintain the ongoing reliability, performance and support of the Information Technology infrastructure. This includes monitoring the operating environments, servers, and network; responding to incidents, problems and planning for growth. This role is also responsible for the overall operation and maintenance of the Institute's computing environment. Advanced problem diagnosis and resolution required, with a sharp focus on enterprise security analysis and optimizing system performance. This role responds to computer security breaches, malware infections, and cyber-security threats. Implements, supports and complies with ANSI's Information Security Management System security controls to protect enterprise data and IT infrastructure. Other responsibilities include troubleshooting problems as reported by users, supporting remote access and Email services while maintaining a secure environment. Deploys, configures, and manages infrastructure solutions based on application needs and anticipated growth, deploys and configures new virtual servers and maintains the corporate information technology infrastructure. Has excellent communication skills and is able to work collaboratively with internal customers and technical colleagues. Works across all functional areas of the Institute and has a strong customer service orientation to ensure that all service requests and incidents are resolved in a professional manner. Shares expertise and provides individual training and support. Works with other technical staff and outside vendors to provide secure and reliable Information Technology services to all customers. The position is located in the New York office and can be hybrid for the right candidate. Essential Functions
Configure, maintain, monitor, upgrade, and support the VMware private cloud infrastructure in the corporate datacenter.Build, monitor, upgrade, and support Windows and Linux virtual servers.Configure, maintain, monitor, upgrade, and support network services, such as Active Directory and AD Replication, DNS, DHCP, SMB, DFSR.Configure, maintain, monitor, upgrade and support Exchange on-premise and Office 365 environment.Maintain, monitor, upgrade, and support the Institute's cyber-security infrastructure.Manage the Institute's Disaster Recovery plan by ensuring RPO and RTO are achieved, tape backups are performed on scheduled basis, and offsite replication functions as expected. Execute regularly scheduled disaster recovery testing.Monitor database performance and recommend changes.Monitor and administer storage devices, including SAN utilized by VMware vSphere environment.Support enterprise-wide work initiatives and projects.Recommend improvements that increase system security, reliability, and performance.Create, troubleshoot, and maintain scripts, including PowerShell and Batch scripts to automate repetitive tasks for improved reliability and efficiency.Provide infrastructure support for multiple developed systems and applications of medium to high complexity ensuring control, integrity, and accessibility.Work with application owners to provide support for business-critical applications, ensuring maximum uptime and reliability of revenue generating websites.Responsible for deploying and managing security SSL / PKI Certificates utilizing Enterprise Certificate Lifecycle Management solution.Manage, maintain, and support MFA infrastructure, including escalations from service desk as well as troubleshooting, configuring new SAML configurations and upgrading on-premise connectors.Support and comply with the Institute's Information Security Management System (ISO/IEC 27001:2013).Manage ANSI's security awareness program.Participate in IT audits and cybersecurity assessments at regular intervals.Serve as primary point of contact with the Institute's Security Operations Center (SOC) and manage the relationship. Manage alerts from the SOC, including responding, researching, and resolving alerts and / or incidents.Maintain, monitor, adjust, troubleshoot and create rules on firewalls.Ensure delivery of clear and concise performance and up time reports to management on a daily basis.Keep current on the cybersecurity, regulatory, and threat landscapes.Perform upgrades, patches, and updates to production applications and servers.Provide technical assistance to members of the IT Department.Prepare project plans, implementation scheduling, and coordinate new site installations.Document system and network infrastructure and application processes and configurations.Information Security ResponsibilitiesAttend / complete assigned information security training by the designated completion date.Read and adhere to published ISMS policies and procedures.Report timely any observed violations of ISMS policy - or known encroachments on information security - to your department leader and / or the Information Technology Department.Education and Experience8+ years hands-on experience deploying, administering, and upgrading Microsoft Active Directory, AD Sites and Services, FSMO Roles, AD Replication, ADFS8+ years hands-on experience creating, tuning, and troubleshooting AD Group Policy Objects (GPO)8+ years hands-on experience managing internal and external DNS servers, records and zones8+ years hands-on experience deploying, administering, and upgrading Windows and Linux servers in a large IT environment (> 400 servers)8+ years hands-on experience maintaining enterprise IT infrastructure8+ years hands-on experience deploying, administering, and upgrading Windows Server and Client operating systems8+ years hands-on experience deploying, administering, and upgrading VMware vSphere, including vCenter, ESXi, vCenter Networking (VMKernel Adapter, ISCSI Initiator, Distributed Switches), and vSphere Clustering, including DRS and HA.8+ years hands-on experience managing firewalls, including troubleshooting and adjusting firewall rules5+ years hands-on experience with PowerShell, including PowerCLI and AD Administration.5+ years hands-on experience deploying, administering, and upgrading a VMware Horizon View cloud desktop environment3+ years hands-on experience maintaining VMware Horizon View cloud desktop environment2+ years hands-on experience administering public cloud environmentsBachelor's degree in Engineering plus eight years' experienceVMware, Microsoft Windows, and Cisco Systems certifications desiredOther QualificationsDemonstrated ability to take on a lead role coordinating projectsExpert knowledge of VMware in a large environment with strong knowledge of VMware Clustering, configuration and managementIn-depth understanding of network security and access controlStrong understanding of network routing and switching protocolsExcellent knowledge of TCP/IP, including packet-level traffic analysisCisco switches and router (Strong Knowledge Required), Pure storage systemsKnowledge of administering Palo Alto Firewalls, Arista switchesStrong security analysis skills and experience with SIEM and Vulnerability Management solutionsCreative problem-solving skillsMust be a self-starter with desire to excel and broaden the scope of experience and knowledge in infrastructure designStrong verbal, written, and interpersonal skillsOccasional travel to datacenter and other offices, as neededStarting compensation will be in the $140,000 to $150,000 range, depending on education, experience, and other qualifications. This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned at any time with or without notice. ANSI provides equal employment opportunities to all employees and applicants for employment, and prohibits discrimination of any type because of race, gender identity or expression, color, national origin or ancestry, religion, creed, age, marital status, sex, sexual orientation, citizenship or authorized alien status, genetics, disability status, protected veteran status, or any other consideration protected by federal, state, or local laws. ANSI policy also prohibits unlawful discrimination based on the perception that anyone has any of those characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Configure, maintain, monitor, upgrade, and support the VMware private cloud infrastructure in the corporate datacenter.Build, monitor, upgrade, and support Windows and Linux virtual servers.Configure, maintain, monitor, upgrade, and support network services, such as Active Directory and AD Replication, DNS, DHCP, SMB, DFSR.Configure, maintain, monitor, upgrade and support Exchange on-premise and Office 365 environment.Maintain, monitor, upgrade, and support the Institute's cyber-security infrastructure.Manage the Institute's Disaster Recovery plan by ensuring RPO and RTO are achieved, tape backups are performed on scheduled basis, and offsite replication functions as expected. Execute regularly scheduled disaster recovery testing.Monitor database performance and recommend changes.Monitor and administer storage devices, including SAN utilized by VMware vSphere environment.Support enterprise-wide work initiatives and projects.Recommend improvements that increase system security, reliability, and performance.Create, troubleshoot, and maintain scripts, including PowerShell and Batch scripts to automate repetitive tasks for improved reliability and efficiency.Provide infrastructure support for multiple developed systems and applications of medium to high complexity ensuring control, integrity, and accessibility.Work with application owners to provide support for business-critical applications, ensuring maximum uptime and reliability of revenue generating websites.Responsible for deploying and managing security SSL / PKI Certificates utilizing Enterprise Certificate Lifecycle Management solution.Manage, maintain, and support MFA infrastructure, including escalations from service desk as well as troubleshooting, configuring new SAML configurations and upgrading on-premise connectors.Support and comply with the Institute's Information Security Management System (ISO/IEC 27001:2013).Manage ANSI's security awareness program.Participate in IT audits and cybersecurity assessments at regular intervals.Serve as primary point of contact with the Institute's Security Operations Center (SOC) and manage the relationship. Manage alerts from the SOC, including responding, researching, and resolving alerts and / or incidents.Maintain, monitor, adjust, troubleshoot and create rules on firewalls.Ensure delivery of clear and concise performance and up time reports to management on a daily basis.Keep current on the cybersecurity, regulatory, and threat landscapes.Perform upgrades, patches, and updates to production applications and servers.Provide technical assistance to members of the IT Department.Prepare project plans, implementation scheduling, and coordinate new site installations.Document system and network infrastructure and application processes and configurations.Information Security ResponsibilitiesAttend / complete assigned information security training by the designated completion date.Read and adhere to published ISMS policies and procedures.Report timely any observed violations of ISMS policy - or known encroachments on information security - to your department leader and / or the Information Technology Department.Education and Experience8+ years hands-on experience deploying, administering, and upgrading Microsoft Active Directory, AD Sites and Services, FSMO Roles, AD Replication, ADFS8+ years hands-on experience creating, tuning, and troubleshooting AD Group Policy Objects (GPO)8+ years hands-on experience managing internal and external DNS servers, records and zones8+ years hands-on experience deploying, administering, and upgrading Windows and Linux servers in a large IT environment (> 400 servers)8+ years hands-on experience maintaining enterprise IT infrastructure8+ years hands-on experience deploying, administering, and upgrading Windows Server and Client operating systems8+ years hands-on experience deploying, administering, and upgrading VMware vSphere, including vCenter, ESXi, vCenter Networking (VMKernel Adapter, ISCSI Initiator, Distributed Switches), and vSphere Clustering, including DRS and HA.8+ years hands-on experience managing firewalls, including troubleshooting and adjusting firewall rules5+ years hands-on experience with PowerShell, including PowerCLI and AD Administration.5+ years hands-on experience deploying, administering, and upgrading a VMware Horizon View cloud desktop environment3+ years hands-on experience maintaining VMware Horizon View cloud desktop environment2+ years hands-on experience administering public cloud environmentsBachelor's degree in Engineering plus eight years' experienceVMware, Microsoft Windows, and Cisco Systems certifications desiredOther QualificationsDemonstrated ability to take on a lead role coordinating projectsExpert knowledge of VMware in a large environment with strong knowledge of VMware Clustering, configuration and managementIn-depth understanding of network security and access controlStrong understanding of network routing and switching protocolsExcellent knowledge of TCP/IP, including packet-level traffic analysisCisco switches and router (Strong Knowledge Required), Pure storage systemsKnowledge of administering Palo Alto Firewalls, Arista switchesStrong security analysis skills and experience with SIEM and Vulnerability Management solutionsCreative problem-solving skillsMust be a self-starter with desire to excel and broaden the scope of experience and knowledge in infrastructure designStrong verbal, written, and interpersonal skillsOccasional travel to datacenter and other offices, as neededStarting compensation will be in the $140,000 to $150,000 range, depending on education, experience, and other qualifications. This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned at any time with or without notice. ANSI provides equal employment opportunities to all employees and applicants for employment, and prohibits discrimination of any type because of race, gender identity or expression, color, national origin or ancestry, religion, creed, age, marital status, sex, sexual orientation, citizenship or authorized alien status, genetics, disability status, protected veteran status, or any other consideration protected by federal, state, or local laws. ANSI policy also prohibits unlawful discrimination based on the perception that anyone has any of those characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.