Senior IT Infrastructure Engineer

Woodcraft Supply, LLC is seeking a highly skilled Senior IT Infrastructure Engineer to architect, implement, and optimize our IT Systems and Network Infrastructure across our Corporate, Retail, and Franchise environments. This role demands mastery across enterprise virtualization, complex network engineering, hybrid cloud environments, security hardening, and disaster resilience. The ideal candidate thrives in a high-performance environment where teamwork, precision, efficiency, and cost optimization are essential.

You will be the cornerstone of our Infrastructure Team - driving innovation, maximizing up time, eliminating waste, and securing our enterprise systems against evolving threats. This position will report to the Director of IT and have responsibility for managing the Infrastructure Team. This role is pivotal in seamlessly aligning technology with key company initiatives, ensuring reliability, scalability, and performance while preparing for future growth. The ideal candidate will embody a "buck stops here" mindset, taking full ownership of technical issues and driving them to resolution.

Essential Functions:

Enterprise Virtualization & Cloud Engineering

• Architect, deploy, and manage large-scale VMware vSphere environments (including vCenter, vSAN, NSX).
• Design and implement hybrid cloud architectures integrating Azure with on-prem systems, including SSO, identity federation, and cloud networking.
• Lead cloud migrations, develop governance frameworks, and optimize cloud spending using FinOps principles.
• Assess Hyperconverged Infrastructure (HCI) options to streamline operations, improve scalability, and enhance performance.

Advanced Networking

• Engineer and secure complex network environments (multi-site VPNs, BGP/OSPF routing, VLAN/VXLAN segmentation, zero trust frameworks).
• Implement and maintain enterprise firewalls (Fortinet, Cisco ASA/Firepower) with advanced threat prevention.
• Deploy and manage network load balancers, SD-WAN solutions, and next-gen network monitoring systems.

Systems Administration

• Harden and administer Active Directory forests, multi-domain architectures, and high-trust GPO configurations.
• Design and implement enterprise PKI, multifactor authentication, privileged access management, and directory services replication.
• Maintain high-availability systems for file services, application hosting, database clusters, and custom workloads.

Security & Resilience

• Integrate and enforce CIS Benchmarks and NIST security frameworks across all infrastructure layers.
• Architect and maintain backup, disaster recovery, and business continuity systems with strict RPO/RTO objectives.
• Perform root cause analysis on security incidents, system failures, and performance anomalies.

Cost Optimization & Strategic Innovation

• Lead initiatives to drive measurable infrastructure cost savings while enhancing service performance and security posture.
• Conduct in-depth vendor evaluations, licensing audits, and platform right-sizing for maximum ROI.
• Continuously evaluate emerging technologies (SASE, IaC, Zero Trust, containerization, serverless) for strategic advantage.
• Integrate AI-driven solutions to enhance infrastructure management, predictive maintenance, and automated threat detection.

Leadership & Collaboration

• Set technical standards and mentor IT engineering staff to achieve operational excellence.
• Collaborate with business leadership and cybersecurity teams to align infrastructure design with enterprise risk management.
• Document critical designs, runbooks, recovery procedures, and asset inventories with rigor and precision.
• Great teamwork is non-negotiable; the ability to mentor and lead by example are essential.

Competencies:

1. VMware vSphere/vCenter (design, multi-cluster management, HA/DRS tuning, advanced troubleshooting).
2. VMware (advanced network virtualization and micro segmentation).
3. Storage architecture (enterprise SAN/NAS).
4. Firewall deployment and maintenance (Fortinet, Cisco ASA/Firepower).
5. Advanced network design (IPv6, BGP, OSPF, VPN technologies, VLAN/VXLAN overlay networks).
6. Azure Active Directory, Conditional Access Policies, MFA, SSO integrations.
7. Microsoft 365 (Hybrid deployments, migrations), SQL Server clustering.
8. Backup, replication, and DR orchestration.
9. Scripting and automation (PowerShell, Terraform, Python) for infrastructure as code (IaC) and automation initiatives.
10. Deep familiarity with CIS Critical Security Controls (CS) and NIST SP 800-53 controls.
11. Proven track record in designing and implementing disaster recovery and high availability solutions for enterprise applications.
12. This is a senior-level technical position, and the successful candidate must be prepared to hit the ground running, taking immediate ownership of critical infrastructure projects.

This position will manage the infrastructure team.

Work schedule is Monday through Friday, 8:30 a.m. EST to 5 p.m. EST. IT personnel will be required to work additional hours during outages, upgrades and emergency situations. IT personnel may be on call 24 hours a day including weekends and holidays.

Education:

• Bachelor's Degree in Information Technology, Cybersecurity, Computer Science, Information Systems, or Engineering required.
• Master's Degree in Information Technology, Cybersecurity, or Systems Engineering highly preferred.