Senior Infrastructure Engineer (L3)

As a Level 3 (Senior) Infrastructure Engineer, you are the technical authority driving the design, implementation, and management of the company’s entire infrastructure. Your expertise spans on-premises systems, cloud environments, security frameworks, and advanced networking. You serve as the final escalation point for complex issues, providing strategic leadership and architectural guidance to ensure optimal performance, reliability, and security across the organization’s infrastructure.
The Senior Infrastructure Engineer (Level 3) is responsible for defining and executing the infrastructure roadmap—both locally and in the cloud—while overseeing high-impact projects and mentoring junior engineers. You will guide technology investments and architectural decisions, collaborating with cross-functional teams to align infrastructure capabilities with broader business goals. This position demands top-tier technical proficiency, leadership skills, and a proactive approach to continuous improvement and innovation.
We are specifically seeking an experienced infrastructure professional who can also provide customer-facing support. The ideal candidate should have strong expertise in managing cloud environments (Azure and AWS), as well as hands-on experience with customer and desktop support typical of an MSP environment, including Office 365 and telephony. As we have physical infrastructure based in Fiji, we strongly prefer candidates who are open to travel for project work or are potentially willing to relocate there long-term to better integrate with our existing IT team. This role has potential to evolve into a managerial position, overseeing desktop support, cloud/on-prem infrastructure, and telephony services for our Fiji call centre and hosted 3CX clients. We’re looking for someone dynamic with strong cross-functional skills in telephony, networking, and cloud infrastructure.

Responsibilities:

• Strategic Infrastructure Leadership:
• Roadmap & Architecture: Develop and maintain a multi-year infrastructure roadmap, aligning technology choices (Azure, AWS, virtual platforms) with organizational objectives.
• Technology Evaluation: Research emerging technologies and recommend solutions that enhance performance, security, and cost-effectiveness.
• Vendor & Stakeholder Management: Collaborate with key vendors and internal stakeholders to negotiate contracts, plan budgets, and ensure service quality.


• Advanced Infrastructure Design & Maintenance:
• Core Infrastructure: Oversee and refine the architecture of on-premises and cloud systems (Azure AD, Office 365, AWS EC2, Kubernetes/EKS, Proxmox, XCPng), ensuring high availability and scalability.
• Systems Administration: Manage Windows and Linux (Ubuntu) servers, IIS hosting, containerization (Docker), and storage solutions (TrueNAS).
• Identity & Device Management: Administer Azure AD and Intune, including group policies, app deployment scripts, and compliance policies.


• Complex Network & Security Oversight:
• Enterprise Networking: Architect and maintain secure, efficient networks, including OPNsense firewalls, WireGuard VPNs, VLANs, and Unifi devices.
• Security & Zero Trust: Implement and maintain Cloudflare Zero Trust or equivalent solutions, perform regular security audits, and champion best practices to minimize vulnerabilities.
• Monitoring & Alerting: Own the configuration of systems like Zabbix or similar tools, ensuring proactive identification and resolution of infrastructure issues.


• VoIP & Telephony Management:
• Unified Communications: Oversee 3CX, VoIP provider configurations, and GSM gateways to ensure reliable global telephony and conferencing.
• Optimization & Planning: Monitor call quality, implement failover strategies, and coordinate with external vendors for advanced troubleshooting and performance enhancements.


• Project Execution & Stakeholder Collaboration:
• Infrastructure Projects: Lead complex, large-scale infrastructure initiatives from concept to completion, including resource allocation, risk assessment, and cross-functional coordination. 
• Budgeting & Governance: Collaborate with finance and procurement teams to define project budgets, assess ROI, and ensure alignment with compliance standards.
• Continuous Improvement: Drive post-project reviews, documenting lessons learned and identifying opportunities for future enhancements.


• Security, Compliance & Risk Management:
• Incident Response: Serve as the primary escalation point for high-severity security incidents and lead forensic investigations as needed.
• Regulatory Compliance: Ensure compliance with relevant data protection and industry regulations by defining best practices for backups, encryption, and disaster recovery.
• Risk Assessment: Perform continuous risk analyses, maintain a risk register, and implement mitigation strategies to strengthen the organization’s security posture.


• Documentation & Knowledge Sharing:
• Technical Documentation: Develop and maintain comprehensive documentation network diagrams, SOPs, architectural designs to streamline knowledge transfer and support.
• Guidance & Mentoring: Coach Level 1 and Level 2 engineers, providing structured training, design best practices, and performance feedback.
• Professional Development: Dedicate at least 4 hours per week to self-learning and industry research, staying abreast of new technologies and methodologies.


• Power Management (Advanced Escalations):
•  High-Level Issue Resolution: Diagnose and resolve escalated power-related incidents (UPS systems, power failures, fluctuations) to ensure business continuity.
• Infrastructure Hardening: Lead the design of robust power management strategies, including emergency protocols, vendor coordination, and preventive maintenance.

To be successful in this role, you will have:

• Qualifications/Experience:
• Bachelor’s degree in Information Technology, Computer Science, or related field (or equivalent experience).
• Experience: Minimum 7+ years in infrastructure engineering, systems administration, or similar roles. Prior senior-level experience in strategic planning and project leadership required.


• Technical Proficiency:
• Expert-level knowledge in Azure AD, Intune, Office 365, AWS (EC2, EKS), Proxmox, XCP-ng, Docker, Kubernetes, and Windows/Linux server environments.
• Proven experience with networking (OPNsense, WireGuard, VLANs, Unifi), storage solutions (TrueNAS), and VoIP (3CX) systems.


• Systems/Tools Essential:
• Operating Systems Support
• Windows 10/11 desktop\
• Windows Server
• Ubuntu
• Virtualization: XCP-NG / Proxmox / similar platforms
• Physical Hardware
• RAID management / understanding
• Networking
• IP addressing & subnetting
• Protocols: ICMP, ARP, TCP/UDP
• DNS & DHCP
• Routing, VLAN, NAT (DNAT, SNAT, CGNAT)
• CARP / VRRP
• VPNs: Wireguard, OpenVPN, IPSEC, ZeroTier
• Packet analysis: Wireshark, tcpdump
• Unifi devices & controller management (or similar)
• Public Cloud
• AWS: EC2, LightSail, IAM policies, Security Groups, RDS, S3, CloudWatch, VPC, ALB
• Azure: General infrastructure knowledge
• Office 365
• Azure AD user/group management, Intune endpoint management (policies, app deployment)
• SharePoint and OneDrive management
• Firewall Management: OpnSense / pfSense
• VoIP / Telephony: 3CX or similar systems


• Certifications:
• Advanced certifications (e.g., Microsoft Certified: Azure Solutions Architect, AWS Certified Solutions Architect – Professional, CISSP, CCNP) strongly preferred.
 
• Soft Skills:
• Exceptional leadership, Communication, and Stakeholder Management Abilities.
• With a track record of mentoring and fostering team development.