Infrastructure Architect - DV

Lead Infrastructure Engineer - Wintel

+ 6 Months
+ Hemel Hempstead - Mainly on site
+ DV Cleared
+ Must be sole UK National

Key Responsibilities:

  • Be responsible for designing a greenfield multi-site platform based upon Microsoft Window Server and Client Operating Systems and the VMware / vSphere Hypervisor
  • Produce and maintain design artefacts, such as but not limited to Low-Level Designs, Release Notes, Platform Services related fail-over / disaster recovery instruction
  • Manage Platform Services deployments through multiple product life-cycle environments, from development to test and reference, through to the mission-critical production systems
  • Provide input into the Event and Protective monitoring processes as relate to the Platform Services work-stream
  • Liaise with MoD departments and 3rd party suppliers in order to resolve issues relating to the projects Platform Services in all areas that fall within the scope of the contract.
  • Work in a disciplined and structured manner
  • Attend Client facing meetings as required
  • Develop and maintain Client and third party supplier relationships as necessary
  • Provide regular updates to the Technical and project leadership regarding all aspects of the Platform Services delivery.

Essential Skills/Experience

  • Vocational/Diploma/Associate Degree (technical field) or relevant Microsoft certification or relevant experience with a Minimum of 3 years' experience as a Wintel Design Engineer
  • Skilled in the development and building of automated Window Server and Windows-Based End User Devices (EUD), including applying Security hardening policies; using such products as Microsoft Deployment Toolkit (MDT) and / or Microsoft EndPoint Configuration
  • Manager (MECM); Window Server 2019 and Window 11 client operating systems
  • Skilled in the design and deployment of high-availability VMware-Based v7.x Virtual environments (ESXi and vCenter), including applying security hardening policies
  • Strong hands-on experience in designing and deploying Microsoft Active Directory domains, including Federation Services (ADFS) and Certificate Services (ADCS)
  • Working Knowledge of deploying Windows-based PKI solutions, including the use of Hardware Security Modules (HSM) for key storage
  • A practical working Knowledge of PowerShell scripting
  • Skill in the design of Active Directory solutions, including the deployment and management of Active Directory Group policies and applying NCSC baseline guidance policy sets
  • Centre Operations Manager (SCOM) and System Center Orchestration (SCORCH)
  • Have a good understanding of 'Secure by Design' principles and practices
  • Used to working in Multi-Datacentre Environments where availability, resilience and fault tolerance are key elements of every design
  • Experience in the automated deployment of Windows-based virtual servers, using one or more of Microsoft tools such as MECM, MDT and PowerShell Desired State Configuration (DSC) or Terraform and / or Ancible
  • Have a good understanding of networking as relates to Window Servers and Clients and VMware virtual networking

Desirable Skills/Experience

  • Experience in the use and implementation of BMC products, such as Truesight (Event Management) and Atrium (CMDB)
  • Experience of deploying Multi-Factor Authentication (MFA) products such as smart card infrastructure
  • Knowledge of Network Attached Storage, block and file solutions
  • Experience in the design and deployment of IMPEX capabilities
  • Familiarity with Microsoft's Privilaged Access Model (PAM)
  • Experiance of Identity & Access Management (IdAM) solutions
  • Familiarity with ManageEngine products such as: ADManager Plus & PAM360
  • Familiarity with the MoD and their design guidance and policies to align delivery with MoD Joint Service Publications (JSP) 440, 604, including Joining Rules.