About infraone
infraone’s purpose is to protect the critical infrastructure modern life depends on—from factories that produce essential goods to utilities and water supply—by providing world-class cybersecurity and network services to operational-technology (OT) environments.
Born from an engineering company in 2011, we have delivered 700+ cybersecurity and IT/OT infrastructure projects and maintain 24×7 support for leading manufacturers across Europe. Guided by the values of Ownership, Customers First, Trust, Ambition, and Excellence, we are building Europe’s leading OT-cybersecurity services firm.
The Opportunity
As a Senior Infrastructure, you will join the Infrastructure team supporting some of the largest pharmaceutical manufacturers in Europe.
We are looking for a Senior Systems Engineer to join our infrastructure team. You will be responsible for the design, deployment, and documentation of enterprise Windows infrastructure services across on-premises and hybrid cloud environments, with a strong focus on security and operational reliability. You will work with cross-functional teams to deliver HLD and LLD documentation and drive implementation from design to production.
Key Responsibilities
Design, deploy, and maintain Active Directory environments following Microsoft's Tiered Administration Model (Tier 0 / Tier 1 / Tier 2), RBAC, and Zero Trust principles
Administer and operate core Windows infrastructure services: Active Directory, DNS, DHCP, Group Policy (GPO), PKI/CA, NPS, WSUS, DFS, File Server, Print Server, and SMTP relay
Define and enforce Group Policy and security baselines across the estate
Design and manage virtualization platforms: VMware vSphere/ESXi and Microsoft Hyper-V, including migrations between platforms
Deploy and manage Azure infrastructure: virtual machines (including GPU-enabled), Azure Virtual Desktop (AVD), Azure Kubernetes Service (AKS), storage accounts, virtual networks, load balancers, and application gateways
Lead or contribute to Active Directory migrations — on-premises AD to Microsoft Entra ID (formerly Azure AD), including hybrid identity scenarios (Entra Connect, Entra Connect Cloud Sync)
Produce technical documentation: High-Level Designs (HLD) and Low-Level Designs (LLD) for infrastructure projects, including as-built documentation post-deployment
Review infrastructure designs for security compliance, reliability, cost optimization, and alignment with best practices
Participate in the segregation of domains and infrastructure services for regulated or sensitive environments (e.g., lab, OT, corporate)
Required Skills & Experience
Higher education in Computer Science, Information Systems, or a related field
Active Directory & Windows Services
Deep expertise in Active Directory design and administration, including multi-domain/multi-forest environments
Solid understanding and practical implementation of the AD Tiered Administration Model (Tier 0–2)
Hands-on experience with GPO design, DNS, DHCP, WSUS, PKI, NPS, DFS, File Server, and SMTP relay
Experience deploying AD in segregated or air-gapped environments
Azure & Hybrid Identity
Proven experience deploying Azure IaaS/PaaS components: VMs, storage, VNets, load balancers, application gateways, AVD, AKS
Experience with Entra ID (Azure AD) and hybrid identity: Entra Connect, SSO, Conditional Access, MFA
Familiarity with Azure security services and governance (RBAC, Azure Policy, Defender for Identity)
Virtualization
Strong hands-on experience with VMware vSphere/ESXi (management, HA, DRS, vMotion)
Experience with Microsoft Hyper-V
Proven track record of VMware-to-Hyper-V migrations (or equivalent platform migrations)
Documentation
Ability to produce clear, structured HLD and LLD documents independently
Experience documenting infrastructure designs for regulated industries (GxP, life sciences, or equivalent)
Experience in pharmaceutical or life sciences environments (GxP, CSV awareness)
Knowledge of network segmentation concepts (VLANs, firewall zones, DMZ)
Familiarity with SCCM/Intune for endpoint management
Microsoft certifications: AZ-800, AZ-801, AZ-104, AZ-305 or equivalent
Experience with identity governance tooling
Engineers who document as they build — not after
Clear, concise technical communication (written and verbal)
Structured thinking when designing complex, multi-layer environments
Ownership from design through to production
Benefits & Development
Permanent contract
Flexible compensation
Projects with leading pharmaceutical companies and essential infrastructure operators
Opportunity to grow in a highly specialized team focused on IT and OT infrastructure
Training and certification support in enterprise infrastructure technologies
Our Values
Ownership: We take responsibility and make things happen.
Customer First: We obsess over client value and outcomes.
Team Play: We win together.
Ambition: We set bold goals and push boundaries.
Excellence: We aim to be the best at what we do.