Must be local to WI :: System Engineer II

Responsibilities:

Systems Administration & Infrastructure

• Administer and maintain agency servers, virtual machines, and hybrid infrastructure to ensure reliability, performance, and data protection.
• Lead the configuration, monitoring, and patching of Windows Server, M365, and Entra ID environments in coordination with partner agencies.
• Implement and maintain automation scripts and workflows (PowerShell, CLI, or platform tools) to streamline routine tasks and improve system efficiency.
• Integrate and manage hybrid identity and authentication systems (Entra ID, SSO) for secure access to enterprise SaaS and cloud resources.
• Plan and coordinate upgrades, migrations, and maintenance windows to minimize service disruption.
• Maintain accurate documentation for configurations, integrations, and operational standards.

Cloud & Storage Management

• Manage AWS and other cloud-based storage platforms, including lifecycle automation, data tiering, and integration with on-prem systems.
• Monitor cloud utilization and performance, recommending optimizations for scalability, resilience, and cost-effectiveness.
• Support deployment and configuration of new SaaS applications, ensuring compliance with state and agency standards.
• Evaluate and implement secure connectivity and data-transfer methods between on-prem and cloud systems.

Technology Intake & Vendor Review

• Coordinate technology intake and vendor review processes, gathering business use cases, data classifications, and system requirements.
• Review vendor documentation such as privacy policies, security artifacts (SOC 2, StateRAMP, FedRAMP), and licensing terms to assess compliance and risk.
• Partner with internal stakeholders and the Department of Administration (DOA) to ensure new technology meets security, accessibility, and policy requirements.

AI & Emerging Technology Governance

• Evaluate products and services that incorporate Artificial Intelligence (AI) for compliance with agency data governance, privacy, and security standards.
• Identify accountable business stakeholders to help ensure technology and its use adheres to prescribed business processes.
• Gather and document technical details and approved use cases for AI-enabled tools, coordinate review and approval through DOA governance processes.
• Maintain an inventory of approved AI applications and related risk considerations. Monitor for changes to AI sub processors and terms of use for applications in the portfolio.

Monitoring, Security Coordination & Reporting

• Monitor infrastructure health, performance, and alerts using enterprise tools (e.g., Splunk, Tenable, IronPort, or equivalent).
• Assist with vulnerability management coordination by reviewing findings, tracking remediation, and maintaining dashboards in collaboration with system owners.
• Translate technical information into clear, actionable summaries for diverse audiences, including executive leadership.
• Support incident response activities and coordinate with partner agencies or managed service providers during investigations or escalations.

Compliance, Documentation & Continuous Improvement

• Support adherence to state, NIST, and PCI-aligned standards by documenting processes, controls, and exceptions related to systems and cloud infrastructure.
• Contribute to audit preparation, evidence collection, and compliance reporting.
• Champion secure and efficient technology practices across IT and business units, balancing innovation with governance.

Minimum Qualifications:

• 5+ years of experience in system administration or cloud engineering within hybrid environments.
• Extensive knowledge of Microsoft 365, Entra ID, Windows Server, and AWS storage services (S3, Glacier, Intelligent Tiering).
• Demonstrated ability to design and implement automation, monitoring, or integration scripts using PowerShell, Python, or equivalent tools.
• Experience integrating and supporting enterprise SaaS platforms and SSO/IAM solutions.
• Experience with cloud lifecycle management, cost optimization, or hybrid storage automation.
• Working knowledge of vulnerability management, SIEM, or related monitoring tools (e.g., Tenable, Splunk, IronPort, Cloudflare).
• Understanding of security best practices including encryption, access control, and patch management.
• Familiarity with compliance frameworks such as NIST, PCI DSS, CIS, or ISO 27001.
• Excellent documentation and communication skills, with the ability to translate complex technical concepts for diverse audiences.
• Strong problem-solving and analytical skills with a focus on continuous improvement.

Desired Qualifications:

• Experience evaluating AI tools or emerging technologies for compliance, privacy, or ethical risks.
• Expertise in AWS S3 Bucket, lifecycle, and IAM policies as well as AWS Billing Console and advanced cost reporting.
• Experience coordinating or supporting IT security reviews, exception workflows, or audit responses.
• Familiarity with single tenant multi-agency state government IT environments, policies, and collaboration.
• Relevant industry certifications (e.g., Microsoft, AWS, CompTIA, ISC2, or ITIL) preferred.

This is a hybrid position requiring on-site work at the WHS HQ 1 3 days per week depending on project and operational needs. WHS is located downtown Madison on the UW Madison campus, with nearby public parking, transit, and bike access. Remote work may be permitted on a scheduled basis after onboarding.

Candidates must be Wisconsin residents or willing to relocate prior to starting employment. Regular commuting expenses are not covered by WHS

Must Have Top Skills & 5+ Years of Experience in the following:

• Experience in system administration or cloud engineering within hybrid environments. (5+ years)
• Extensive knowledge of Microsoft 365, Entra ID, Windows Server, and AWS storage services (S3, Glacier, Intelligent Tiering). (5+ years)
• Demonstrated ability to design and implement automation, monitoring, or integration scripts using PowerShell, Python, or equivalent tools. (5+ years)
• Experience integrating and supporting enterprise SaaS platforms and SSO/IAM solutions. (5+ years)

Nice to have:

• Experience evaluating AI tools or emerging technologies for compliance, privacy, or ethical risks.
• Expertise in AWS S3 Bucket, lifecycle, and IAM policies as well as AWS Billing Console and advanced cost reporting.
• Experience coordinating or supporting IT security reviews, exception workflows, or audit responses.
• Familiarity with single tenant multi-agency state government IT environments, policies, and collaboration.