People Inc.Remote
IT Cloud Engineer
United States of America
Full-time
1 month ago
$60 - $65 USD
H1B Sponsor Likely
Key skills
Windows Server administrationPatch automationAWSAzureGoogle Cloud PlatformIdentity and Access Management (IAM)Active DirectoryAzure ADOktaPowerShell scriptingPython scriptingBash scriptingLinuxNutanixRubrikDockerPrometheusGrafanaLokiSplunkELK StackITILPythonBashPowerShellBIGCPIAMLDAPSSORepositoryJiraCommunication
About this role
Dotdash is the largest print and digital publisher in America, and they are seeking an experienced IT Cloud Engineer to support, maintain, and modernize enterprise infrastructure during data-center decommissioning and cloud migrations. The role involves managing Windows Server operations, identity integrations, automation, and hybrid cloud services across various platforms.
Responsibilities:
- Administer 200+ servers; own patching SLAs, monitoring (Prometheus/Grafana), capacity/lifecycle plans, and vulnerability remediations
- Operate AD/Azure AD; serve as Okta–AD SSO/MFA integration owner (health, upgrades, certificates, lifecycle)
- Execute NYC data‑center app migrations; assist Nutanix decommission; administer Rubrik backups and Sectigo certificates
- Build dashboards and alerts; define SLOs with app owners; deliver monthly system inventory, ownership, and compliance reports
- Manage enterprise DNS (non‑Route 53); support ClearPass and printer authentication integrations
- Manage AWS/Azure/GCP workloads (VMs, IAM, storage/compute, networking, connectivity); optimize cost, reliability, and security
- Deliver PowerShell/Python/Bash tooling for patching, configuration, and repetitive operations; champion IaC/Config‑as‑Code where feasible
- Define scope/success/rollback, RFC/CAB approvals, stakeholder comms, risk register, clear ownership and SLAs
- Full AD/GPO/OUs/trusts/DC health (dcdiag/repadmin), security posture (tiering/LAPS/NTLM), backups/DR tested
- Source of truth + JML, AAD Connect (PHS/PTA, sourceAnchor, staging/writeback), Okta agents/MFA/policies, UPN/sAMAccountName strategy
- Catalog LDAP/Kerberos apps/SPNs, file/print ACLs, DNS/DHCP validation; run a scoped pilot with helpdesk scripts and rollback
- Wave-based moves with replication checks, live auth monitoring, cutover steps, post‑validation, cleanup/decommission, docs/CMDB updates, PIRs and metrics
- Follow ITIL‑aligned change process: RFC tickets with peer review, test evidence, implementation/backout plans, and maintenance windows; attend CAB as required
- Track changes in Jira; update CMDB/asset records within 7 days of change; complete PIRs within 5 business days for failed/high‑risk changes
- Enforce progressive delivery: phased rollouts, canaries, and checkpoint validation; document rollback criteria and success gates upfront
- Maintain current runbooks, architecture/network diagrams, standard operating procedures, DR playbooks, and “How We Operate” docs in a versioned repository
- Treat documentation as acceptance criteria: every change/migration updates docs before closure; keep system ownership and escalation paths explicit
- Publish weekly change summaries and quarterly service health reviews to stakeholders
- Change quality: change failure rate ≤5%; PIR completion SLA met
- CMDB accuracy: ≥98% CI correctness; ownership fields populated for 100% tier‑1 services
- Observability coverage: dashboards/alerts for 100% tier‑1 apps with on‑call playbooks
- Patch compliance: ≥95% critical within 14 days; ≥95% standard within 30 days
- Backup posture: ≥99% successful jobs; quarterly restore tests with evidence
- Plan migrations and decommissioning as small, testable increments with clear exit/rollback; demonstrate progress via bi‑weekly demos and burn‑up charts
- Use feature flags/guardrails where applicable; prefer automate‑then‑standardize over one‑off fixes
- Maintain a visible improvement backlog (automation debt, toil reduction, cost optimizations) with quarterly goals
Requirements:
- 5+ years in systems administration or infrastructure engineering
- Strong Windows Server and patch automation experience
- Hands‑on with AWS, Azure, or GCP (IAM, compute/storage, networking)
- Deep knowledge of Okta, Active Directory, Azure AD integrations
- Scripting with PowerShell (preferred), plus Python or Bash
- Experience with Linux, Nutanix, Rubrik
- Familiarity with Docker/containers
- Monitoring/logging with Prometheus/Grafana, Loki, Splunk, or ELK
- Excellent troubleshooting and stakeholder communication
- Cloud‑migration background
- ITIL knowledge
- Microsoft Administrator or cloud certifications