About the Role We are seeking a Senior Wintel Infrastructure Engineer to join a high-performing Network and Server Infrastructure team. This is a critical technical role responsible for the design, implementation, and ongoing management of enterprise Microsoft environments across a hybrid infrastructure. You will play a key role in delivering a major cybersecurity uplift program, ensuring secure, scalable, and compliant Windows-based platforms across both on-premises and Microsoft Azure environments. Team & Environment You will be part of a collaborative Infrastructure team consisting of: Infrastructure Manager Infrastructure Team Lead Server & Network Engineers System & Network Administrators Cloud Engineers You will report to the Infrastructure Team Lead and work closely with: Cyber Uplift Project Team System Integration Vendors Cyber Implementation Lead We're looking for a proactive team player who takes ownership and can effectively self-manage their workload. Key Responsibilities Infrastructure Engineering Design, deploy, and maintain enterprise-grade Wintel environments Administer Microsoft Active Directory (AD) and Microsoft Entra ID Develop and manage Group Policy Objects (GPOs) Support hybrid cloud environments (on-premises & Azure) Ensure system performance, availability, and patch compliance Cybersecurity Uplift (Core Focus) Implement and manage Multi-Factor Authentication (MFA) Deliver passwordless and phishing-resistant authentication solutions Apply system hardening standards across endpoints Maintain role-based security groups aligned to least privilege principles Develop secure and compliant GPO structures Endpoint Management Administer Microsoft SCCM (Endpoint Configuration Manager) Deploy applications, task sequences, and updates Manage endpoint compliance, patching, and lifecycle Administer Microsoft Intune and enforce compliance policies Automation & Scripting Develop and maintain PowerShell scripts Automate operational and security tasks Maintain script repositories with version control Support Infrastructure-as-Code (IaC) practices Security, Encryption & PKI Configure TLS and secure communication protocols Harden systems by disabling insecure ciphers and protocols Design and manage Public Key Infrastructure (PKI) Manage certificates for systems, applications, and users Ensure secure key management practices Operational Excellence Provide Level 3 support across infrastructure and security services Troubleshoot across hybrid environments Produce and maintain technical documentation (runbooks, MOPs, as-builts) Collaborate with cross-functional teams to improve services Desirable Experience Application Control solutions (e.g. Airlock Digital) Microsoft Defender suite (Endpoint, Identity, Office 365) Azure Conditional Access policies Privileged Access Management (PAM) Microsoft Privileged Identity Management (PIM) Office macro security controls and signing Working Arrangements Hybrid model - minimum 2 days onsite After-hours and weekend work required for upgrades and deployments Why Apply? Work on a large-scale cybersecurity transformation program Exposure to modern Microsoft cloud and security technologies Collaborative, high-performing infrastructure team Opportunity to influence enterprise-wide platform and security design