Who we are:

VBG (Veteran Benefits Guide) was founded by a former active-duty United States Marine with the goal of ensuring that Veterans receive the correct disability benefits in a timely manner. VBG has successfully guided over 35,000 Veterans by submitting their VA (Veteran Affairs) disability claims, resulting in increased compensation benefits for their disabilities that are related to active-duty service. As a company founded by a Veteran and staffed by many Veterans and families of Veterans, Veteran Benefits Guide is committed to advocating for policies that protect the rights and interests of former servicemembers. 

What we are looking for:

The Senior Infrastructure Engineer serves as the senior technical authority bridging Support Services, DevOps, and IT Security, ensuring secure, reliable, and efficient service delivery across VBG’s multi-site environments, including the Las Vegas headquarters and San Diego office.

This role is accountable for architecting, implementing, and operating VBG’s hybrid and SaaS-first infrastructure, spanning on-premises systems, cloud platforms, and enterprise SaaS services. The Senior Infrastructure Engineer owns infrastructure architecture, network engineering, identity and access management (IAM), and cloud platform design, ensuring scalability, security, cost efficiency, and operational resilience.

Beyond day-to-day operations, the role drives enterprise automation, enables security frameworks, and serves as the Tier 4 escalation authority, bridging traditionally siloed teams to deliver resilient, secure, and well-governed IT services aligned with modern infrastructure engineering and reliability standards. This role is classified under IT Systems Infrastructure Engineering and does not align with facilities or industrial infrastructure engineering roles.

 This position is open to candidates located in the following states: Arizona (AZ), California (CA), Washington (WA), Nevada (NV), Utah (UT), Illinois (IL), Ohio (OH), New Jersey (NJ), Virginia (VA), North Carolina (NC), and Florida (FL).  

Essential Functions:

Reasonable accommodation may be made to enable individuals with disabilities to perform essential functions.

Infrastructure Operations, Reliability & End-User Experience

• Serve as the Tier 4 escalation authority for infrastructure-related incidents, owning complex troubleshooting and resolution across multi-site environments.
• Define, track, and report infrastructure reliability and service metrics, including uptime, incident resolution time, and service health indicators, in partnership with Support Services staff.
• Provide technical mentorship and escalation guidance to Support Services staff and enable cross-training for site-based users to support baseline operational continuity.

Infrastructure Architecture & Cloud Engineering

• Architect, implement, and maintain hybrid and SaaS-first infrastructure, including on-premises systems, cloud platforms, and secure access services.
• Administer and optimize enterprise operating systems including Windows Server, Windows 10/11, MacOS, and Linux.
• Design, operate, and optimize virtualized and cloud environments (VMware, Hyper-V, AWS, Azure) with a focus on scalability, reliability, and cost efficiency.
• Establish and maintain Infrastructure as Code (IaC) standards using Terraform, CloudFormation, Ansible, Puppet or equivalent tools to ensure repeatable and auditable deployments.

Network & Secure Connectivity Engineering

Own the design, implementation, and lifecycle management of enterprise network infrastructure, including:

• LAN and Wi-Fi platforms (Unifi Dream Machine SE, switches, access points)
• SD-WAN, VPN, and secure remote access solutions (RapidScale VeloCloud, FortiGate EMS)

Ensure network architectures align with Zero Trust access principles, reliability standards, and business continuity requirements.

DevOps Enablement & Automation

• Partner with DevOps teams to integrate infrastructure into CI/CD pipelines (GitHub Actions, Jenkins, Azure DevOps).
• Design and support containerized platforms using Docker and Kubernetes to enable scalable application delivery.
• Lead infrastructure automation for configuration, patching, deployment, and remediation using Ansible, Intune (Windows/Android), JAMF (Mac/iOS), and scripting (PowerShell, Bash, Python).
• Support application release processes through environmental design, infrastructure readiness, and rollback planning.

Security Engineering & Compliance Enablement

• Act as the infrastructure engineering partner to IT Security in the design and implementation of Zero Trust Architecture and micro-segmentation strategies.
• Integrate and operationalize EDR, SIEM, and monitoring platforms (e.g., Wazuh, Microsoft Defender, Splunk, Datadog) to ensure reliable telemetry and response workflows.
• Ensure infrastructure compliance with NIST, CIS v8, ISO 27001, SOC 2, and internal security standards.
• Lead infrastructure-side vulnerability remediation and coordinate penetration testing follow-up activities.
• Own identity and access governance, including RBAC and directory services using Azure AD / Entra ID.
• Support physical security systems (e.g., Alarm.com access control and cameras) in coordination with Facilities.

Disaster Recovery & Business Continuity

• Own infrastructure responsibilities within Disaster Recovery (DR) and Business Continuity Planning (BCP), including backup validation and recovery readiness.
• Manage and validate cloud-to-cloud and SaaS backup platforms (Barracuda for Microsoft 365, OWN for Salesforce).
• Participate in business continuity exercises and maintain multi-site recovery documentation.

Observability, Monitoring & Incident Prevention

• Design and maintain infrastructure observability standards using platforms such as Datadog and New Relic.
• Monitor third-party service health and vendor outages using external monitoring tools.
• Lead root-cause analysis and automated remediation development to prevent recurring incidents and improve platform reliability.

Documentation, Standards & Asset Lifecycle Management

• Maintain authoritative technical documentation, including architecture diagrams, SOPs, and knowledge base articles using Confluence and SharePoint.
• Oversee hardware and software asset lifecycle management, inventory accuracy, and audit readiness using tools such as Snipe-IT and Smartsheet.

Communication & Collaboration

• Ensure reliable communication through Microsoft Teams, RingCentral, and Zoom.
• Collaborate with internal stakeholders (Support, DevOps, Security, Engineering, Product, and Data teams) to align IT services with business needs

Qualifications or Competencies:

• Minimum 7+ years in infrastructure engineering, systems engineering, or hybrid cloud operations.

Technical Competencies

• Hybrid infrastructure architecture (on-prem, SaaS, AWS, Azure)
• Networking: SD-WAN, VPN, firewalls, LAN/Wi-Fi
• Identity & Access Management: Azure AD / Entra ID, RBAC, SSO
• Infrastructure as Code: Terraform, CloudFormation
• Automation: Ansible, Intune, JAMF, scripting
• DevOps: CI/CD, Docker, Kubernetes
• Security tooling integration and Zero Trust enablement
• Monitoring, observability, and incident remediation

Professional Competencies

• Advanced troubleshooting and root-cause analysis
• Cross-functional technical leadership
• Clear technical documentation and communication
• Ability to operate autonomously with enterprise-level responsibility

Preferred Certifications:

• CompTIA Security+
• AWS Certified SysOps Administrator – Associate
• AWS Certified DevOps Engineer – Professional
• Certified Kubernetes Administrator (CKA)
• CISSP (Certified Information Systems Security Professional)
• Microsoft Azure Administrator Associate (AZ-104)

Education and Previous Work Experience:

• Bachelor’s degree preferred (Engineering, Computer Science, Information Systems) or equivalent professional experience.   

EEO: 

Veteran Benefits Guide (VBG) provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, national origin, ancestry, physical disability, mental disability, medical condition, marital status, sex (including pregnancy, childbirth, breastfeeding or related medical conditions), gender (including gender identity and gender expression) genetic characteristic, sexual orientation, registered domestic partner status, age, military or veteran status, hairstyle or hair texture, reproductive health decision making, or any other characteristic protected by federal, state, or local laws.