We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
BDO USA, LLP jobs

System Administrator - Public Sector, Operations

BDO USA, LLP
United States, Florida, Orlando
450 South Orange Avenue (Show on map)
Apr 29, 2025

Job Summary:

The System Administrator is responsible for designing, implementing, securing, and maintaining the organization's complex systems infrastructure, with a focus on hybrid cloud environments, virtualization technologies, server hardware and network infrastructure. This role also encompasses local area networks (LANs), wide area networks (WANs), and cloud networking solutions.

Job Duties:



  • Develops comprehensive network designs that meet current and future business requirements, emphasizing performance, scalability, and security
  • Sets up and manages advanced network services such as VPNs, firewalls, and SD-WAN solutions to support hybrid cloud architectures
  • Deploys and manages Cisco Meraki solutions to create a seamless cloud-managed network
  • Configures Auto VPN, application control, traffic shaping, content filtering, access control lists (ACLs), and quality of service (QoS) settings within the SD-WAN environment to optimize performance and security
  • Defines, implements, and optimizes firewall rules to allow legitimate traffic while blocking malicious or unauthorized access while continuously evaluating and adjusting rules for performance and security
  • Integrates firewalls with intrusion detection/prevention systems (IDS/IPS) to detect and mitigate potential attacks
  • Implements Wi-Fi security protocols (e.g., WPA3, 802.1X) and manage authentication mechanisms to protect wireless access
  • Stays up to date with the latest networking technologies and industry best practices
  • Executes network and system migrations, including hardware and software upgrades, configurations, and integrations
  • Manages and administer on-premises servers and services, including Active Directory configurations, access permissions, GPOs, user management and other system components
  • Develops and maintain documentation for system configurations, network architecture, and operational procedures
  • Collaborates with cross-functional teams to support projects related to cloud services, application deployment, and infrastructure upgrades
  • Collaborates with the security team to respond to incidents and implement corrective actions
  • Designs, implements, and manages backup strategies to ensure data integrity, availability, and recoverability for critical systems, applications, and data
  • Applies and enforces Security Technical Implementation Guides (STIGs) on systems infrastructure to ensure compliance with organizational and regulatory security standards
  • Implements FIPS mode on applicable systems and network devices to ensure that they only use FIPS 140-2 approved cryptographic algorithms and modules
  • Maintains and manages domain DNS services to ensure reliable name resolution for internal and external resources
  • Administers DHCP services, including configuring scopes, options, and reservations to efficiently allocate IP addresses
  • Monitors and troubleshoots DNS, DHCP, and authentication issues, implementing necessary changes to optimize performance and security
  • Maintains certificate authority servers' hierarchy ensuring servers are highly secured to prevent unauthorized access
  • Handles certificate signing requests (CSRs) for re-issuing certificates due to changes in domain names, key pairs, or organizational needs
  • Establishes certificate templates to define the rules for certificate issuance, including validation requirements, validity periods, and key lengths
  • Regularly audits and reviews which services are using SSL certificates and ensure they are up to date with the appropriate certificates and configurations
  • Oversees the VMware virtual environment including vCenter administration, virtual machines (VM) provisioning, monitoring, and performance tuning
  • Optimizes resource allocation for VMs and ensure high availability and disaster recovery configurations
  • Configures and manages virtual networking within vSphere, including distributed switches, storage solutions and port group configurations
  • Regularly manages VM snapshots for backup procedures and avoid excessive storage consumption and performance issues
  • Assigns storage policies to datastores to define performance, availability and encryption requirements to protect data on the storage layer
  • Regularly updates server software, operating systems, and applications to ensure optimal performance and security
  • Monitors server resources such as CPU, memory, and disk space to avoid performance issues or system failures
  • Maintains detailed documentation of server configurations, maintenance activities, and any incidents or issues
  • Other duties as needed


Supervisory Responsibilities:



  • N/A


Qualifications, Knowledge, Skills and Abilities:

Education:



  • Bachelor's degree in computer science, cybersecurity, information technology, software engineering, information systems, or computer engineering, required
  • Master's degree in computer science, cybersecurity, information technology, network engineering, information systems, or computer engineering, preferred
  • Annual 40 hours of continuous learning, (may include professional memberships, forums, lunch and learns, roundtables, online training courses, and maintaining certifications), required


Experience:



  • Five (5) or more years of advanced networking experience, required
  • Three (3) or more years of experience with operating systems, virtualization and cloud computing, required
  • Two (2) or more years of experience with securing IT systems compliance with industry security frameworks, required


License/Certifications:



  • Cisco CCNP Enterprise, Microsoft, VMware, RHEL, or other Networking related certifications, preferred


Software:



  • Experience with four (4) or more of the following, required:

    • Cisco Next-Gen Firewall (NGFW)
    • Cisco cloud-managed SD-WAN technologies
    • Virtualization Technologies
    • VMware vSphere
    • Dell PowerEdge, iDRAC
    • Cisco AnyConnect
    • Cisco Catalyst WLAN & Switches
    • Certificate Authority
    • Windows Server 2016+
    • Microsoft Azure, Office365, Endpoint Manager/Intune, Enterprise Applications
    • Active Directory Certificate Services (ADCS)
    • DMZ, SSH, DNS, DHCP, RADIUS, PuTTY, Wireshark, TraceRT



Other Preferred Knowledge, Skills, and Abilities:



  • Knowledge of FedRAMP, NIST SP 800-53, NIST SP 800-171, NIST CSF, Cybersecurity Maturity Model Certification (CMMC), ISO 27000, ITAR
  • Knowledge of computer networking concepts and protocols, and network security methodologies
  • Knowledge of communication methods, principles, and concepts that support the network infrastructure
  • Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware
  • Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
  • Familiarity with Information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)
  • Knowledge of Local area and wide area networking principles and concepts including bandwidth management
  • Knowledge of Telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing)
  • Familiarity with Virtual Private Network (VPN) security
  • Knowledge of concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless)
  • Proficiency with Windows Server OS, including Active Directory, Group Policies, and managing Windows-based services
  • Familiarity with Network security architecture concepts including topology, protocols, components, and principles
  • Familiarity with network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools
  • Familiarity with an Organization's information classification program and procedures for information compromise
  • Familiarity with network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
  • Knowledge of controls related to the use, processing, storage, and transmission of data
  • Understanding and setting up RAID configurations to protect against disk failure
  • Ability to analyze network traffic capacity and performance characteristics
  • Ability to implement, maintain, and improve established network security practices
  • Ability to install, configure, and troubleshoot LAN and WAN components such as routers, hubs, and switches
  • Ability to use network management tools to analyze network traffic patterns (e.g., simple network management protocol)
  • Ability to protect a network against malware (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters)
  • Ability to configure and utilize network protection components (e.g., Firewalls, VPNs, network intrusion detection systems)
  • Ability to implement and test network infrastructure contingency and recovery plans
  • Ability to configure and utilize computer protection components (e.g., hardware firewalls, servers, routers, as appropriate)
  • Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware


Applied = 0
MORE JOBS LIKE THIS

(web-94d49cc66-r6t7c)