Position Summary
The Sr. Windows Systems Engineer is the senior technical authority on enterprise Windows Server and Microsoft infrastructure within Encore’s Infrastructure Managed Services (IMS) practice. This role leads Windows Server delivery across Encore’s managed services customer environments, with a primary focus on a major financial services account, while partnering with the IT Operations Command Center (ITOCC) to operationalize Windows support at scale. The engineer owns Windows architecture standards, Active Directory, automation, patch and lifecycle management, and serves as the senior escalation point for the most complex Windows-layer incidents and problems.
Responsibilities:
· Lead Windows Server delivery (2016/2019/2022/2025) for Encore managed services customers, including build standards, hardening, Active Directory integration, patch management, and lifecycle planning across customer environments.
· Conduct discovery workshops and produce architecture design documents, build standards, and runbooks alongside Encore project management and customer technical teams.
· Serve as the senior technical authority and final escalation point for Windows-layer incidents, problems, and major changes — including Active Directory troubleshooting, performance analysis, and root cause investigation.
· Operate as the Pilot engineer within Encore’s Pilot/Co-Pilot delivery model on major customer accounts, with customer engineers serving as the Co-Pilot through transition and steady-state operations.
· Partner with the IT Operations Command Center (ITOCC) to define alert thresholds, runbook libraries, and L2 triage procedures so analysts can effectively support Windows environments at scale.
· Design and maintain automation for Windows provisioning, configuration, and patching using PowerShell, PowerShell DSC, Group Policy, or equivalent infrastructure-as-code tooling.
· Operate Tanium (and equivalent endpoint management platforms) for patch management, configuration compliance, and asset inventory across customer environments. Lead Windows migration and upgrade projects (e.g., Windows Server 2016→2025, Active Directory migrations, end-of-life remediation) and own patch SLA reporting and CIS benchmark compliance.
· Develop and maintain training materials, internal documentation, and template libraries that allow IMS and ITOCC teams to extend Windows coverage to new customers.
· Serve as Encore’s deep technical authority on Windows Server and Microsoft infrastructure; support pre-sales conversations, customer scoping, and architecture decisions across the Infrastructure Managed Services portfolio.
· Mentor IMS and ITOCC engineers on Windows Server best practices and contribute to the evolving managed services roadmap (Bronze, Silver, Gold tier offerings).
· Other duties as assigned.
Qualifications:
· Bachelor’s degree in Information Technology, Computer Science, or related field; relevant industry certifications a strong plus.
· 7+ years of hands-on experience designing, deploying, and operating enterprise Windows Server environments in production.
· Deep, demonstrable expertise with Windows Server (2016/2019/2022/2025) at scale – Active Directory design and administration, Group Policy, DNS, DHCP, certificate services (ADCS), failover clustering, and performance troubleshooting for environments of 500+ servers.
· Strong production experience with Microsoft ecosystem tooling – WSUS/SCCM (or Intune/Configuration Manager), Hyper-V, IIS, SQL Server administration fundamentals, and Microsoft 365/Entra ID hybrid identity. Experience operating in regulated environments (financial services, healthcare) a plus.
· Strong scripting and automation skills with PowerShell (advanced — modules, DSC, remoting); familiarity with Ansible or other configuration management tooling a plus.
· Production experience with Tanium or comparable enterprise endpoint management platforms (BigFix, Ivanti, Microsoft Intune/Configuration Manager) for patch ring design, compliance reporting, and large-scale fleet operations (1,000+ endpoints).
· Prior MSP or managed services experience preferred; experience leading customer-facing engagements as the senior technical lead; Microsoft Certified: Windows Server Hybrid Administrator Associate or Microsoft Certified: Identity and Access Administrator Associate certifications highly desirable.