Azure, Windows & Linux System Engineer

Job Title:
Azure, Windows & Linux System Engineer

Location:
Elkhart, IN

Contract Term: 6 Months (with possible extension based on performance)

Hybrid – In-Office (Tues – Thurs)

The client is seeking a skilled and meticulous Azure, Windows & Linux Systems Engineer to join our team on a 6-month contract basis, with the possibility for extension based on performance, to lead the implementation and rollout of a Managed Detection and Response (MDR), SIEM, and Endpoint Detection & Response (EDR) solution across enterprise environments. This role is responsible for deploying, configuring, and integrating Microsoft Sentinel and Microsoft Defender for Endpoint within hybrid infrastructures, ensuring scalable, secure, and compliant operations.

The ideal candidate will leverage automation (Ansible, Power Shell, Bash) to execute large-scale deployments across Windows, Linux, and operational technology (OT) environments. They will configure Azure components, including Log Analytics Work spaces, resource groups, RBAC, and service principals, and manage Sentinel data ingestion through Azure Monitor Agent (AMA), Data Collection Rules (DCRs), and syslog/CEF forwarders.

This role requires strong firsthand experience with Windows Server (2019–2025) and Active Directory, including Group Policy, service accounts, and RBAC troubleshooting, as well as Linux system administration (Rocky Linux, Ubuntu) for package management, system configuration, and firewall configuration. The engineer will also support Defender for Endpoint onboarding across Windows and Linux systems and ensure reliable syslog integration from network devices such as Check Point and Extreme Networks.

Additionally, the role requires awareness of PCI-scoped environments and adherence to security and compliance standards throughout the deployment lifecycle. The successful candidate will collaborate across infrastructure, security, and operations teams to deliver a resilient and scalable security monitoring platform.

• Design, implement, and configure MDR/SIEM/EDR solutions using Microsoft Sentinel and Microsoft Defender for Endpoint.
• Lead large-scale rollout of endpoint agents across Azure, Windows, Linux, and OT environments.

• Develop and maintain Ansible playbooks to automate deployments and configuration at scale.
• Create and optimize Power Shell and Bash scripts to streamline onboarding, validation, and troubleshooting processes.

• Provision and manage Azure resources, including Log Analytics Work spaces, resource groups, RBAC roles, and service principals.
• Configure and maintain Sentinel data ingestion pipelines using Azure Monitor Agent (AMA) and Data Collection Rules (DCRs).

• Implement and maintain syslog/CEF forwarding from network and security devices.
• Integrate logs from platforms such as Check Point and Extreme Networks into the SIEM.

• Deploy and onboard Microsoft Defender for Endpoint across Windows and Linux systems.
• Validate telemetry flow and ensure endpoints are correctly reporting to the SIEM.

• Troubleshoot Windows Server (2019/2022/2025) and Active Directory issues, including GPOs, service accounts, and RBAC permissions.
• Perform Linux system administration tasks on Rocky Linux and Ubuntu (package management, system services, firewall configuration).

• Ensure all implementations align with organizational security standards and PCI compliance requirements.
• Maintain awareness of PCI-scoped environments during deployment and data ingestion activities.

• Work cross-functionally with security, infrastructure, and operations teams to ensure successful deployments.
• Create and maintain technical documentation, runbooks, and operational procedures.

• Conduct testing and validation of data pipelines, detections, and endpoint coverage.
• Continuously improve deployment processes and system performance through automation and best practices.

• Ansible playbook development for at-scale Windows/Linux/OT rollout
• Azure administration – Log Analytics Work spaces, resource groups, RBAC, service principals
• Sentinel data ingestion – AMA, DCRs, syslog/CEF forwarders
• Microsoft Defender for Endpoint deployment on Windows and Linux servers
• Rocky Linux and Ubuntu administration competence for troubleshooting package management, systems, firewalls on the Linux side; GPO, services, and AD account/RBAC
• Windows Server 2019/2022/2025 and Active Directory competence for troubleshooting GPO, service accounts, and AD RBAC for the DC/server agent rollout
• Check Point and Extreme Networks basic knowledge (for the syslog server)
• Power Shell and Bash scripting
• PCI scope awareness