MSP4, LLC | Full-Time | Remote (United States) | Up to 25% Travel | 6+ Years Experience
MSP4 operates as the embedded IT department for a portfolio of clients spanning professional services, legal, distribution, manufacturing, and government sectors. Environments range from 50 to 1,500 users and carry real compliance weight: CMMC L2, NIST 800-171, and SOC 2 are active requirements across this client base.
This role owns infrastructure delivery across that portfolio. You design, implement, and support on-premises and hybrid cloud environments: bare metal, virtualization, SAN and HCI storage, backup and recovery, and hardened Windows Server configurations. Cloud work spans AWS, Azure Commercial, and Azure Government. Design authority sits with our Principal Solutions Architect. This role owns clean execution, thorough documentation, and the judgment to improve what exists rather than rebuild it.
Remote within the United States. Travel up to 25% for major client project deployments. Day-to-day work is executed remotely.
Candidates are scored against these. Categories: Technical, Functional, Consulting, Credentials.
| # | Qualification | Category | Description |
|---|---|---|---|
| 1 | Windows Server operations | Technical | Active Directory, DNS, DHCP, Group Policy, PKI, and server lifecycle management at hands-on operational depth. |
| 2 | SQL Server platform ownership | Technical | Installation, patching, core-vs-CAL licensing, Always On Availability Groups or Failover Cluster Instances, Veeam-coordinated application-consistent backup, tempdb sizing, memory and storage layout for OLTP. Platform layer, not DBA-level query tuning. |
| 3 | Virtualization | Technical | Hands-on across at least two of VMware vSphere, Hyper-V, Proxmox, including vMotion, HA, and DRS. |
| 4 | SAN / HCI storage | Technical | Working depth in NetApp ONTAP, Pure Storage, Nutanix AHV, or VMware vSAN; Mellanox/RDMA fabric a plus. |
| 5 | Hybrid cloud | Technical | AWS and Azure IaaS, Entra ID, ExpressRoute/VPN connectivity, hybrid identity, including Azure Government. |
| 6 | Backup and disaster recovery | Technical | Veeam Backup & Replication design, deployment, testing, and documentation. |
| 7 | Compliance hardening | Functional | STIG application, NIST 800-171 controls, and CMMC L2 / SOC 2 requirements as they apply to Windows Server. |
| 8 | Citrix at the infrastructure layer | Technical | VDA provisioning, machine catalog design, VDI storage sizing, NetScaler at a working level. |
| 9 | Multi-client service delivery | Functional | Comfort adapting to established standards across varied client environments. |
| 10 | Documentation discipline | Consulting | Runbooks, build guides, change records, and audit-ready configuration docs another engineer can follow without asking questions. |
| 11 | Executes within an owned framework | Consulting | Reads and applies documentation, runbooks, and standards set by others without requiring constant design input. |
| 12 | Production experience | Credentials | 6+ years infrastructure engineering in production across professional services, manufacturing, distribution, legal, or government. |
| 13 | US-person status | Credentials | US citizen, US national, lawful permanent resident, or protected individual (refugee or asylee) under US law. Required for CUI and export-controlled system access under CMMC L2. Authorization to work in the US is not sufficient: a work visa (H-1B, L-1, TN), OPT/CPT, or an Employment Authorization Document does not satisfy this requirement. |
| 14 | Cloud and platform certifications | Credentials | AZ-104, AZ-800/AZ-801, AZ-305, VMware VCP, or AWS Solutions Architect Associate. A plus, not a requirement. |
| 15 | Discovery-led investigation | Consulting | Sequences discovery before recommendation: structured inventory, named tools and data sources, and gap identification ahead of design. |
Required. Absence screens the candidate out.
Preferred. Strengthens a candidate, never screens one out.
| Competency | Behavioral indicator |
|---|---|
| Executes within the framework | Delivers clean work inside the Principal's design framework; pushes back when something is wrong, does not redesign on personal preference. |
| Forward-deployed ownership | Owns the outcome at the client in front of them; carries that client's context into every change. |
| Documentation discipline | Leaves behind audit-ready records that let another engineer maintain the work unaided. |
| Adapts to client standards | Moves between varied client environments without creating hand-off gaps or imposing a personal standard. |
| Judgment under audit | Exercises consistent, defensible judgment that holds up across a multi-client portfolio and under audit. |
MSP4 does not operate like a traditional IT department or a ticket-centric help desk. We function as embedded IT leadership for our clients, accountable to their outcomes.
Our Principal Solutions Architect owns the design framework. Engineers at every level, including senior, execute within that framework. The tier structure keeps a multi-client portfolio consistent and audit-ready. Candidates who need design authority to feel effective should pass on this role. Candidates who find satisfaction in high-quality execution and in earning client trust through reliability will do well here.
We are building the operating model in real time. Some processes are documented; others are being written as we go. People here help shape what does not yet exist while executing reliably within what does.
MSP4, LLC provides infrastructure, security, and IT advisory services to mid-market professional services, manufacturing, distribution, legal, and government clients across the United States. Our commercial practice and regulated practice serve organizations with serious compliance requirements including SOC 2 Type II and CMMC Level 2.
We are a small team. Every person on it has direct impact on client outcomes. The ladder is tiered for scope and audit; access is not. Everyone here has direct access to everyone else, up to and including the CEO.
MSP4, LLC is an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.
Alongside your resume, submit a one-page cover page in PDF. Name the file CoverPage_LastName_FirstName_SeniorInfrastructureEngineer.pdf. Include a header line with your name, the date, and the JD version string shown at the bottom of this posting.
On the cover page, answer the following in order:
Close with the following statement exactly: "I understand that design authority for this role sits with the Principal Solutions Architect, and that my role is to execute within that framework."
One page. PDF only.
JD v4.0. Retain this version string on your cover page.