Senior Infrastructure Systems Engineer (O&M) Platforms

Job Title: Senior Infrastructure Systems Engineer (O&M) Platforms

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: TS/SCI

Employee Type: Regular-Long Term Assignment

Percentage of Travel Required: Up to 10%

Type of Travel: Local

* * *

The Opportunity

Are you interested in continuing your career in Europe in a mission focused environment? CACI has established and upcoming positions throughout the European theater supporting multiple customers for the Department of Defense. We are looking for experienced, innovative and motivated IT Specialists to support enablement US EUCOM's mission objectives.

As a Senior Systems Engineer on our Platforms team, you will play a crucial role in managing and maintaining our enterprise Windows environment. A significant part of your role will include reviewing, cleaning up, and streamlining our comprehensive Group Policy Objects (GPOs) to ensure optimal performance and manageability. Additionally, you will help establish and enforce policies, processes, and documentation standards to improve our operational efficiency and effectiveness. This includes implementing Markdown-based guides for server deployment, STIG remediation, GPO cleanup, and script version controlling. Your expertise will ensure the reliability, security, and efficiency of our Windows environment and automation systems.

Responsibilities

• Engineering & Operations: Plan, execute, and sustain complex infrastructure work across Active Directory, Group Policy, DNS/DHCP, PKI/Certificate Services, MECM, and SCOM. This includes platform upgrades, architecture changes, OS migrations (Windows 11, RHEL 10, Server 2025), break-fix resolution for multi-system issues, and day-to-day operational sustainment. This is the primary function of the role.
• Active Directory Management: Administer, manage, and support Active Directory services including user accounts, group policies, security configurations, privileged account lifecycle, ADFS, and trust relationships.
• Windows Server Administration: Install, configure, and maintain Windows Server environments, ensuring optimal performance, reliability, and STIG compliance across multiple sites.
• GPO Cleanup and Optimization: Review, clean up, and streamline existing Group Policy Objects to improve system performance and manageability. Implement AGPM-based governance with Git-backed version control and approval workflows.
• PKI and Certificate Services: Support and maintain the enterprise PKI hierarchy including Intermediate CA operations, CRL lifecycle management, and OCSP configuration.
• GitLab CI/CD and Automation: Design, implement, and manage CI/CD pipelines and infrastructure-as-code workflows using GitLab. Maintain version-controlled documentation and merge-request-based change governance.
• System Security: Ensure the security of Windows platforms through STIG remediation, patch management, ACAS vulnerability remediation, and alignment with DISA security baselines and CCRI readiness criteria.
• Documentation and Change Governance: Produce Engineering Implementation Plans (EIPs), Engineering Design Plans (EDPs), or equivalent technical writeups in Markdown for all major changes and break-fix actions. Documentation must capture rationale, decisions made, and replication steps, submitted through GitLab for peer review.
• Mentorship and Knowledge Transfer: Mentor junior and mid-level administrators through structured project pairing on real production work, over-the-shoulder training, and creation of reusable runbooks. Contribute to weekly Learn-Friday sessions and brown bags by presenting completed work, lessons learned, and technical deep dives.
• Cross-Functional Awareness: Maintain working familiarity with adjacent team workstreams including CyberArk PAM, MECM/SCUP/App-V endpoint management, and Red Hat Enterprise Linux operations. Coordinate effectively with dedicated engineers in those areas.
• Collaboration: Work closely with cybersecurity, networking, architecture, and project management teams to ensure seamless integration and operation of systems and services.
• Process Improvement: Establish and enforce policies and processes to improve operational efficiency, reduce configuration drift, and standardize how the team delivers and documents engineering work.
• Monitoring and Troubleshooting: Proactively monitor system performance using SCOM, Splunk, or equivalent tooling. Identify issues, perform root cause analysis, and document resolution for institutional knowledge.

The successful candidate must communicate clearly and succinctly both written and orally, and present technical concepts and recommendations in a professional manner. This role operates in a dynamic, fast-paced environment that requires team coordination, independent judgment, and the ability to context-switch between project deliverables, operational sustainment, and unplanned incidents. The Senior Platforms Engineer is expected to be self-directing on assigned work. The Platforms Lead provides scope, priority, and architectural direction, but does not direct step-by-step execution. You are trusted to own your work end-to-end: plan it, execute it, document it, and make sure someone else on the team can learn from it.

Qualifications

Required

• Education: Bachelor's degree in computer science, Information Technology, or a related field or 7 years of relatable experience with qualification under TESA.
• Clearance: Active TS/SCI security clearance
• Experience: Minimum 7 years of experience in Windows systems administration with demonstrated depth in Active Directory, Group Policy, DNS/DHCP, and PKI/Certificate Services in large-scale, multi-site environments.
• Proven ability to independently plan, execute, and document complex infrastructure changes with minimal supervision, including producing formal technical writeups (EIPs, EDPs, or equivalent) that capture rationale and replication steps, not just actions taken.
• Experience with Git/GitLab for version-controlled documentation, merge-request-based change workflows, and CI/CD pipeline fundamentals.
• Moderate to strong scripting skills in PowerShell; familiarity with Python or Bash for cross-platform automation.
• Baseline familiarity with Enterprise Linux (Red Hat), sufficient to understand cross-platform dependencies and coordinate with Linux-focused engineers on the team.
• Experience operating in DISA STIG-hardened environments with practical knowledge of vulnerability remediation and ACAS scan workflows.
• Demonstrated ability to mentor junior administrators through structured project pairing and knowledge transfer as part of normal engineering workflow, not as a separate extracurricular activity.
• Familiarity with network protocols and services (DNS, DHCP, TCP/IP) and virtualization technologies (VMware, Hyper-V).
• CompTIA CASP+/SecurityX, CISSP, or equivalent DoD 8570/8140 IAT Level III certification.
• Ability to work OCONUS at a U.S. military installation in Stuttgart, Germany.

Desired:

• Experience with CyberArk Privileged Access Management at an awareness level, understanding vault architecture, credential rotation concepts, and session management even if not a primary administrator.
• Familiarity with MECM/SCCM, SCUP, and App-V for endpoint management and application packaging in thick client environments.
• Exposure to Red Hat Satellite, Ansible Automation Platform, or OpenShift Container Platform.
• Familiarity with Citrix ADC (NetScaler) for load balancing and authentication proxy configurations.
• Experience with SCOM, Splunk, or SolarWinds for enterprise monitoring and alerting.
• Familiarity with SQL Server administration in support of enterprise applications.
• Knowledge of cloud platforms (Azure, AWS) and containerization technologies (Docker, Kubernetes).
• Red Hat Certified System Administrator (RHCSA) or Microsoft infrastructure certifications.Experience supporting Combatant Command (CCMD) or Joint Service environments.

Personal Attributes

• Strong analytical and problem-solving skills with a bias toward root-cause analysis over quick fixes.
• Takes ownership end-to-end. Does not require follow-up to complete assigned work, produce documentation, or transfer knowledge.
• Understands that documentation and mentorship are how good engineering scales, not overhead that competes with real work.
• Communicates proactively. Flags blockers, risks, and status to the Platforms Lead and senior peers without being asked.
• Self-motivated with the discipline to manage multiple concurrent efforts while maintaining quality and accountability across a

-

What You Can Expect:

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.

An environment of trust.

CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.

Pay Range :

There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

The proposed salary range for this position is:
$99,300 - 208,600 USD

CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.