Lead Engineer

About the Role

AlphaRidge is hiring a Lead Engineer to own architecture standards, security operations enablement, core tooling and automations, procurement and vendor orchestration, and high-severity technical escalation. You will lead complex infrastructure and security initiatives across client environments, partner with our NOC and SOC teams to keep monitoring and alerting pipelines operational, manage hardware/software procurement and licensing lifecycles, and continuously improve how our service desk and SOC/NOC workflows run through strong tooling, runbooks, and integrations.

What You'll DoArchitecture & Engineering

• Design and evolve reference architectures for client environments (network, identity, endpoint, cloud).
• Lead complex networking/firewall initiatives (Fortinet, SonicWall), including HA failover configurations, firmware upgrades, and execute cutovers with validated test plans.
• Translate requirements into secure, supportable technical standards and documentation.
• Own external vulnerability scanning programs and deliver actionable client-facing reports on findings and remediation.
• Design and quote client network builds (Fortinet/Azure), including point-based licensing and SFP/hardware specifications.

Security Operations Enablement

• Partner with the NOC and SOC to ensure telemetry and alerting are correctly configured and operational (e.g., Defender/SIEM pipelines, Huntress MDR/ITDR).
• Review policies against Microsoft standards and produce actionable recommendation sets.
• Support SOC/NOC event management workflows, escalation paths, and automation roadmap.
• Enable MDR/ITDR vendor pilots and rollouts (e.g., Huntress, Defender); coordinate enablement across client environments.
• Lead post-incident reviews (PIR/post-mortems), document root cause, and drive SOP updates to prevent recurrence.
• Serve as cybersecurity control partner to executive/CISO leadership on strategy, compliance requirements, and baseline security stack decisions.

Tool Stack, Integrations, and Automation

• Own PSA/RMM technical operations (Halo PSA, Ninja RMM): configuration, integrations, runbooks, and reporting.
• Drive automation initiatives (e.g., identity verification workflows, admin runbooks) to reduce manual service desk effort.
• Manage tool selection, subscriptions, and cost/performance tradeoffs for internal and client-facing tools.

Escalation & Incident Stabilization

• Act as final escalation for complex incidents; approve high-impact changes/hotfixes and clear blockers.
• Partner with service delivery leadership to drive post-incident stabilization and prevent recurrence.

Project Engineering

• Scope and estimate technical work; build technical project plans, validate SOWs and pricing models, and guide resource execution.
• Support new client onboarding and major migrations/cutovers (including SharePoint and device management migrations) with strong readiness and change control.
• Participate in the PM escalation matrix and maintain tracking for active projects to ensure delivery cadence and accountability.

What Success Looks Like

• Client environments operate on clear standards with fewer repeat incidents.
• PSA/RMM/SIEM integrations are stable and reduce manual toil.
• High-severity escalations stabilize quickly with clear decisions and clean handoffs.
• Automation and runbooks measurably reduce service desk friction and improve security posture.
• Procurement and quoting workflows are repeatable and gated, with clean SKU/term enforcement and minimal revenue leakage.
• Post-incident reviews produce documented root causes and SOP improvements that prevent recurrence.

Required Qualifications

• 7+ years in technical leadership, systems/network engineering, or security engineering in a client-facing services environment (MSP/MSSP a plus).
• Hands-on expertise with Microsoft 365 / Entra ID / Defender ecosystem and modern endpoint and identity security concepts.
• Strong networking and firewall fundamentals (Fortinet, SonicWall); experience leading HA deployments, firmware upgrades, cutovers, and validating DR/network routing.
• Experience operating or integrating PSA/RMM/SIEM tooling (runbooks, workflows, reporting).
• Excellent documentation and communication skills, with the ability to translate technical decisions into operationally usable runbooks.
• Experience with hardware/software procurement, vendor quoting, licensing lifecycle management, and subscription term enforcement.
• Proven ability to manage engineer workloads, scheduling, and resource allocation across concurrent client engagements.

Preferred Qualifications

• Experience with Azure networking, AVD/Citrix migrations, and cloud security telemetry.
• Experience building automation tools/workflows that correlate alerts across multiple systems.
• Experience defining escalation paths and incident stabilization processes for service teams.
• Familiarity with MDR/ITDR platforms (Huntress, Defender) and experience running vendor pilots and rollout enablement.
• Experience conducting external vulnerability scans and translating findings into client-ready remediation reports.
• Experience leading post-incident reviews (PIR/post-mortems) and driving SOP improvements from findings.
• Experience coordinating IT onboarding/offboarding workflows with HR, including access provisioning/deprovisioning and asset management.

Pay: $95,000.00 - $105,894.95 per year

Work Location: Remote