Systems & Security Infrastructure Engineer

Highland Engineering, Inc. (HEI) was founded in 1986 – and has become one of the leading small business suppliers of Ground Support Equipment to the DoD. Our emphasis has always been on solving the needs of our customers. Highland is an employee owned company and the average tenure of a Highland Employee is more than 10 years.

Job Title: Systems & Security Infrastructure Engineer

Location: On-Site - Howell, MI

Clearance/Eligibility: U.S. Persons only; DoD manufacturing environment

Terms: Full-Time

Job Summary: HEI is a defense manufacturer operating in a tightly regulated, security-sensitive environment. While our IT leadership defines and drives the security strategy, this role serves as the hands-on technical lead responsible for executing and sustaining that strategy. With core secure architecture and controls already in place, we are seeking a dedicated in-house expert to maintain, refine, and document these systems as our operations continue to evolve.

This role will directly maintain and evolve a state-of-the-art secure IT environment in a mission-critical defense manufacturing setting under the guidance of a security-savvy CIO.

Key Responsibilities:

- Operate and harden Windows Server/Active Directory, virtualization, storage, and switching across a multi-building campus.

- Administer Microsoft 365 GCC-High, Azure AD, Intune/Defender for Endpoint, and physical authentication devices.

- Provide first-line support for Windows desktops, laptops, and user accounts; support end-users.

- Maintain and extend our PKI infrastructure, certificate lifecycle, and secure remote access gateways.

- Support privileged access workstations, enclave segmentation, and boundary controls.

- Implement secure configuration baselines for engineering and ERP applications.

- Maintain high-quality technical documentation (SOPs, change logs, configuration baselines) in a Git-based system.

- Coordinate overflow or after-hours work with our external support partners; serve as the internal escalation point.

- Provide periodic security control reviews and evidence updates to support ongoing audits and assessments.

What We Value:

- Operate with ownership: We look for someone who will treat the environment like their own, proactively solving problems rather than waiting for direction, but understands the environment needs consistency and process, not hurried band-aides.

- Process-minded: Comfortable following SOPs and recording actions in a structured way (tickets, process logs, change records, etc.).

- Effective communicator: Comfortable explaining complex issues to non-technical leaders and documenting them clearly; can work with a variety of personalities.

- Dependable and discreet: Understands the sensitivity of the environment and handles information responsibly.

· Mission-driven: Understands the stakes of working in a DoD manufacturing environment and acts accordingly; sense of urgency, and stays available for the occasional after-hours emergency

Qualifications:

- 6+ years in Windows/Active Directory administration in a security-sensitive or regulated environment

- Familiarity with Ubuntu and Docker system administration/configuration.

- Broad experience with PKI, network segmentation, and secure remote access solutions.

- Familiarity with NIST-aligned control frameworks (CMMC, 800-171, DFARS) and how they translate into technical operations.

- Scripting/automation (PowerShell, Ansible, or similar) for repeatable configuration and evidence capture.

- Ubuntu expertise

- Strong documentation habits and ability to mentor less-experienced staff.

- Strong customer service orientation and documentation skills.

Preferred Skills & Experience:

- Experience with engineering/manufacturing applications and multi-building campus networks.

- Familiarity with open-source and Git-based evidence or configuration systems.

- Familiarity with SonicWall firewalls, Netgear switching, OSPF, VRRP, IPSec, VPN, and other internetworking technologies.

Job Type: Full-time

Pay: $70,000.00 - $90,000.00 per year

Benefits:

- 401(k)

- Dental insurance

- Employee assistance program

- Flexible spending account

- Health insurance

- Life insurance

- Paid time off

- Tuition reimbursement

- Vision insurance

Work Location: In person