Systems and Network Engineer

NYSTEC is a nonprofit technology consulting company, advising agencies, organizations, institutions, and businesses since 1996. We’re independent and vendor-neutral, so we have our clients’ best interests  NYSTEC, we know that we succeed when individuals and teams flourish personally and professionally, so our benefits and perks support that mindset.

The systems and network engineer is a versatile technologist responsible for the health, security, and evolution of NYSTEC’s hybrid infrastructure. As a primary administrator in a heavily Meraki environment, this role uses the Meraki dashboard to manage a seamless connection between our physical offices and our Microsoft Azure cloud ecosystem. This role balances core networking with broad exposure to Windows Server, Microsoft 365 (M365), and emerging artificial intelligence (AI) tools.

This role can be based out of our Rome, NY or Albany, NY office location.

• Unified Infrastructure — Design, configure, and maintain the full Meraki stack, including Meraki Security (MX) firewalls, Microsoft (MS) switches, and Maraki Radios (MR) wireless access points.
• Software-Defined Wide Area Network (SD-WAN) and Connectivity — Implement and optimize Meraki Auto virtual private network (VPN) and SD-WAN policies to ensure secure, high-performance connectivity between NYSTEC office locations and the Azure cloud.
• Meraki Dashboard Mastery — Use the Meraki dashboard for real-time monitoring, automated alerting, and remote troubleshooting of network-wide event logs.
• Advanced Security — Configure Layer 7 application-aware firewall policies, content filtering, and intrusion prevention systems (IPS) via the Meraki security appliance.
• Cloud Networking — Manage Azure Virtual Network (VNets), network security groups (NSGs), and Meraki Virtual Meraki Security Appliance (vMX) virtual appliances for shaping cloud-based traffic.
• Hybrid Identity — Administer Microsoft Entra  (Azure AD) and on-premises Active Directory, focusing on multi-factor authentication (MFA) and conditional access.
• Server Ecosystem — Support and manage Windows Server environments, managing domain name system (DNS), Dynamic Host Configuration Protocol (DHCP), and Group Policy Object (GPO), and file services.
• M365 and AI Exposure — Provide administrative support for the Microsoft 365 stack and assist in deploying AI-driven tools (e.g., Copilot) to enhance internal productivity.
• Cloud Infrastructure (IaaS and PaaS) — Provision, configure, and monitor Azure virtual machines (infrastructure as a service [IaaS]) and app services (platform as a service [PaaS]), ensuring optimal performance, scaling, and cost-efficiency through Azure Monitor and automation scripting.
• Documentation and Reporting — Create and maintain documentation related to network and system management processes and procedures and generate reports on overall network and system health.
• Collaboration — Work with other IT professionals, such as architects, security administrators, and other workload administrators, to implement and maintain the organization's IT strategy.
• After-Hours Support — Provide technical assistance outside of standard business hours, including evenings and weekends, as needed periodically.
• Travel – Travel to different NYSTEC office locations to provide hands‑on technical support for issues that cannot be resolved remotely, as needed periodically.

• Meraki Ecosystem Mastery — Deep knowledge of the Cisco Meraki product line, including MX security appliances, MS switches, and MR wireless access points.
• Network Protocols — Profound understanding of Transmission Control Protocol/Internet Protocol (TCP/IP), domain name system (DNS), DHCP, virtual local area network (VLAN) tagging (802.1Q), and routing protocols like Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP).
• SD-WAN and Hybrid Connectivity – Skilled in designing and maintaining Meraki Auto VPN, site‑to‑site VPNs, and Azure VPN gateways to bridge on‑premises offices with cloud environments.
• Azure IaaS, PaaS, and Software as a Service (SaaS) — Ability to provision and manage Azure Virtual Machines (IaaS) and…