Engineering & Security Architecture Lead

About AlphaRidge

Alpha Ridge Inc. is a technology services company headquartered at 1178 Broadway, 3rd Floor, New York, NY 10001\. We deliver enterprise\-grade solutions across cloud and physical infrastructure, cybersecurity, managed services, and compliance for regulated organizations in the healthcare, financial, and real estate sectors.

About the Role

AlphaRidge is hiring a Technology Engineering \& Security Architecture Lead to own our technical foundation: architecture standards, security operations enablement, core tooling and automations, procurement and vendor orchestration, and high\-severity technical escalation. You will lead complex infrastructure and security initiatives across client environments, ensure monitoring and alerting pipelines are operational, manage hardware/software procurement and licensing lifecycles, and continuously improve how our service desk and SOC/NOC workflows run through strong tooling, runbooks, and integrations. This role also serves as a cybersecurity control partner to executive leadership, participates in post\-incident reviews, and oversees engineer scheduling and workload sustainability.

What You’ll Do: Architecture \& Engineering

• Design and evolve reference architectures for client environments (network, identity, endpoint, cloud).
• Lead complex networking/firewall initiatives (Fortinet, SonicWall), including HA failover configurations, firmware upgrades, and execute cutovers with validated test plans.
• Lead complex Microsoft Cloud architecture projects (Azure, M365, Intune, AVD, Entra)
• Translate requirements into secure, supportable technical standards and documentation.
• Own external vulnerability scanning programs and deliver actionable client\-facing reports on findings and remediation.
• Design and quote client network builds (Fortinet/Azure), including point\-based licensing and software/hardware specifications.

Security Operations Enablement

• Ensure telemetry and alerting are correctly configured and operational (e.g., Defender/SIEM pipelines, Huntress MDR/ITDR).
• Review policies against Microsoft standards and produce actionable recommendation sets.
• Support SOC/NOC event management workflows, escalation paths, and automation roadmap.
• Enable MDR/ITDR vendor pilots and rollouts (e.g., Huntress, SentinelOne); coordinate enablement across client environments.
• Lead post\-incident reviews (PIR/post\-mortems), document root cause, and drive SOP updates to prevent recurrence.
• Serve as cybersecurity control partner to executive/CISO leadership on strategy, compliance requirements, and baseline security stack decisions.

Tool Stack, Integrations, and Automation

• Own PSA/RMM technical operations (Halo PSA, Ninja RMM): configuration, integrations, runbooks, and reporting.
• Drive automation initiatives (e.g., identity verification workflows, admin runbooks) to reduce manual service desk effort.
• Manage tool selection, subscriptions, and cost/performance tradeoffs for internal and client\-facing tools.

Escalation \& Incident Stabilization

• Act as final escalation for complex incidents; approve high\-impact changes/hotfixes and clear blockers.
• Partner with service delivery leadership to drive post\-incident stabilization and prevent recurrence.

Procurement \& Vendor Management

• Oversee hardware/software quoting and procurement workflows (Fortinet, SonicWall, Azure, licensing) and enforce quote pipeline hygiene.
• Manage firewall and security appliance renewals, licensing terms, firmware case escalations with vendors, and early\-termination fee language in client quotes.
• Coordinate with Finance/Procurement on SKU validation, subscription term enforcement, and cost controls across Pax8, Ingram, and Synnex channels.

IT Lifecycle \& Team Operations

• Coordinate IT onboarding (Day\-1 hardware provisioning, systems setup) and offboarding (access deactivation, asset recovery) alongside HR.
• Oversee engineer scheduling, load balancing, and sustainable workload management across the technical team.

Project Engineering

• Scope and estimate technical work; build technical project plans, validate SOWs and pricing models, and guide resource execution.
• Support new client onboarding and major migrations/cutovers (including SharePoint and device management migrations) with strong readiness and change control.
• Participate in the PM escalation matrix and maintain tracking for active projects to ensure delivery cadence and accountability.

What Success Looks Like

• Client environments operate on clear standards with fewer repeat incidents.
• PSA/RMM/SIEM integrations are stable and reduce manual toil (billing, ticket enrichment, alert correlation).
• High\-severity escalations stabilize quickly with clear decisions and clean handoffs.
• Automation and runbooks measurably reduce service desk friction and improve security posture.
• Procurement and quoting workflows are repeatable and gated, with clean SKU/term enforcement and minimal revenue leakage.
• Post\-incident reviews produce documented root causes and SOP improvements that prevent recurrence.
• IT onboarding/offboarding is consistently executed with security attestation and zero orphaned accounts.

Required Qualifications

• 7\+ years in technical leadership, systems/network engineering, or security engineering in a client\-facing services environment (MSP/MSSP a plus).
• Hands\-on expertise with Microsoft 365 / Entra ID / Defender ecosystem and modern endpoint \+ identity security concepts.
• Strong networking \& firewall fundamentals (Fortinet, SonicWall); experience leading HA deployments, firmware upgrades, cutovers, and validating DR/network routing.
• Experience operating or integrating PSA/RMM/SIEM tooling (runbooks, workflows, reporting).
• Excellent documentation and communication skills, can translate technical decisions into operationally usable runbooks.
• Experience with hardware/software procurement, vendor quoting, licensing lifecycle management, and subscription term enforcement.
• Proven ability to manage engineer workloads, scheduling, and resource allocation across concurrent client engagements.
• Demonstrated experience managing enterprise IT environments across healthcare, financial, and/or real estate sectors.
• Proven track record designing and implementing business continuity and disaster recovery (BDR) policies, procedures, and testing.
• Deep knowledge of enterprise networking including WAN/LAN design, BGP, OSPF, and multi\-carrier datacenter networking.
• Deep hands\-on use of AI to improve MSP/MSSP client outcomes, including AI\-assisted scripting, log analysis, alert triage, documentation, root\-cause investigation, policy/report drafting, and faster engineering execution across Microsoft 365, Azure, security, backup, network, and endpoint platforms.

Preferred Qualifications

• Experience with Azure networking, AVD/Citrix migrations, and cloud security telemetry.
• Experience building automation tools/workflows that correlate alerts across multiple systems.
• Experience defining escalation paths and incident stabilization processes for service teams.
• Familiarity with MDR/ITDR platforms (Huntress, Defender) and experience running vendor pilots and rollout enablement.
• Experience conducting external vulnerability scans and translating findings into client\-ready remediation reports.
• Experience leading post\-incident reviews (PIR/post\-mortems) and driving SOP improvements from findings.
• Experience coordinating IT onboarding/offboarding workflows with HR, including access provisioning/deprovisioning and asset management.

Preferred Certifications

• Fortinet, Sonicwall and Cisco certifications
• Microsoft and Google Cloud cybersecurity and cloud certifications

Education

• Degree or diploma in Information Technology, Network Administration, Computer Science, or a related field
• Equivalent professional experience will be considered in lieu of formal education

Why AlphaRidge

• High\-impact leadership role shaping our core technical standards and service delivery capabilities.
• Work directly with executive leadership and delivery leadership on complex, high\-stakes client initiatives across Fortune 500, Healthcare System and SMB clients.
• Opportunity to modernize and automate the tooling and workflows that power a growing MSP/MSSP.
• High growth and high impact company working on challenging problems that need us.
• Opportunity to shepherd our clients to effective and safe AI adoption

Pay: $120,000\.00 \- $150,000\.00 per year

Benefits:

• 401(k)
• Dental insurance
• Health insurance
• Paid time off
• Tuition reimbursement
• Vision insurance

Work Location: Remote