Systems Administrator

Position Overview

The Network Administrator is a foundational role responsible for designing, deploying,

managing, and securing the organization’s network infrastructure in a compliance-driven defense

contracting environment. This individual will assist the IT and Security Director as the primary

technical authority for all network operations, cloud service integrations, and IT procurement

activities, with a strong emphasis on building a scalable architecture compliance and information

protection across the enterprise.

The ideal candidate brings hands-on experience with Palo Alto Networks firewalls and Ubiquiti

networking hardware, deep familiarity with NIST security controls, and the strategic mindset to

grow a network from a startup footprint to an enterprise infrastructure.

Key Responsibilities

• Architect, deploy, and manage LAN/WAN, VPN, VLAN segmentation, DMZ configurations, and wireless infrastructure to support a hybrid and remote workforce
• Design and implement scalable network topologies that can grow from a startup environment to enterprise scale without requiring complete re-architecture
• Configure and maintain Palo Alto Networks next-generation firewalls (NGFWs), including security policies, threat prevention profiles, URL filtering, and GlobalProtect VPN
• Deploy, manage, and optimize Ubiquiti UniFi switching, routing, and wireless access point infrastructure across all office and remote locations
• Maintain network performance through continuous monitoring of availability, utilization, throughput, and latency, escalating issues to vendors as needed
• Document all network changes, configurations, and diagrams in a centralized knowledge management system
• Ensure boundary enforcement through network segmentation, controlled access points, and encrypted communications channels
• Administer and integrate the organization’s Google Workspace environment, including user provisioning, directory services, mail routing, device management (MDM via Google Admin), and security configurations
• Manage Microsoft 365 and/or Azure Active Directory (Entra ID) integrations, including conditional access policies, Intune MDM/MAM for Windows endpoints, and hybrid identity configurations
• Maintain Windows, macOS/iOS and Linux devices through MDM platforms, ensuring patching, configuration profiles.
• Enforce consistent identity and access management (IAM) policies across enterprise platforms using single sign-on (SSO) and multi-factor authentication (MFA) solutions
• Evaluate, procure, and integrate cloud services
• Manage cloud infrastructure integrations including Google Cloud Platform (GCP), Microsoft Azure GovCloud, and third-party SaaS vendors, maintaining a current Customer Responsibility Matrix (CRM) for each provider
• Assist in procurement lifecycle including requirements analysis, vendor evaluation, purchase request preparation, asset tracking, and lifecycle management
• Develop and maintain a hardware/software inventory and asset management system
• Evaluate and recommend network hardware, security tools, and SaaS solutions with compliance posture, scalability, and total cost of ownership as primary criteria
  
  

Preferred Qualifications

• Active clearance
• Experience supporting CMMC assessment readiness or working with a MSP, and C3PAO
• Certifications: Palo Alto PCNSA or PCNSE, CompTIA Network /Security , Cisco CCNA, Ubiquiti UEWA, or equivalent
• Familiarity with FedRAMP authorization processes and cloud service provider compliance frameworks
• Experience with scripting and automation (PowerShell, Python, or Bash) for network configuration management
• Exposure to SIEM platforms (Splunk, Microsoft Sentinel, or similar) and EDR/XDR solutions
• Prior experience in a startup or high-growth environment where infrastructure was built from the ground up
• Experience with IT GRC tools or documentation platforms (e.g., Exostar, Atlassian Confluence, or similar)
• Familiarity with Zero Trust Architecture principles and ZTNA implementation
  
  

Attributes

• Compliance Mindset: builds compliance into architecture from day one
• Scalability Thinking: Designs systems with growth in mind, capable of scaling from a startup to a enterprise with minimal re-platforming
• Cross-Platform Fluency: Comfortable navigating the operational and security nuances of Google, Apple, and Microsoft ecosystems simultaneously
• Vendor Management: Confident in evaluating and negotiating with hardware and software vendors; understands total cost of ownership and lifecycle planning
• Documentation Discipline: Produces clear, accurate, and current network diagrams, configuration baselines, and operational runbooks essential for CMMC audit evidence
• Collaborative Communication: Works effectively with the IT and Security Director, leadership, and end users; can explain technical concepts in plain language to non-technical stakeholders
  
  

Work Environment & Physical Requirements

• On-site presence required 5 days per week; some remote flexibility available
• May require lifting and racking network equipment (up to 50 lbs)
• Travel to additional company sites or government facilities as needed
  
  

Required Qualifications

• Experience 3–5 years in Network/Systems Administration, ideally in a startup or regulated industry (Aerospace, Defense, FinTech).
  
  

Vatn is an equal opportunity employer, and we welcome candidates from all backgrounds to apply. We look forward to reviewing your application and potentially having you join our team in shaping the future of autonomous underwater exploration.