Company : Safran Job field : IT Location : Irving , Texas , France Contract type : Permanent Contract duration : Full-time Required degree : Bachelor's Degree Required experience : More than 3 years Professional status : Professional, Engineer & Manager Salary range : TBD ITAR : ITAR Controlled position

# 2026-182015

Key Responsibilities:
1. Infrastructure Architecture & Engineering
Design, implement, and maintain Safran USA's hybrid infrastructure spanning on-premises datacenter systems, AWS GovCloud, and Microsoft 365 GCC High. Develop and maintain architecture documentation, configuration baselines, and operational runbooks for all systems in scope. Ensure high availability, security, and performance of critical systems in a shared services environment supporting multiple Safran aerospace subsidiaries.
2. Microsoft 365 GCC High Administration
Administer Safran USA's Microsoft 365 Government Community Cloud High (GCC High) tenant across the full suite of services — Exchange Online, Teams, SharePoint, OneDrive, Entra ID, and Intune. Responsibilities include identity governance, Conditional Access policy management, MFA enforcement, and endpoint management consistent with CMMC and ITAR requirements.
Configure and maintain Purview compliance center — audit logging, DLP policies, retention labels, and sensitivity labels. Administer Defender for Office 365 threat policies and alert routing. Support Microsoft 365 GCC High licensing and governance.
3. AWS / AWS GovCloud Administration
Support the operation and progressive build-out of Safran USA's AWS Landing Zone, currently under construction. Manage EC2, VPC, IAM roles and policies, S3, CloudWatch, and Security Groups within a GovCloud regulated environment. Implement cloud security best practices.
Contribute to workload migration planning as Safran USA transitions on-premises systems to AWS over the 2026–2027 timeframe.
4. Virtualization & Server Administration
Administer Safran USA's VMware vSphere / ESXi environment across the datacenter — VM provisioning, snapshot governance, host health monitoring, resource allocation, and patching. Manage Windows Server environments including configuration baselines and lifecycle management. Work alongside the Systems Engineer to maintain operational continuity and support disaster recovery exercises.
5. Security Systems Administration
Primary — Own from Day 1

• Privileged Access Management — administer Safran USA's PAM platform— vault structure, privileged session management, session recording, credential vaulting, access reviews, and break-glass procedures.
• Cisco DUO Federal MFA — administer user enrollment, device management, policy enforcement, AD integration.

6. Monitoring & Systems Management
Contribute to infrastructure health monitoring using SolarWinds NPM/SAM alongside the Systems Engineer. Review alerts, triage operational issues, and escalate appropriately. Support SolarWinds SEM log review and alerting. Maintain operational awareness of server, application, and cloud performance across owned domains.
7. Compliance & Governance
8. Backup & Disaster Recovery Administration

Qualifications

• 4–6 years of hands-on enterprise infrastructure engineering experience across two or more of the primary domains listed above.
• Privileged access management platform —CyberArk, BeyondTrust, or equivalent. Must be able to describe vault structure, session recording, and access review processes personally configured.
• Enterprise MFA platform — hands-on administration of Cisco DUO, Okta, Azure MFA, or equivalent. Must be able to describe policy configuration and AD integration personally managed.
• Microsoft 365 administration — Exchange, SharePoint, Teams, Purview, Defender. GCC High experience preferred.
• AWS hands-on experience — EC2, IAM roles and policies, VPC, S3, CloudWatch. Must describe specific configurations personally built or managed.
• VMware vSphere / ESXi operational management
• Windows Server and Active Directory administration — GPO, DNS, identity management.
• Enterprise backup and disaster recovery operations — backup job management, restore execution, and DR testing.
• Strong troubleshooting skills and discipline to follow controlled change management processes.