System Engineer - Infrastructure

We are seeking an experienced Senior System Engineer to join our IT Infrastructure team. This role is responsible for the design, operation, and continuous improvement of core Microsoft infrastructure services, including server patching, enterprise messaging, identity services, and server lifecycle management within a regulated financial services environment. The position requires a hands-on expert capable of managing critical infrastructure platforms and ensuring their stability, security, and compliance.

Key Responsibilities

Server Patching & Vulnerability Management

• Own and execute the end-to-end server patch management lifecycle

• Manage and optimize patching processes across the server estate using SCCM / relevant tooling

• Define and maintain patching standards, baselines, and compliance reporting

• Support vulnerability remediation in collaboration with Security teams

• Ensure full auditability and regulatory compliance of patching activities

Messaging & Email Platform

• Operate and maintain enterprise email platform (Exchange Online / Hybrid Exchange)

• Act as technical lead for mail flow, transport rules, and security controls

• Support troubleshooting of complex messaging issues (mail routing, delivery, hygiene)

• Contribute to email platform improvements, migrations, and decommissioning initiatives

Core Infrastructure Services

• Maintain and evolve Active Directory & core Microsoft services (DNS, GPO, authentication)

• Support hybrid identity (Entra ID / Azure AD) integrations and governance

• Ensure stability and performance of Windows Server environments

• Contribute to infrastructure design and standardization

Security, Compliance & Audit

• Apply system hardening and baseline configurations

• Ensure alignment with regulatory frameworks (BaFin / CSSF / DORA)

• Provide technical evidence for internal/external audits

Server Lifecycle & Configuration Management

• Manage and maintain Windows Server lifecycle management, including:

• Patching baselines

• OS configuration standards

• Hardening policies

• Operate and optimize SCCM (or any 3rd party tooling) for server management, including:

• Server patch orchestration (ADR tuning, phased deployments)

• Configuration baselines and compliance enforcement

• Ensure consistency and standardization across core server platforms

• Support automation and reporting for server patching and compliance

• Contribute to transition and integration with modern management approaches (e.g., Intune / Azure Update Manager) where relevant for servers

Operations & Continuous Improvement

• Provide 3rd-level support for infrastructure and messaging-related incidents

• Lead root cause analysis and problem management for critical issues

• Automate administrative and operational tasks using PowerShell

• Continuously improving service reliability, performance, and operational processes

Certificates & Secure Messaging

• Manage and support certificate-based services across infrastructure systems

• Operate and maintain S/MIME (Secure Email) capabilities, including:

• Certificate deployment and lifecycle management

• User and server certificate configuration

• Troubleshooting encryption, signing, and trust issues

• Ensure proper integration of certificates within:

• Exchange Online / Hybrid email flows

• Internal PKI / external certificate authorities

• Support certificate renewal, automation, and compliance processes

• Contribute to improving secure communication standards across the organization

Required Skills & Experience

• Strong hands-on experience with:

o Microsoft Exchange (Online / Hybrid)

o Windows Server & Active Directory

o SCCM / Microsoft Endpoint Configuration Manager (server-focused usage)

• Solid knowledge of:

o Entra ID (Azure AD) and hybrid identity architectures

o Group Policy and authentication mechanisms

o Core infrastructure services (DNS, networking fundamentals)

• Strong PowerShell scripting and automation skills

Nice to Have

• Experience with:

o Exchange migrations or email platform transformations

o Modern management approaches (e.g., Intune, Azure-based services)

o Security tools (e.g., Defender suite, vulnerability management platforms)

o Monitoring solutions such as SCOM, PRTG, or equivalents

Experience & Education

• 5–10 years of experience in IT infrastructure or system engineering roles

• Experience supporting enterprise IT environments

• Degree in Information Technology, Computer Science, or equivalent professional experience

Language Requirements

• German – professional working proficiency (required)

• English – professional working proficiency (required)

Personal Competencies

• Structured and reliable working style

• Strong sense of responsibility and attention to detail

• Ability to work independently within defined frameworks

• Clear communication and documentation skills

• Team-oriented mindset with strong service orientation

• Ability to work effectively in a hybrid working model, combining remote work with regular on‑site presence at the Frankfurt office as required