
Infrastructure & Security Engineer (Generalist) (Onsite)
Buckham & Duffy
Posted 28 days ago
#About Us
We are a technology-driven team managing a broad and diverse infrastructure across onsite and cloud environments. Our operations involve self-hosting numerous services (e.g., Sentry, Outline, Adguard, Loki, Grafana, Prometheus) and maintaining remote development VMs hosted on an in-house Proxmox cluster. We also oversee a wide range of digital assets (Linux based) across the Asia-Pacific region.
If you are passionate about self-hosting, have a home lab, or love experimenting with new technologies, we’d love to hear from you!
This role requires strong self-direction. Once established, you'll take ownership of planning and proposing initiatives to enhance the stability and security of our digital assets. You'll be working directly with our Technical Director.
#What You’ll Be Doing (Responsibilities)
- Maintain and monitor multiple physical hosts as part of a Proxmox cluster.
- Administer office Unifi network.
- Setup and administer Linux VMs in AWS, Proxmox and Azure.
- Manage and write Ansible roles
- Manage a broad range of self-hosted services - usually setup using Docker Compose, Traefik and Cloudflare tunnels
- Administer and implement EDR (Endpoint Detection and Response) solutions.
- Continuously improve security posture and compliance.
- Implement, audit, and monitor backup solutions.
- Analyze logs, set up monitoring and alerting, and automate remediation processes.
- Manage VLANs and network segmentation for better security and performance.
- Implement policies and procedures for digital asset management.
- Drive platform stability, reliability, and scalability.
- Oversee Cloudflare and Coraza firewall logs, continuously improving security policies.
- Enforce security best practices, access controls, and compliance policies (i.e., SOC 2, ISO 27001, NIST).
- Set up real-time monitoring and alerting using Prometheus, Grafana, Loki, etc.
- Rollout Wazuh SEIM solution.
- Manage Tailscale ACL's
#What You Bring (Requirements)
- Extensive experience administering Linux/Unix systems.
- Deep networking knowledge, especially with Ubiquiti infrastructure and VLAN management.
- Strong scripting and automation skills (Bash, CLI tools, Ansible, Terraform).
- Experience with monitoring, logging, and alerting (e.g., Telegraf, Grafana, Loki, Prometheus, CloudWatch).
- Strong understanding of backup solutions, including offsite and disaster recovery strategies.
- Experience implementing and managing compliance policies (SOC 2, ISO 27001, NIST, CIS hardening for Ubuntu).
- Ability to document infrastructure, policies, and operational procedures.
- Experience managing firewall policies, Tailscale ACLs, and securing remote access solutions.
- Familiarity with self-hosting, home-labs.
- Experience with Cloudflare and Cloudflare tunnels
- Experience managing and securing Apple Mac assets using Kandji or similar solutions.
- Strong understanding of internal DNS setup, network security, and vulnerability scanning.
- All of our severs are custom built (mostly consumer parts) so you'll need to be comfortable taking computers apart and putting them back together again.
About Buckham & Duffy
We build and deliver ICT programs and bespoke software platforms to government, enterprise and NGO’s across the Asia Pacific region.
More Jobs
Senior Cloud Infrastructure Engineer
Australian Maritime Safety Authority
EL1 ICT Infrastructure Engineer - Technical Specialist
Australian Secret Intelligence Service
APS 4-6 ICT Infrastructure Engineer – Network, Server, Audio Visual Engineers
Australian Secret Intelligence Service
Senior Network and Security Engineer
Network Solutions Group Pty Ltd
Cyber & Information Security Officers
Australian Bureau of Statistics
Cyber & Information Security Officers
Australian Bureau of Statistics
Browse Jobs
by State
by Classification