Job
Description
CX is a product engineering services company and has launched many successful products for its clients since its inception. Many of these products have been running since 2013. We're looking for Head of IT Infrastructure owns the stability, security, scalability, and cost-effectiveness of all core technology services for Codelogicx. You will lead a small team of engineers and vendors to design, implement, and operate our on-prem and cloud-connected networks, servers, storage, identity platforms, and perimeter security (firewalls, VPN, IPS). Your mission is to deliver “five-nines” availability, strong cyber-resilience, and a friction-free user experience that enables every business function to perform at its best. Requirements Key Responsibilities Area What You’ll Own Identity & Access Architecture, health, and lifecycle management of Active Directory, Azure AD, group policy, conditional access, SSO, MFA. Joiner-Mover-Leaver processes, audit readiness, role-based access reviews. Network & Perimeter Enterprise-class firewalls, routers, switches, load balancers, site-to-site VPNs, SD-WAN, and Internet Leased Lines (ILL). Network segmentation, QoS, and continuous monitoring (NetFlow, SNMP, syslog, NMS). Cloud & Compute Windows/Linux server estate (on-prem and IaaS), virtualization (VMware/Hyper-V), storage, backup, DR/BCP. Collaboration with DevOps/SaaS teams to enforce landing-zone standards and secure connectivity. Endpoint & Mobility EDR/XDR platform (e.g., CrowdStrike, Microsoft Defender, SentinelOne)—policy tuning, threat-hunting, incident response. Mobile Device Management (Intune, Workspace ONE, Jamf) for laptops, phones, and BYOD; device compliance & encryption enforcement. Security & Compliance Patch, vulnerability, and endpoint protection strategy. Firewall ruleset hygiene, IPS/IDS tuning, zero-trust and least-privilege principles. Support for ISO 27001, SOC 2, GDPR, HIPAA, or similar frameworks. Own ISO 27001 controls (A.5–A.18), evidence collection, internal audits, and external surveillance & recertification audits. Map controls to SOC 2 / GDPR / HIPAA where relevant. Drive vulnerability management, patch cadence, zero-trust micro-segmentation. Maintain SIEM/SOAR integrations. Strategy & Governance 3-year infrastructure roadmap, budget planning, vendor selection & contract negotiation. KPIs/SLAs, capacity planning, license compliance, documentation, and policy enforcement. Leadership & Support Mentor a team of network/system admins (3-6 FTE) plus MSP partners. Escalation point for P1 incidents; manage major incident bridge, RCA, post-mortems. User-centric mindset—drive automation and self-service to reduce MTTR and service tickets. Required Qualifications Education: Bachelor’s degree in Computer Science, Information Systems, or related field (or equivalent experience). Experience: 10+ years in enterprise infrastructure roles, including 3+ years managing teams and multi-site networks for ~300 users. Technical depth in: Active Directory, Azure AD/Entra ID, GPO, LDAP, DNS, DHCP. Next-gen firewalls (Palo Alto, Fortinet, Cisco ASA/Firepower, etc.). Endpoint security platforms (CrowdStrike, Defender, SentinelOne, Falcon Insight, etc.). MDM/UEM suites (Intune, Workspace ONE, Jamf, or similar). Routing & switching (OSPF/BGP, VLANs, spanning-tree, PoE, wireless controllers). WAN technologies—ILL, MPLS, SD-WAN—and ISP/vendor management. Virtualization (VMware ESXi/VCF or Hyper-V) and Windows/Linux server administration. Backup/restore and DR replication (Veeam, Zerto, or similar). Scripting/automation (PowerShell, Python, Ansible) and infrastructure-as-code concepts. Audit leadership for ISO 27001; familiarity with SOC 2 Type II reporting. Certifications (any of): CCNP/CCIE, PCNSE/NSE 7+, Microsoft Entra ID or Azure Architect, VMware VCP-DCV, ISO 27001 Lead Auditor/Lead Implementer, CISSP/CISM, ITIL v4. Preferred/Bonus Skills Experience integrating on-prem AD with Microsoft 365, Intune, and conditional access. Familiarity with zero-trust network architecture and micro-segmentation projects. Exposure to SIEM/SOAR platforms (Splunk, Sentinel) and incident response playbooks. Track record of cost optimization (cloud egress, telco contracts, license audits). ITIL v4 certification and service-management process ownership. Personal Attributes Incident Commander: Calm, decisive, data-driven under pressure. Problem-solver: Data-driven, automation-first mindset, relentless focus on root cause. Leadership: Empowers and develops technical staff; calmly leads during outages. Strategic thinker: Balances immediate fixes with long-term modernization. Communicator: Translates tech risks and requirements into business language for executives. Strategic Builder: Balances quick wins with long-term modernisation and cost-optimisation. Benefits Health insurance. Hybrid working mode. Provident Fund. Parental leave. Yearly Bonus. Gratuity. Years of experience: Minimum 15 years Location: Kolkata Full time. Show more Show less
