Jackson Family Wines is much more than a family-owned wine company. We're risk-taking innovators with a strong belief that quality is paramount. We're always on the lookout for top talent -- individuals who possess a strong work ethic, commitment to quality and share our beliefs in healthy lands and a healthy community. In 2024, we were selected as one of the North Bay Business Journal's Best Places to Work for the ninth year running.

POSITION SUMMARY:

This Senior Engineer position is a key technical partner responsible for delivering secure, highly reliable, and performance-tuned enterprise technology solutions. The role is central to the design, implementation, and operation of critical infrastructure (network, storage, compute, cloud) and security controls.

The engineer will collaborate extensively across business areas to define strategy, manage cross-functional projects, gather requirements, design robust solutions, and develop technical roadmaps. This is a hands-on expert role that drives system resilience, championing both automation and standardization.

ESSENTIAL FUNCTIONS/DUTIES:
•  Align with and support the execution of the Infrastructure and Security Services program vision and strategy.
•  Lead teams and provide technical direction to vendors and cross-functional members on medium to large, complex enterprise projects.
•  Build strategic partnerships with customers, vendors, peers, and stakeholders to influence the design and adoption of secure and scalable solutions.
•  Drive innovation to improve company efficiency and effectiveness through the evaluation and evangelism of new technologies and automated business processes.
•  Ensure product management alignment to business capability strategy, technology roadmap, system architecture, and integration.
•  Design, implement, and administer core Identity and Access Management (IAM) systems, including SSO, MFA, and Privileged Access Management (PAM) solutions.
•  Mentor junior engineers and champion a reliability and security mindset across the engineering team.
•  Design, deploy, and maintain both on-premises and cloud infrastructure using modern Configuration as Code (CaC) and Infrastructure as Code (IaC) tools, such as Ansible and Terraform.
•  Oversee M365 administration, OS configuration and management, software deployments, and database management.
•  Reduce operational toil by automating repetitive tasks, scaling, provisioning, and recovery workflows, and building highly resilient systems.
•  Manage and provision the observability stack (metrics, logs, traces) and refine alerting strategies to shift from reactive monitoring to proactive.
•  Work with stakeholders to define and improve Service Level Indicators (SLIs) and Objectives (SLOs), manage error budgets, and drive continual improvements in availability and latency.
•  Collaborate with development teams to ensure new features and services are designed for scalability, reliability, and security (Secure SDLC).
•  Drive capacity planning, performance tuning, cost optimization, and safe change management processes.
•  Manage and aid in the implementation, maintenance, and monitoring of security controls, including gap analysis, risk assessment, and third-party assessments.
•  Identify, analyze, communicate, and develop remediation recommendations for infrastructure and security vulnerabilities.
•  Lead technical aspects of incident response, conduct root-cause analysis, facilitate blameless postmortems utilizing forensic techniques/tools, as necessary.
•  Understand current and emerging trends and threats, providing feedback to improve the enterprise security architecture.
•  Be responsible for overall product quality; formulate test strategies, plans, and scripts to ensure systems function correctly with adequate protection and optimal efficiency.
•  Participate in mandatory escalation rotation to support production systems and ensure high availability.
•  This position is onsite at our Santa Rosa, CA offices.

JOB REQUIREMENTS:

Essential Skills, Experience, and Education

•  Bachelor's degree in computer science or related field or equivalent work experience.
•  5+ years of combined experience in IT Infrastructure, Security, and/or Site Reliability Engineering (SRE); or 9 years equivalent experience.
•  Proficiency with Configuration-as-Code (CaC) and Infrastructure-as-Code (IaC) concepts
•  Advanced networking skills including WAN, Wireless, Firewall, VPN, Load Balancer, and Intrusion Detection/Prevention systems.
•  Expertise with Identity and Access Management (IAM) Single Sign-On (SSO), Multi-Factor Authentication (MFA) and Privileged Access Management (PAM) concepts and solutions.
•  Advanced understanding of security concepts related to applications, network, operating systems, and core infrastructure.
•  Strong project management skills and demonstrated ability to make independent, educated decisions.
•  An understanding of emerging technologies like Cloud Platforms (AWS, Azure, GCP), SD-WAN, Generative AI and their associated security risks.
•  Working knowledge of common IT management and security frameworks (ISO/IEC 27001, ITIL, COBIT, and NIST).
•  Ability to meet established deadlines, and strong, proven problem-solving skills to drive solutions to completion.
•  Comfortable balancing reactive incident response ("firefighting") with strategic reliability improvements.

PREFERRED EXPERIENCE:
•  Master's degree in computer sciences or related field.
•  Industry certifications demonstrating architecture or security specialization
•  Experience with specific security products from Check Point, NetIQ/Micro Focus, and Forescout.
•  Exposure to security, compliance, or resilience architectures and frameworks

WAGE TRANSPARENCY:

The annual base pay for this role ranges from $124,000 to $145,000. Compensation will be determined by candidate experience, skills, and location.

BENEFITS:
•  Health Benefits - Medical, Dental, Vision, Disability & Life insurance
•  401k with employer match
•  Generous