BAE Systems, a top-ten prime contractor to the U.S. Department of Defense, enables the U.S. government to transform data into intelligence and provides engineering, integration and sustainment support for critical military platforms and systems. Intelligence & Security provides services and products to the Department of Defense, the government, federal law enforcement officials, and troops deployed around the world.
At BAE Systems, we promote a strong, collaborative culture and provide our employees with the tools, skills and training they need to succeed. We are all about trust, camaraderie, and a shared ambition to lead the world in defense technologies and national security services. We offer flexible work environment to support the balance in your life and keep you performing at your best. Be a part of a company that is part of the community; driven to improve our future and protect our freedom.
Seeking a Senior DNS & Infrastructure Engineer to join our team. In this position you will play a critical role in designing, securing, and evolving the enterprise DNS and Windows infrastructure across on-premises, hybrid, and multi-cloud environments. Serving as the Subject Matter Expert (SME) for enterprise DNS architecture and Windows-based identity services, you will provide technical leadership, architectural direction, and operational excellence supporting large-scale, mission-critical environments.
In this role, you will lead the design, implementation, security, and lifecycle management of enterprise DNS, DNS Anycast, Active Directory-integrated DNS, and related infrastructure services. You will drive modernization, resiliency, automation, and zero trust initiatives while partnering closely with senior stakeholders across operations, architecture, engineering, networking, and security teams.
The ideal candidate will possess deep expertise in enterprise DNS architecture, cloud-integrated networking, and hybrid identity solutions, including experience with cloud DNS platforms in AWS and Azure. Success in this role requires proven experience delivering SME-level troubleshooting, architecting highly available DNS infrastructures, implementing DNS resiliency and Anycast solutions, and leading enterprise-scale modernization initiatives in fast-paced, high-availability environments.
Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent professional experience
16+ years of progressively responsible experience in enterprise infrastructure engineering within large-scale environments
SME-level experience designing and operating enterprise DNS infrastructures in mission-critical environments
Extensive experience architecting and supporting:
Enterprise DNS platforms
DNS Anycast environments
Hybrid and multi-cloud integrations
On-premises and cloud-integrated infrastructure
Disconnected and air-gapped systems
Hands-on experience administering and architecting:
Enterprise DNS services
Strong experience with cloud providers and cloud-native networking services, including:
AWS (Route 53, VPC networking, hybrid DNS integration)
Microsoft Azure (Azure DNS, virtual networking, hybrid connectivity)
Experience designing and supporting highly available (HA) DNS and infrastructure solutions utilizing:
DNS Anycast
Load balancing
Disaster recovery and COOP architectures
Strong understanding of DNS protocols, name resolution processes, and DNS-related networking concepts
Proven experience performing security assessments and implementing remediations for critical IT systems
Demonstrated experience architecting and operating hybrid and multi-cloud environments integrating identity, networking, DNS, and security services
Expert-level troubleshooting and root-cause analysis across DNS, Windows infrastructure, identity services, and supporting platforms
Strong proficiency with Windows Server 2019–2025
Deep understanding of Windows authentication, authorization, and identity services
Strong working knowledge of:
Routing and switching
Firewalls
Load balancing
Network segmentation
Enterprise network design principles
Strong knowledge of enterprise security principles, zero trust architectures, and secure system design
Experience developing automation and infrastructure-as-code solutions with an emphasis on repeatability and standardization
Strong scripting and automation experience using PowerShell and related automation frameworks
Excellent documentation, technical writing, communication, and stakeholder engagement skills
Ability to operate effectively in fast-paced, mission-critical, high-availability environments
Master’s degree in Computer Science, Information Technology, Cybersecurity, or related field
Experience designing enterprise-scale DNS architectures for globally distributed environments
Experience implementing or supporting DNS Anycast deployments in large-scale environments
Experience supporting hybrid cloud networking and DNS integrations across AWS and Azure
Experience with:
Route 53 Resolver
Azure Private DNS
NetScaler
Experience supporting compliance-driven or highly regulated environments
Experience leading infrastructure modernization initiatives
Experience with CI/CD pipelines, configuration management, and infrastructure-as-code tooling
Knowledge of DNS security best practices and DNS threat mitigation techniques
Strong analytical ability, communication skills, and problem-solving capabilities
Ability to influence enterprise architectural decisions and technical strategy