Location: Hybrid - on-site at client locations as required

About Malleum

Malleum is at the forefront of next-generation cyber defense, partnering with marquee clients across government, defense, financial services, and critical infrastructure. We're experiencing exceptional growth as demand accelerates for trusted advisors capable of delivering at the intersection of national security, allied intelligence cooperation, and enterprise resilience. Our consultants embed directly with clients to design, secure, and operate the networks and systems behind cutting-edge defensive technologies and programs with national and allied security impact.

If you take pride in being the trusted technical hands clients rely on to keep mission-critical environments running and to help them recover when things go wrong, Malleum is where your craft meets purpose.

The Opportunity

We're seeking a client-facing System Administrator (Network and Cybersecurity) to deliver hands-on administration, hardening, and operational support across client network and security infrastructure, and to play a critical supporting role in active incident response (IR) engagements. You'll work directly within client environments including sovereign, regulated, and cleared settings providing the technical expertise, composure, and professionalism that define the Malleum delivery experience.

This is a hands-on consulting role for a practitioner who blends deep technical skill with strong client presence, and who can step up when crises demand long, focused hours alongside our IR team.

What You'll Do

• Administer, monitor, and maintain client network infrastructure including routers, switches, firewalls, VPNs, and wireless systems
• Operate and tune client security tooling such as EDR/XDR, SIEM, email security, vulnerability scanners, and identity platforms (Entra ID, Okta)
• Design, deploy, and operate Zero Trust Network Access (ZTNA) solutions, including Cloudflare edge, access, and tunnel services, to enable secure remote access, identity-aware policies, and modern perimeter strategies
• Support Microsoft 365, Azure, AWS, and hybrid environments within each client's security baseline and compliance posture
• Implement and enforce hardening standards aligned with CIS Benchmarks, NIST 800-53/171, ITSG-33, and client-specific frameworks
• Lead patch management, vulnerability remediation, and configuration management across client servers, endpoints, and network devices
• Support active incident response engagements — deploying and tuning tooling, isolating systems, preserving evidence, rebuilding infrastructure, and assisting with containment, eradication, and recovery activities
• Work odd hours, evenings, weekends, and extended shifts during active IR engagements, including rapid mobilization with little notice when clients are under attack
• Partner with Malleum's IR consultants, forensic analysts, and threat hunters to execute response playbooks under pressure
• Maintain client backup, disaster recovery, and business continuity systems with regular testing
• Produce high-quality client deliverables: network diagrams, configuration documentation, runbooks, SOPs, IR action logs, and status reports
• Standardize provisioning, onboarding/offboarding, and access control workflows within client environments
• Serve as a trusted technical point of contact, communicating clearly with client stakeholders ranging from end users to executive leadership during both steady-state and crisis operations
• Contribute to scoping, estimation, and continuous improvement of Malleum's managed, project-based, and IR service offerings
• Participate in an on-call rotation supporting critical client infrastructure and security events

What You Bring

• 4+ years of experience as a System Administrator with a blend of network and cybersecurity responsibilities, ideally in a consulting, MSP, MSSP, or IR setting
• Demonstrated ability to perform under pressure during incidents - calm, methodical, and effective during long, high-intensity engagements
• Willingness and availability to work odd hours, weekends, and extended shifts when supporting active IR matters
• Demonstrated success working directly with clients - strong communication, professionalism, and stakeholder management skills
• Strong working knowledge of TCP/IP, routing, switching, VLANs, VPNs, DNS, DHCP, and segmentation
• Solid understanding of Zero Trust Network Access (ZTNA) fundamentals - identity-centric access, least privilege, micro-segmentation, device posture, and continuous verification
• Hands-on experience with Cloudflare services such as Cloudflare One / Zero Trust, Access, Tunnel, Gateway, WARP, and DNS / WAF / CDN configuration
• Familiarity with adjacent ZTNA and SASE platforms (e.g., Zscaler, Netskope, Palo Alto Prisma Access) considered an asset
• Hands-on experience with firewalls (Fortinet, Palo Alto, or Cisco), wireless controllers, and NAC solutions
• Proficiency with Windows Server, Active Directory, Group Policy, and Microsoft 365 / Azure administration
• Familiarity with Linux administration and scripting (PowerShell, Bash, or Python) for automation and rapid response tasks
• Experience with SIEM/EDR platforms (e.g., Microsoft Sentinel, Defender, CrowdStrike, Splunk) including rapid deployment in IR scenarios
• Exposure to incident response frameworks such as NIST SP 800-61 and SANS PICERL is a strong asset
• Solid grasp of cybersecurity fundamentals: identity, encryption, logging, hardening, and zero-trust principles
• Comfort working across multiple client environments, tooling stacks, and change management processes simultaneously
• Certifications such as CompTIA Security+, Network+, CCNA, MS-102, AZ-104, or equivalent strongly preferred; CISSP Associate, SSCP, GCIH, or GCFA an asset
• Eligibility for Government of Canada security clearance (Secret or higher); existing clearance highly valued
• Bilingualism (English/French) considered a strong asset

Why Malleum

• Work shoulder-to-shoulder with marquee clients on programs and incidents with genuine national and allied security impact
• Join a rapidly scaling firm with a flat, high-trust culture and direct access to senior IR and technical leaders
• Exposure to a wide variety of advanced security tooling, sectors, and cleared environments
• Competitive compensation, on-call and IR premiums, performance incentives, and comprehensive benefits
• Continuous learning budget, certification sponsorship, and clear paths into senior engineering, IR, architecture, or security specializations

Malleum is an equal opportunity employer. We welcome applications from all qualified candidates and are committed to building a team that reflects the communities and missions we serve.