Staff Engineer – Microscope IT Infrastructure & Platform Engineering

<p style="text-align:left"><b>Work Schedule</b></p>Standard (Mon-Fri)<p style="text-align:inherit"></p><p style="text-align:left"><b>Environmental Conditions</b></p>Office<p style="text-align:inherit"></p><p style="text-align:left"><b><u>Job Description</u></b></p><p style="text-align:inherit"></p><p><b>Job Description</b></p><p>When you join us at Thermo Fisher Scientific, you’ll become a member of a hard-working, motivated team that aligns with your enthusiasm for exploration and discovery. With revenues exceeding $40 billion and the largest investment in R&amp;D in the industry, we provide our people with resources and opportunities to make significant contributions to the world.</p><p></p><p><b>How will you make an impact?</b></p><p>Customer expectations in <b>microscopy</b> are evolving rapidly driving the need to modernize the Microscope IT landscape across <b>compute performance, communication, peripheral integration, and software tooling</b>, while also strengthening core requirements such as <b>cybersecurity, software deployment, and secure remote access/operation</b>.</p><p>As a <b>Technical Lead (10–15 years)</b>, you will own delivery of IT and cybersecurity capabilities for IT-managed endpoint platforms by defining <b>secure OS baselines</b>, governing <b>OS lifecycle and patch readiness</b>, and ensuring reliable operation within <b>enterprise networking</b> and remote operating models. You will translate security requirements into implementable controls, maintain <b>cybersecurity plans and reusable scripts per release</b>, and drive cross-functional execution with Security, Infrastructure, suppliers, and support teams—emphasizing <b>automation-first implementation</b>, <b>resilience (backup/restore)</b>, and strong <b>documentation/traceability</b>.</p><p></p><p><b>What will you do?</b></p><ul><li>Define and maintain secure OS baselines (Windows and Linux) and configuration standards; validate compliance and manage justified exceptions.</li><li>Own OS lifecycle and patch readiness requirements, ensuring vendor support alignment and release documentation is accurate.</li><li>Create, execute, and maintain cybersecurity plans and reusable scripts to support each new software/OS release.</li><li>Investigate new security requirements and map them to platform components; implement changes and coordinate cross-repo deliveries.</li><li>Establish standards for endpoint integration with networking dependencies (segmentation, DNS/DHCP, firewall/switching/routing patterns).</li><li>Experience with virtualization and/or containerization.</li><li>Own remote operating enablement (e.g., KVM/hand panels), including secure access patterns and operational playbooks.</li><li>Define and validate backup/restore and recovery workflows; ensure procedures are tested, documented, and supportable.</li><li>Develop and maintain PowerShell automation, validation checks, and auditable reporting to reduce manual effort and improve consistency.</li></ul><p></p><p><b>Desired Skills</b></p><ul><li>Strong OS baseline/hardening experience, including evidence generation and exception governance (e.g., benchmark alignment).</li><li>Advanced PowerShell automation (modular scripting, robust error handling, safe execution patterns).</li><li>Strong Windows and Linux fundamentals for endpoint environments (configuration, troubleshooting, lifecycle awareness).</li><li>Ability to produce and execute cybersecurity test plans/scripts and integrate them into release readiness workflows.</li><li>Strong troubleshooting skills, ownership mindset, and effective cross-functional communication.</li><li>Experience with (implementing) Agile way of working is preferable.</li></ul><p></p><p><b>Preferred Qualifications</b></p><ul><li>10–15 years of experience in endpoint/platform engineering, infrastructure security, OS deployment/hardening, or enterprise automation roles.</li><li>BTech degree in Computer Science, Electronics, or a related technical field (or equivalent practical experience).</li><li>Experience operating in regulated or security-focused environments require auditability and traceability.</li></ul><p></p><p></p><p></p><p></p>