IT Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Take ownership of the employee technology experience from start to finish in a predominantly Mac environment, addressing issues and removing the root causes.

• Oversee the entire MacBook fleet: including procurement, provisioning, inventory management, hardware refresh, and decommissioning.

• Manage MDM and zero-touch provisioning (Kandji/FleetDM, Apple Business Manager) to ensure new devices are configured automatically upon first boot.

• Administer Okta and identity lifecycle processes: including provisioning, MFA, SSO integrations, and Okta Workflows, as well as secrets management (1Password/Infisical).

• Oversee the core SaaS stack (Google Workspace, Slack, Notion, Jira) and automate user lifecycle management through APIs, while monitoring licenses and expenditure.

• Facilitate smooth onboarding and offboarding processes: implementing automated workflows that ensure new hires are fully set up on day one and effectively deprovisioning departing employees.

• Promote proactive reliability and automation: monitor device health and access patterns, develop self-healing scripts, and approach recurring issues as engineering challenges to resolve permanently.

• Assist in compliance and documentation efforts: maintain security baselines, create an AI-driven self-service knowledge base, and manage IT runbooks and internal communications.

• Collaborate in managing secure network access tools (Cloudflare Access, iBoss) and network/firewall policies with your Infrastructure colleagues.

⛳️ Requirements

• 4–6 years of IT experience in a technology company, with a focus on service orientation. Your success is measured by how well you enable your colleagues.

• Practical MDM experience managing a MacOS fleet (Kandji, FleetDM, or similar), including familiarity with Apple Business Manager and zero-touch provisioning.

• Proficient in Okta administration: including SSO, MFA, Lifecycle Management, and Workflows, plus SCIM provisioning across various SaaS applications.

• Strong scripting and automation capabilities (Bash, Python, or similar).

• Experience with administering a secrets management platform (1Password, Infisical, or similar) and proficiency in the Google Workspace admin console, APIs, and Jira.

• Knowledge of secure network access platforms (Cloudflare Access, iBoss, or similar) and solid network troubleshooting skills (DNS, DHCP, VPN, Wi-Fi).

• Familiarity with operating a ticketing system (Zendesk, Jira Service Management, or similar).

🏝️ Benefits

• Comprehensive health insurance coverage.

• Flexible work hours and remote work options.

• Professional development opportunities and training programs.

• Generous paid time off and holidays.

• A collaborative and innovative work environment.