IT Systems Engineer

San Francisco, United StatesHybrid

Responsibilities

Identity & device trust — operate and mature our MDM stack (Rippling/Jamf/Kandji), enforce Okta Device Trust policies, and ensure endpoints meet our security baseline
Built internal tooling from scratch — provisioning workflows, self-service automations, or agent-driven ops

We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and work relationships.
This isn't an IT support role — you'll be standing up AI-powered internal tooling (MCP, agents), owning our corporate identity foundation, and improving our overall corporate security.
Corporate IT infrastructure — own and evolve our SaaS stack (Okta, Google Workspace, Slack). Procurement, provisioning, and lifecycle management
MCP servers & AI agents — build and maintain internal MCP servers; design agents that automate internal ops and extend what the security and engineering teams can do
Endpoint hardening & macOS/Windows fleet management — configuration profiles, CIS benchmark enforcement, macOS scripting, software deployment, and patch management
Deep macOS fluency: shell/Python scripting, configuration profiles, and hands-on MDM troubleshooting Hands-on MDM
Proficient in scripting and building software — bash and Python at minimum. Expected to own automation scripts and internal tooling.
Proficient using AI tools (Claude, Cursor, Codex or similar) as part of your daily workflow Strong plus •
Familiarity with security concepts: least privilege, zero trust endpoint posture, log forwarding, DLP basics
Exposure to AWS IAM or cloud infrastructure •
Experience with device trust architectures (Okta Device Trust, CrowdStrike, or similar)

4+ years in systems engineering, corporate IT, or a hybrid IT/security role — ideally at a startup