Sr. IT Engineer

Endpoint & MDM Management

• Own end-to-end device lifecycle management across macOS and Windows using JumpCloud MDM, including enrollment, configuration profiles, and policy enforcement

  • Maintain STIG-hardened endpoint configurations and ensure continuous compliance across the device fleet

• Manage hardware provisioning, and offboarding/wipe procedures for both hardware and software accounts

• Configure and enforce patching at the OS level and application level

• Implement and maintain least privileged access across our ecosystem and conditional / geolocation based access to sensitive resources

Identity, Access & SaaS Integrations

• Administer JumpCloud directory services including SSO, SCIM provisioning, LDAP, and MFA policy enforcement

• Build and maintain integrations between JumpCloud and downstream SaaS platforms (Google Workspace, GitHub Enterprise, Atlassian, AI tooling, and others)

• Own user lifecycle automation — provisioning, role changes, and offboarding — across many enterprise platforms

• Manage Google Workspace administration including shared drives, email authentication (SPF/DKIM/DMARC), group policies, and organizational units

• Build scripts and workflows (Python, Bash, PowerShell, Google Apps Script, or similar) to automate repetitive IT tasks

DevOps & Cloud Infrastructure

• Assist in build and implementation of CI/CD pipelines with integrated security tooling (example tooling: SonarQube, Github Copilot, CrowdStrike Falcon Cloud Security, Snyk, Jfrog)

• Manage AWS infrastructure including EC2, IAM policies, networking, and GovCloud environments to ensure continuous compliance with government NIST 800-171 requirements.

• Administer GitHub Enterprise including repository management, branch protection policies, and access controls

Cybersecurity Tooling & Compliance

• Administer and tune SEIM / EDR tooling for endpoint detection, cloud security, and logging operations

• Support CMMC Level 2, NIST 800-171, and FedRAMP compliance efforts including evidence collection and control documentation

• 10+ years of experience in IT engineering, systems administration, or a related discipline — with a track record of owning complex technical initiatives end-to-end

• Deep hands-on experience with JumpCloud or a comparable IDaaS/MDM platform (Okta, Azure AD, Jamf, or similar), including SSO, SCIM, and endpoint policy management

• Strong experience managing macOS and Windows endpoints at scale, including hardened configurations in regulated environments

• Proficiency with Google Workspace administration across user lifecycle, shared drives, and email authentication

• Solid scripting skills in at least one language (Python, Bash, PowerShell, or similar) with the ability to translate manual processes into repeatable automation

• Exceptional documentation skills — you write SOPs, runbooks, and technical guides that people actually use, and you treat documentation as a deliverable, not an afterthought

• Proven ability to work autonomously in a fast-paced environment, self-prioritize across competing demands, and drive projects to completion with minimal hand-holding

• A demonstrated appetite for picking up new tooling quickly — you're comfortable being handed something unfamiliar and figuring it out

• Strong cross-functional collaboration skills, with experience coordinating technical work across multiple teams or stakeholders

• U.S. Citizenship 

• One or more relevant certifications aligned to the DoD Cyber Workforce Framework (DoDM 8140.03), such as:

  • CompTIA Security+, CySA+, or Network+

  • ISC2 SSCP or CISSP

  • GIAC GSEC or GCED

  • AWS Solutions Architect or AWS Security Specialty

  • Cisco CCNA or CCNP Security

Preferred

• Experience working in ITAR, FedRAMP, CMMC, or other regulated/compliance-driven environments — candidates from adjacent regulated industries are also encouraged to apply

• Hands-on experience with SaaS management platforms (Zylo, Torii, BetterCloud, or similar) or IT asset management tooling

• Working knowledge of NIST 800-171, NIST 800-53, or similar compliance frameworks — bonus points if you've contributed to SSP documentation or audit evidence packages

• A habit of leaving things better documented than you found them — whether that's a runbook, a wiki, or an architecture diagram