Istari

Senior IT Engineer

Istari

full-time

Posted on:

Location Type: Hybrid

Location: MarylandVirginiaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudEC2JamfMacOSPython

About the role

  • Own end-to-end device lifecycle management across macOS and Windows using JumpCloud MDM, including enrollment, configuration profiles, and policy enforcement
  • Maintain STIG-hardened endpoint configurations and ensure continuous compliance across the device fleet
  • Manage hardware provisioning, and offboarding/wipe procedures for both hardware and software accounts
  • Configure and enforce patching at the OS level and application level
  • Implement and maintain least privileged access across our ecosystem and conditional / geolocation based access to sensitive resources
  • Administer JumpCloud directory services including SSO, SCIM provisioning, LDAP, and MFA policy enforcement
  • Build and maintain integrations between JumpCloud and downstream SaaS platforms (Google Workspace, GitHub Enterprise, Atlassian, AI tooling, and others)
  • Own user lifecycle automation — provisioning, role changes, and offboarding — across many enterprise platforms
  • Manage Google Workspace administration including shared drives, email authentication (SPF/DKIM/DMARC), group policies, and organizational units
  • Build scripts and workflows (Python, Bash, PowerShell, Google Apps Script, or similar) to automate repetitive IT tasks
  • Assist in build and implementation of CI/CD pipelines with integrated security tooling (example tooling: SonarQube, Github Copilot, CrowdStrike Falcon Cloud Security, Snyk, Jfrog)
  • Manage AWS infrastructure including EC2, IAM policies, networking, and GovCloud environments to ensure continuous compliance with government NIST 800-171 requirements.
  • Administer GitHub Enterprise including repository management, branch protection policies, and access controls
  • Administer and tune SEIM / EDR tooling for endpoint detection, cloud security, and logging operations
  • Support CMMC Level 2, NIST 800-171, and FedRAMP compliance efforts including evidence collection and control documentation

Requirements

  • 10+ years of experience in IT engineering, systems administration, or a related discipline — with a track record of owning complex technical initiatives end-to-end
  • Deep hands-on experience with JumpCloud or a comparable IDaaS/MDM platform (Okta, Azure AD, Jamf, or similar), including SSO, SCIM, and endpoint policy management
  • Strong experience managing macOS and Windows endpoints at scale, including hardened configurations in regulated environments
  • Proficiency with Google Workspace administration across user lifecycle, shared drives, and email authentication
  • Solid scripting skills in at least one language (Python, Bash, PowerShell, or similar) with the ability to translate manual processes into repeatable automation
  • Exceptional documentation skills — you write SOPs, runbooks, and technical guides that people actually use, and you treat documentation as a deliverable, not an afterthought
  • Proven ability to work autonomously in a fast-paced environment, self-prioritize across competing demands, and drive projects to completion with minimal hand-holding
  • A demonstrated appetite for picking up new tooling quickly — you're comfortable being handed something unfamiliar and figuring it out
  • Strong cross-functional collaboration skills, with experience coordinating technical work across multiple teams or stakeholders
  • U.S. Citizenship
  • One or more relevant certifications aligned to the DoD Cyber Workforce Framework (DoDM 8140.03), such as:
  • CompTIA Security+, CySA+, or Network+
  • ISC2 SSCP or CISSP
  • GIAC GSEC or GCED
  • AWS Solutions Architect or AWS Security Specialty
  • Cisco CCNA or CCNP Security
Benefits
  • Must be a U.S. Citizen eligible for security clearance
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
device lifecycle managementendpoint policy managementmacOS administrationWindows administrationGoogle Workspace administrationscripting (Python, Bash, PowerShell)CI/CD pipelinesAWS infrastructure managementSTIG-hardened configurationsendpoint detection and response (EDR)
Soft Skills
documentation skillsautonomous workself-prioritizationproject completioncross-functional collaborationadaptability to new toolstechnical initiative ownershipcommunication skillsproblem-solvingattention to detail
Certifications
CompTIA Security+CySA+Network+ISC2 SSCPCISSPGIAC GSECGCEDAWS Solutions ArchitectAWS Security SpecialtyCisco CCNA