Job Description:Role SummaryManage endpoint security, vulnerability management, SIEM monitoring, identity and access administration, DNS/email security, secure remote access, and IT operations across Windows, Mac, and selected Linux systems.
What You'll DoBuild the IT Foundation- Implement formal onboarding and offboarding processes for employee accounts and equipment across all company systems
- Own an IT help desk and ticketing system for support requests
- Own asset management platform to track all company hardware (laptops, desktops, servers, network equipment)
- Deploy and manage an MDM solution across all company endpoints (Windows and Mac)
- Maintain IT policies and documentation covering security, access management, acceptable use, and incident response
- Perform periodic access reviews to ensure proper permissions across all systems
Endpoint & Network Management- Manage the office LAN, firewall, switches, and internet connectivity
- Evaluate and upgrade network equipment as needed
- Deploy and manage endpoint security software across all company devices
- Enforce disk encryption on all endpoint devices
- Monitor and manage endpoint patching and OS updates
- Manage DNS and email security configurations.
Security & Compliance- Monitor the Rapid7 SIEM for security events and respond to alerts
- Enforce MFA across all company systems
- Maintain least-privilege access controls across all platforms
- Manage privileged access with segregated administrative accounts
- Conduct periodic vulnerability assessments and remediate findings
- Maintain an incident response plan and disaster recovery plan, including annual tabletop exercises
- Perform regular internal security audits (exposed services, misconfigurations, EOL software)
- Coordinate with engineering team on server-side security items (agent deployment, hardening, log ingestion)
Access & Account Management- Manage core business systems, collaboration suite, and remote-access systems
- Manage password manager administration (vaults, sharing policies, permissions)
- Manage secure remote access
- Manage physical office access control (implement and maintain an electronic access system)
- Ensure timely provisioning and deprovisioning tied to employee lifecycle events
- Oversee backup strategy -- ensure backups are encrypted and regularly tested for restoration
End-User Support- Provide technical support to approximately 30 employees across Windows and Mac platforms
- Support both in-office and remote employees (approximately 50/50 split)
- Troubleshoot hardware, software, network, and connectivity issues
- Provide patient, clear guidance to less technical staff while respecting the autonomy of technical team members
- Set up and configure new employee workstations and laptops
Required Qualifications- 3+ years of experience in IT systems administration or a similar hands-on IT role
- Experience administering Windows and macOS endpoints in a business environment
- Experience with Google Workspace administration (user management, security settings, organizational units)
- Hands-on experience with network administration (firewalls, switches, VPN configuration)
- Experience deploying and managing endpoint security tools (EDR/antivirus, vulnerability scanners)
- Understanding of identity and access management principles (least privilege, MFA, SSO, access reviews)
- Comfortable working in Linux environments (Debian/Ubuntu) for tasks like deploying agents, reviewing logs, and basic troubleshooting
- Familiarity with MDM/endpoint management platforms
- Strong troubleshooting skills across hardware, software, and networking
- Ability to communicate technical concepts to non-technical users with patience
- Self-directed with the ability to prioritize and manage multiple concurrent projects independently
Preferred Qualifications- Experience with enterprise EDR, vulnerability management, and SIEM tooling
- Experience writing and implementing IT security policies and procedures
- Experience with IT compliance audits (ITGC, SOC 2, or similar)
- Experience with endpoint management platforms
- Experience with cloud platforms
- Experience implementing physical access control systems (key card/fob or biometric)
- Experience building IT operations from scratch in a small company environment
- Relevant certifications (CompTIA Security+, CISSP, or similar) are a plus but not required
What Success Looks Like- 30 days: Solid understanding of the environment, critical security gaps addressed, onboarding/offboarding process in place
- 90 days: MDM deployed, ticketing system operational, security tooling fully deployed across all endpoints, access reviews established
- 6 months: All IT policies documented and in practice, backup strategy modernized, incident response and disaster recovery plans current and tested
- 12 months: Mature, well-documented IT operations; clean compliance posture; proactive security monitoring; employees supported efficiently regardless of technical skill level
Why This Role- Your work directly protects the company and makes every employee's day smoother.
- Enterprise security tooling already licensed. Leadership is invested in doing this right.
- You report to company leadership with full authority to make decisions and recommend solutions.
- A strong engineering team handles application servers and infrastructure, so you can focus on what matters most -- security, endpoints, and operations.
Business Unit:Innovative Computer Solutions Inc
Scheduled Weekly Hours:40
Number of Openings Available:1
Worker Type:Regular
