Reports to: IT ManagerLocation: Hybrid / Washington DC Metro AreaClearance Requirement: Must be a U.S. Citizen eligible for security clearance The RoleWe're looking for a Staff IT Engineer to take ownership of our enterprise device management, SaaS ecosystem, systems integrations, and security tooling. This is a senior individual contributor role with high visibility - you'll be the go-to person for keeping our identity, endpoint, and automation infrastructure running smoothly while supporting our DevOps and cybersecurity compliance posture. If you like building things that scale and hate doing the same manual task twice, you'll fit right in.
Core ResponsibilitiesEndpoint & MDM Management- Own end-to-end device lifecycle management across macOS and Windows using JumpCloud MDM, including enrollment, configuration profiles, and policy enforcement
- Maintain STIG-hardened endpoint configurations and ensure continuous compliance across the device fleet
>
- Manage hardware provisioning, and offboarding/wipe procedures for both hardware and software accounts
>- Configure and enforce patching at the OS level and application level
>- Implement and maintain least privileged access across our ecosystem and conditional / geolocation based access to sensitive resources
>
Identity, Access & SaaS Integrations- Administer JumpCloud directory services including SSO, SCIM provisioning, LDAP, and MFA policy enforcement
>- Build and maintain integrations between JumpCloud and downstream SaaS platforms (Google Workspace, GitHub Enterprise, Atlassian, AI tooling, and others)
>- Own user lifecycle automation - provisioning, role changes, and offboarding - across many enterprise platforms
>- Manage Google Workspace administration including shared drives, email authentication (SPF/DKIM/DMARC), group policies, and organizational units
>- Build scripts and workflows (Python, Bash, PowerShell, Google Apps Script, or similar) to automate repetitive IT tasks
>
DevOps & Cloud Infrastructure- Assist in build and implementation of CI/CD pipelines with integrated security tooling (example tooling: SonarQube, Github Copilot, CrowdStrike Falcon Cloud Security, Snyk, Jfrog)
>- Manage AWS infrastructure including EC2, IAM policies, networking, and GovCloud environments to ensure continuous compliance with government NIST 800-171 requirements.
>- Administer GitHub Enterprise including repository management, branch protection policies, and access controls
>
Cybersecurity Tooling & Compliance- Administer and tune SEIM / EDR tooling for endpoint detection, cloud security, and logging operations
>- Support CMMC Level 2, NIST 800-171, and FedRAMP compliance efforts including evidence collection and control documentation
>
Required Qualifications- 10+ years of experience in IT engineering, systems administration, or a related discipline - with a track record of owning complex technical initiatives end-to-end
>- Deep hands-on experience with JumpCloud or a comparable IDaaS/MDM platform (Okta, Azure AD, Jamf, or similar), including SSO, SCIM, and endpoint policy management
>- Strong experience managing macOS and Windows endpoints at scale, including hardened configurations in regulated environments
>- Proficiency with Google Workspace administration across user lifecycle, shared drives, and email authentication
>- Solid scripting skills in at least one language (Python, Bash, PowerShell, or similar) with the ability to translate manual processes into repeatable automation
>- Exceptional documentation skills - you write SOPs, runbooks, and technical guides that people actually use, and you treat documentation as a deliverable, not an afterthought
>- Proven ability to work autonomously in a fast-paced environment, self-prioritize across competing demands, and drive projects to completion with minimal hand-holding
>- A demonstrated appetite for picking up new tooling quickly - you're comfortable being handed something unfamiliar and figuring it out
>- Strong cross-functional collaboration skills, with experience coordinating technical work across multiple teams or stakeholders
>- U.S. Citizenship
>- One or more relevant certifications aligned to the DoD Cyber Workforce Framework (DoDM 8140.03), such as:
- CompTIA Security+, CySA+, or Network+
>- ISC2 SSCP or CISSP
>- GIAC GSEC or GCED
>- AWS Solutions Architect or AWS Security Specialty
>- Cisco CCNA or CCNP Security
>
Preferred- Experience working in ITAR, FedRAMP, CMMC, or other regulated/compliance-driven environments - candidates from adjacent regulated industries are also encouraged to apply
>- Hands-on experience with SaaS management platforms (Zylo, Torii, BetterCloud, or similar) or IT asset management tooling
>- Working knowledge of NIST 800-171, NIST 800-53, or similar compliance frameworks - bonus points if you've contributed to SSP documentation or audit evidence packages
>- A habit of leaving things better documented than you found them - whether that's a runbook, a wiki, or an architecture diagram
>
