Tech Ops Engineer

Wand

$90K — $120K *
US-AnywhereRemote in United States
Information Technology
Less than 5 years of experience
2 weeks ago
Job Overview by Ladders

Qualifications

  • 4+ years in IT, Tech Ops, or IT/Security roles with a proactive approach to building technical functions.
  • Experience with identity management systems and access provisioning workflows.
  • Knowledge of cloud networking fundamentals, including VPCs and IAM policies, in GCP or equivalent.
  • Proven track record in managing device lifecycles, including provisioning and MDM solutions.
  • Experience supporting remote teams with focus on security and logistics in distributed environments.
  • Familiar with security frameworks and best practices, defaulting to least-privilege principles.
  • Strong automation skills using scripts, APIs, or Infrastructure as Code (IaC).
  • Excellent communicator, capable of conveying technical concepts to various audiences.

Responsibilities

  • Automate access control processes for various SaaS tools.
  • Consolidate authentication systems with a central identity provider and establish group-based access policies.
  • Create onboarding and offboarding procedures to ensure seamless access management.
  • Collaborate with People Ops to automate access changes related to employee lifecycle events.
  • Take full ownership of hardware provisioning and develop onboarding playbooks for devices.
  • Manage hardware inventory and establish purchasing or refurbishment processes.
  • Implement an MDM solution to enforce security across devices and ensure compliance.

Benefits

  • Competitive compensation and equity package.
  • Fully remote work arrangement.
  • Opportunity to build the Tech Ops function from the ground up.
  • Collaborative team culture passionate about gaming and rapid development.
Full Job Description
We9re looking for a hands-on Tech Ops Engineer to own the internal technical operations function at Wand. We9ve been in growth mode over the last year - scaling from a handful of people to 30+ full-time employees and 60+ global contractors - and our device provisioning and access control hasn9t yet evolved with that expansion. The process that we have today is increasingly becoming a bottleneck to the continued growth of the company given how manual it is. This role is about taking ownership over automating a process that once fit a small company we9ve outgrown.

You9ll partner closely with the CTO on the technical direction and build the infrastructure that lets a fully remote, global team work securely and seamlessly. That means automating how people get access to the tools they need, owning hardware provisioning end-to-end, exploring what changes we should make to our cloud networking, and making sure we can deprovision quickly when people leave. You will be working closely with engineering on all the Tech Ops / Engineering boundaries (application development, CI/CD, product infrastructure) - opinions are welcome and willingness to dig into that is preferred!

What You9ll Do
Access & Identity Management
  • Automate access control end-to-end: Design and implement an automated system for granting, reviewing, and revoking access across Google Workspace, GitHub, Cloudflare SSO, and our growing roster of SaaS tools.
  • Own our identity layer: Consolidate authentication around a central identity provider (e.g., Google Workspace, Okta, JumpCloud), implement SCIM provisioning where possible, and build group-based access policies that scale with our team.
  • Build onboarding and offboarding runbooks: A new hire should be able to sign in to everything they need on day one, and when someone leaves, their access should be revoked quickly and reliably.
  • Partner with People Ops on the employee lifecycle: Work closely with our People Ops Lead to integrate HR systems (Gusto, Deel) with IT provisioning so hiring, role changes, and departures flow automatically into access changes.
Hardware & Device Lifecycle
  • Own hardware provisioning: Take full ownership of device procurement, imaging, shipping, and recovery. Build a repeatable playbook for getting laptop into a new hire9s hands on day one, whether they9re in the US or working with a contractor partner abroad.
  • Manage hardware inventory: Monitor and manage physical hardware inventory. Figure out a process for purchasing and/or refurbishing devices that integrates with our onboarding process.
  • Stand up an MDM program: Deploy and manage an MDM solution (e.g., Kandji, Jamf, Rippling) to enforce baseline security posture - disk encryption, OS patching, screen lock, threat detection - across company-owned devices.
  • Migrate the team to properly provisioned devices: Device provisioning hasn9t been a standard process over the years. Migrate them to company-provisioned, properly provisioned devices without disrupting the team.
Cloud Infrastructure & Networking
  • Define and implement cloud networking best practices: Today, internal services are authenticated via Cloudflare SSO. Evaluate options (e.g., Cloudflare Zero Trust, Tailscale, VPCs with bastion or IAP) and propose changes in service of making work seamless and secure for a fully remote workforce.
  • Manage cloud IAM and org structure: Define and enforce least-privilege IAM policies across GCP and other cloud services, set up organization-level guardrails, and build a model for granting engineers scoped access when they need it.
  • Partner with engineering on the boundary: You9ll be working with engineering closely on all boundary projects and anything that requires a handoff - identity, networking, and access. The goal is to allow everyone to ship faster and focus on what they know best.
Internal Tooling & SaaS Management
  • Own internal SaaS and collaboration tools: Manage our Google Workspace tenant, Slack, GitHub org, and the long tail of SaaS tools the team relies on. Keep them configured securely, patched, and well-integrated.
  • Be the internal help desk - then automate yourself out of it: Handle the day-to-day 40I can9t access X41 tickets in the short term, and systematically automate, document, or self-serve the recurring ones.
  • Own the tooling budget: Manage our SaaS and tooling spend, flag where we have leverage on renewals, and identify areas of savings as the stack grows.
Who You Are
Core Requirements
  • 4+ years in an IT, Tech Ops, or IT/Security hybrid role at a tech company, with meaningful time spent building (not just maintaining) the function.
  • Hands-on with identity and access: You9ve implemented SSO, SCIM, or access-provisioning workflows in a real environment (e.g., Google Workspace, Cloudflare Zero Trust, Okta, JumpCloud, Azure AD) and understand the trade-offs between them.
  • Cloud networking fundamentals: You can stand up VPCs, subnets, IAM policies, and private access patterns in GCP (or an equivalent cloud). You don9t need to be a network engineer, but you should know what good looks like.
  • Device lifecycle experience: You9ve owned or meaningfully contributed to hardware provisioning at a small-to-mid-sized company-imaging, MDM (e.g., Kandji, Jamf, Rippling), shipping, recovery-and know where to outsource vs. do in-house. This includes hardware inventory management as well as device lifecycle.
  • Remote-first instincts: You9ve supported a fully distributed team (or meaningful pieces of one) and know how the security, UX, and logistics differ from an office-based setup.
  • Security-minded: You have working familiarity with security frameworks (even if we9re not pursuing SOC 2 today) and default to least-privilege. You know what a well-hardened startup looks like and what threats to actually care about at our stage.
  • Automation over tickets: You reach for scripts, APIs, and IaC (Terraform, Pulumi, shell, Python) before you reach for a manual checklist. You9ve written automations that outlived your time at a previous company.
  • High ownership, low ego: You9re comfortable being the only Tech Ops person at the company, operating independently, and pairing closely with a technical leadership team that will be opinionated on the work. You9re able to be high-output on your own without needing daily direction.
  • Clear communicator: You can explain an access model to an engineer and a resolution to a technical support issue to a QA contractor in the Philippines with equal clarity.
Bonus Points
  • You9ve been the first dedicated Tech Ops / IT hire at a company and scaled the function from 10-ish to 100+ people.
  • Experience supporting both US full-time employees and global contractor populations (Deel, HI, or equivalent).
  • Familiarity with our current stack: Google Workspace, Cloudflare (SSO / Zero Trust / Access), GitHub, Slack, Gusto, Deel.
  • Experience with gaming, consumer tech, or other creator-adjacent companies.
What We Offer
  • Competitive compensation and equity package.
  • Fully remote work arrangement.
  • The opportunity to build the Tech Ops function from the ground up at a rapidly scaling consumer gaming company.
  • A team of people who genuinely love games, move incredibly fast, and care deeply about what they build.
How to Apply
  • Please submit your resume.
  • Join us in creating the ultimate PC gaming companion!
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Wand

More Information Technology Jobs

Find similar Tech Ops Engineer jobs:

NationwideRemote