Senior Manager, IT Services

Location: Los Angeles, CA

Summary

The Senior IT Systems Engineer designs, implements, and supports secure, scalable identity, endpoint, and SaaS administration platforms across the organization. This role owns complex technical initiatives end to end, partners cross-functionally to improve reliability and security, and mentors junior engineers through strong standards, automation, and operational excellence.

Key Responsibilities

Identity & Access Management

• Own and evolve the organization’s identity and access management (IAM) posture using Okta, including SSO integrations (SAML/OIDC), MFA policy design, user lifecycle management, group and rules strategy, and audit-ready access controls.
• Design and maintain least-privilege access models aligned with security and compliance requirements.

Endpoint Management

• Administer and scale Apple device management using Jamf, including enrollment workflows, configuration profiles, application deployment strategies, security baselines, compliance reporting, and incident response support.
• Ensure endpoint posture meets organizational security and operational standards.

SaaS & Collaboration Platforms

• Serve as the technical owner for core productivity and collaboration platforms such as Google Workspace and Slack.
• Deliver secure configurations, reliable user lifecycle processes, role-based administration, and overall operational stability.

Automation & Engineering Practices

• Build and maintain automation to eliminate manual work across IT systems (e.g., provisioning, offboarding, access reviews, device posture reporting), primarily using Bash and/or Python.
• Apply strong software engineering practices, including testing, version control, documentation, and code review.
• Develop and maintain integrations and workflows using APIs (Okta, Jamf, Google Workspace, Slack, and related SaaS tools), including secure token management, robust error handling, and observability.

Infrastructure 

• Administrate AWS Infrastructure, including but not limited to Lambda, DynamoDB, Route53 
• Implement Infrastructure as Code (IaC) practices where applicable (e.g., Terraform) to standardize configurations, reduce drift, and improve repeatability.
• Contribute to CI/CD pipelines (GitHub Actions or equivalent) to enable safe, auditable, and repeatable system changes.

Operations & Reliability

• Lead technical troubleshooting for complex, cross-system issues spanning identity, endpoint management, and SaaS platforms.
• Perform root cause analysis and drive permanent remediation.
• Define, document, and enforce engineering standards for IT systems operations, including change management, runbooks, access controls, naming conventions, and configuration baselines.

Cross-Functional Collaboration & Leadership

• Partner closely with Security, HR, and Engineering to deliver secure-by-default onboarding, offboarding, role changes, and privileged access workflows with clear ownership and SLAs.
• Mentor and upskill less experienced team members through code reviews, pairing, technical guidance, and knowledge sharing, raising the overall quality and consistency of IT engineering deliverables.

Qualifications

Required

• 5+ years of experience in IT systems engineering, identity engineering, endpoint management, or adjacent SaaS/IT infrastructure roles (typically Professional Grade 4+ equivalent, depending on scope).
• Hands-on experience administering Okta in a production environment, including SSO/MFA, policies, group and rules strategy, and application integrations.
• Hands-on experience administering Jamf in a production macOS fleet, including packaging and deployment, configuration profiles, compliance and security baselines, and reporting.
• Strong scripting ability in Bash and/or Python for automation and API-based workflows.
• Experience using Git-based version control systems (GitHub preferred).

Preferred

• Experience with Infrastructure as Code tools (e.g., Terraform) and CI/CD practices.
• Hands on experience administrating Windows Server, Active Directory and Azure
• Familiarity with Go.
• Relevant certifications or formal training (e.g., Okta, Jamf, Google Workspace, IAM or security coursework).