Key skills
macOS administrationPythonendpoint managementcloud infrastructureSOC 2 complianceBashidentity managementvulnerability scanningremote supportsystems thinkingClaudeAWSAzureGCPIAMOAuthSAMLSSOGitHubRepositorySaaSCommunication
About this role
Trail of Bits is a cybersecurity firm that focuses on security audits and building research tools. They are seeking an IT Operations Engineer to manage their internal IT infrastructure, ensuring security compliance and enhancing employee technology experiences while automating processes and tools.
Responsibilities:
- Test, deploy, and maintain MDM solutions (Jamf Pro) and endpoint security tools (CrowdStrike Falcon, iVerify)
- Maintain strict parity between the configuration repository and what is deployed across the fleet
- Manage Apple Business Manager, device lifecycle (ordering, provisioning, recovery), and automated onboarding/offboarding workflows
- Enforce macOS update policies and patch management across the fleet
- Manage identity and access across the SaaS ecosystem including Google Workspace (with Context-Aware Access), 1Password, Microsoft Entra, GitHub, Slack, and other platforms
- Set up and integrate new systems with SSO (SAML, OIDC, OAuth 2.0)
- Enforce account lifecycle hygiene: provisioning on day one, prompt suspension on departure, regular audits of authorized devices and access
- Maintain organizational systems for credential management -- vaults, naming conventions, cross-references
- Maintain SOC 2 compliance posture and manage compliance automation platforms (Vanta)
- Respond to client security questionnaires and provide compliance documentation for engagements across government, defense, and enterprise sectors
- Manage endpoint detection and response (CrowdStrike Falcon), network canaries (Thinkst), email security (Material Security), and mobile device verification (iVerify)
- Proactively maintain security posture through vulnerability scanning, configuration audits, and patch management
- Monitor for and respond to supply chain threats -- package manager attacks, extension supply chain risks, dependency vulnerabilities -- with real-time detection where possible
- Write and maintain security policies, runbooks, and documentation
- Manage and rationalize cloud infrastructure across GCP and other providers
- Maintain accurate inventory, eliminate waste, and enforce least-privilege access for service accounts and cloud IAM
- Develop reporting to monitor fleet health, compliance state, and infrastructure costs
- Automate repetitive tasks across the company through scripting and custom tooling
- Build internal tools to improve employee self-service
- Maintain and extend workflow automation and internal tooling infrastructure
- Manage developer tooling governance: Claude API access, VS Code extension security, GitHub organization administration and Advanced Security
- Evaluate and implement new technologies to improve operational efficiency
- Document every configuration, script, and policy change in GitHub and public Slack channels
- Work visibly. Planned changes announced in advance, coverage gaps flagged early, status always obvious
- Maintain the IT scripts and configuration repository as the single source of truth for what is deployed across the fleet
- Provide technical support and guidance to employees in a remote-first environment via Slack
- Provide coverage for critical issues outside standard business hours
- Review code contributions to IT repositories and provide meaningful technical feedback
- Identify security events and integrate alerting processes into Slack
Requirements:
- Significant experience in IT Operations, DevOps, or Systems Administration -- we care more about what you can demonstrate than how many years you've been doing it
- Strong background in endpoint management using MDM systems or open-source tools
- Previous experience as the primary or solo IT person at a company
- Experience inheriting and improving existing infrastructure -- not just greenfield builds
- Strong programming skills in Python and Bash
- Comfortable writing production-quality scripts and tools that scale, not just code that works
- Experience automating workflows and building internal tooling
- Able to review others' code and provide constructive, technically grounded feedback
- Expert-level macOS administration experience with deep familiarity with MDM, system configuration, and endpoint management
- Experience managing Windows and Linux devices
- Experience with authentication and access control protocols including OAuth 2.0, SAML, FIDO/U2F, TOTP/HOTP, and other multi-factor authentication methods
- Experience with Google Workspace administration, 1Password or similar credential management, and identity providers (Entra or similar)
- Experience managing cloud infrastructure on AWS, Azure, or GCP
- Demonstrated ability to audit, rationalize, and optimize cloud environments -- not just provision new resources
- SOC 2 compliance knowledge required
- Experience responding to client security questionnaires and providing compliance documentation
- Familiarity with NIST SP 800-171, NIST SP 800-53, CMMC, or FedRAMP is a plus
- Experience with vulnerability scanning and patch management processes
- Familiarity with zero-trust security architectures is a plus
- Excellent written communication skills -- you'll write documentation, runbooks, and security policies that others rely on
- Strong organizational skills and ability to manage multiple priorities independently
- Comfortable providing support and guidance to a remote, technical workforce
- Systems thinker: you diagnose root causes, not just symptoms, and build processes that prevent recurrence
- Background working at a cybersecurity or security-focused organization
- Experience with infrastructure-as-code
- Experience inheriting and stabilizing IT environments during periods of organizational growth or transition