IT Manager

About The Position

Requirements

• 3+ years of experience in IT systems administration or a similar hands-on IT role
• Experience administering Windows and macOS endpoints in a business environment
• Experience with Google Workspace administration (user management, security settings, organizational units)
• Hands-on experience with network administration (firewalls, switches, VPN configuration)
• Experience deploying and managing endpoint security tools (EDR/antivirus, vulnerability scanners)
• Understanding of identity and access management principles (least privilege, MFA, SSO, access reviews)
• Comfortable working in Linux environments (Debian/Ubuntu) for tasks like deploying agents, reviewing logs, and basic troubleshooting
• Familiarity with MDM/endpoint management platforms
• Strong troubleshooting skills across hardware, software, and networking
• Ability to communicate technical concepts to non-technical users with patience
• Self-directed with the ability to prioritize and manage multiple concurrent projects independently

Nice To Haves

• Experience with enterprise EDR, vulnerability management, and SIEM tooling
• Experience writing and implementing IT security policies and procedures
• Experience with IT compliance audits (ITGC, SOC 2, or similar)
• Experience with endpoint management platforms
• Experience with cloud platforms
• Experience implementing physical access control systems (key card/fob or biometric)
• Experience building IT operations from scratch in a small company environment
• Relevant certifications (CompTIA Security+, CISSP, or similar) are a plus but not required

Responsibilities

• Implement formal onboarding and offboarding processes for employee accounts and equipment across all company systems
• Own an IT help desk and ticketing system for support requests
• Own asset management platform to track all company hardware (laptops, desktops, servers, network equipment)
• Deploy and manage an MDM solution across all company endpoints (Windows and Mac)
• Maintain IT policies and documentation covering security, access management, acceptable use, and incident response
• Perform periodic access reviews to ensure proper permissions across all systems
• Manage the office LAN, firewall, switches, and internet connectivity
• Evaluate and upgrade network equipment as needed
• Deploy and manage endpoint security software across all company devices
• Enforce disk encryption on all endpoint devices
• Monitor and manage endpoint patching and OS updates
• Manage DNS and email security configurations
• Monitor the Rapid7 SIEM for security events and respond to alerts
• Enforce MFA across all company systems
• Maintain least-privilege access controls across all platforms
• Manage privileged access with segregated administrative accounts
• Conduct periodic vulnerability assessments and remediate findings
• Maintain an incident response plan and disaster recovery plan, including annual tabletop exercises
• Perform regular internal security audits (exposed services, misconfigurations, EOL software)
• Coordinate with engineering team on server-side security items (agent deployment, hardening, log ingestion)
• Manage core business systems, collaboration suite, and remote-access systems
• Manage password manager administration (vaults, sharing policies, permissions)
• Manage secure remote access
• Manage physical office access control (implement and maintain an electronic access system)
• Ensure timely provisioning and deprovisioning tied to employee lifecycle events
• Oversee backup strategy -- ensure backups are encrypted and regularly tested for restoration
• Provide technical support to approximately 30 employees across Windows and Mac platforms
• Support both in-office and remote employees (approximately 50/50 split)
• Troubleshoot hardware, software, network, and connectivity issues
• Provide patient, clear guidance to less technical staff while respecting the autonomy of technical team members
• Set up and configure new employee workstations and laptops

Benefits

• Enterprise security tooling already licensed
• Leadership is invested in doing this right
• You report to company leadership with full authority to make decisions and recommend solutions
• A strong engineering team handles application servers and infrastructure, so you can focus on what matters most -- security, endpoints, and operations