IT Systems Engineer – IAM & Cloud Infrastructure

Avolve Software Group•, CO

1d•$115,000 - $132,000•Remote

About The Position

Avolve is seeking a Systems Engineer to support and evolve our identity and access management (IAM) platform, cloud infrastructure, and endpoint management environment. This role requires expertise across Microsoft Azure, Google Cloud Platform (GCP), and modern identity standards such as SAML and SCIM provisioning, blending hands‑on systems support with engineering responsibilities. As a key technical contributor, you’ll collaborate closely with IT, security, and cross‑functional teams to maintain secure, scalable systems while supporting compliance efforts aligned with ISO 27001, ISO 43001, GDPR, and SOC 2 Type II. This role offers opportunities for both independent problem‑solving and team‑driven innovation and may require occasional after‑hours support for critical systems, integrations, and maintenance activities.

Requirements

Bachelor's degree in computer science, information technology or related field, or the equivalent combination of education, training, and experience.
3–5 years of experience in IT systems administration, systems engineering, or cloud operations.
Hands‑on experience with Microsoft Entra ID (Azure AD).
Practical experience implementing and supporting SAML SSO and SCIM provisioning.
Working knowledge of Azure and GCP infrastructure concepts.
Experience managing devices with Intune and Apple Business Manager (ABM).
Familiarity with security controls, audits, and documentation related to SOC 2, ISO, and GDPR.
Strong troubleshooting skills and the ability to clearly document systems and procedures.
Strong communication and collaboration skills to work across cross-functional teams.

Nice To Haves

Experience with OAuth2 / OIDC beyond basic SSO.
Scripting or automation experience (PowerShell, Python, Bash).
Exposure to infrastructure‑as‑code (Terraform) or CI/CD‑integrated cloud workflows.
Experience supporting SaaS or regulated environments.
Familiarity with endpoint security tooling (EDR, disk encryption, compliance reporting).

Responsibilities

Administer Microsoft Entra ID (Azure AD) including users, groups, roles, MFA, conditional access, and lifecycle workflows.
Implement, maintain, and troubleshoot SAML 2.0 and OIDC SSO integrations with third‑party and internal applications.
Manage SCIM provisioning for automated user and group lifecycle management, including attribute mapping and transformation, group/role assignments, and deprovisioning and access enforcement.
Support onboarding/offboarding processes with a strong emphasis on least privilege and auditability.
Provide operational support for Microsoft Azure and Google Cloud Platform (GCP) environments.
Assist with administration of compute, storage, networking, and identity‑integrated services.
Monitor system health, respond to alerts, and support incident resolution.
Perform routine maintenance, configuration changes, and service improvements.
Participate in documentation, runbooks, and operational best practices.
Manage endpoints using Microsoft Intune and Apple Business Manager (ABM) for Windows 10/11, Android, macOS, iOS, and iPadOS devices.
Deploy and maintain configuration profiles and compliance policies, security baselines and encryption requirements, and application deployment and update strategies.
Troubleshoot device enrollment, policy conflicts, and compliance issues.
Assist with maintaining compliance with ISO 27001, ISO 43001, GDPR, and SOC 2 Type II.
Support audit preparation by providing evidence, access documentation, and procedural updates.
Follow and enforce security policies related to identity, devices, and cloud infrastructure.
Act as an escalation point for complex IAM, SSO, MDM, and cloud issues.
Participate in after‑hours or off‑hours support as needed for system outages, identity or integration failures, and planned maintenance or critical changes.