Senior IT Engineer

About The Position

Requirements

• 5–8+ years in IT systems engineering
• Hands-on depth in at least three of: Okta/IdP administration, SAML/OIDC federation engineering, macOS endpoint management (Kandji or Jamf), Google Workspace administration, IT automation and integration, or SOC 2/compliance operations.
• Experience building net-new SAML 2.0 and OIDC integrations from scratch on both the SP and IdP sides.
• Ability to debug assertion failures, fix attribute mapping mismatches, troubleshoot SCIM sync errors, and own the full federation lifecycle.
• Demonstrated track record of building multi-step, multi-system automation workflows with measurable business impact.
• Comfortable writing Python, Bash, or equivalent to extend low-code platforms, build lightweight tooling, or debug integration issues.
• Actively use AI tools (Claude, Copilot, or similar) to accelerate own work, and have built or designed AI-powered automations or agentic workflows.
• Genuine curiosity about where LLMs and AI-native tooling create leverage in IT operations.
• Ability to work through ambiguous problems independently from initial triage through remediation and documentation.
• Strong cross-functional collaboration skills.
• Able to translate complex technical decisions for non-technical stakeholders and work effectively with Legal, People, Security, and Engineering.

Nice To Haves

• Okta Workflows experience is strongly preferred.
• Deep Okta Workflows experience including complex branching, error handling, and cross-app orchestration
• Experience with enterprise iPaaS platforms (Workato or equivalent) in addition to Okta Workflows
• Familiarity with AI tool governance - acceptable use policies, connector security reviews, and data classification in AI contexts
• Experience supporting M&A technical integrations or cross-tenant identity migrations
• Zero-trust architecture patterns, CASB/SSPM tooling, or ZTNA experience
• Certifications in Okta, Kandji, or Google Workspace
• Prior experience at a high-growth tech company with a lean IT team and large scope

Responsibilities

• Own and evolve Amplitude's IT automation platform with Okta Workflows as the primary engine.
• Design and deliver reliable, scalable automations across onboarding and offboarding, access provisioning, SaaS license management, and compliance workflows.
• Own the full Okta configuration surface, SSO integrations, SCIM provisioning, group rules, adaptive MFA, RBAC lifecycle automation, and access review workflows in Lumos.
• Debug the full federation layer including attribute mapping, JIT provisioning, and SCIM reconciliation, and maintain production-grade configurations across the fleet.
• Design, implement, and troubleshoot complex SAML 2.0 and OIDC integrations across enterprise SaaS applications.
• Administer macOS device management at scale via Kandji, including zero-touch provisioning, Blueprint and Library Item configuration, software deployment, and security policy enforcement.
• Maintain fleet compliance through automated checks and diagnose complex endpoint issues.
• Champion AI adoption within IT, identifying high-value automation opportunities, evaluating AI-native and low-code tooling, and building agentic workflows.
• Use LLMs to accelerate own work (drafting runbooks, triaging issues, summarizing access reviews) and build AI-powered automations.
• Own Workspace admin depth, directory configuration, group management, Drive and sharing policy enforcement, DLP settings, and audit log triage.
• Maintain clean provisioning and deprovisioning integration between Workspace and Okta.
• Support SOC 2 evidence collection and access review workflows, including building and maintaining automated pipelines.
• Own the full onboarding and offboarding lifecycle end-to-end across Okta, Google Workspace, Kandji, and the broader SaaS stack.
• Design and maintain automated workflows for joiner, mover, and leaver processes.
• Manage the lifecycle of Amplitude's corporate SaaS stack, vendor onboarding integrations, license optimization, app security reviews, and offboarding automation.
• Maintain up-to-date documentation, runbooks, and operational playbooks for every platform owned.
• Partner with IT Security, Engineering, People Ops, and Finance to deliver high-impact projects.
• Communicate clearly with both technical and executive audiences on project status, risk, and outcomes.

Benefits

• Excellent Medical, Dental and Vision insurance coverages, with 100% employer-paid premiums for employee Medical, Dental, Vision on select plans
• Flexible time off
• Paid holidays
• Generous stipends for wellness (monthly), commuter transit/parking (monthly), learning and development (quarterly), home office equipment (annual)
• Excellent Parental benefits including: 12-20 weeks of Paid Parental Leave, Carrot Fertility Benefits/Adoption/Surrogacy support, Back-up Child Care support
• Mental health and wellness benefits including no cost employee access to Modern Health coaching & therapy Sessions and high quality physician office experience via One Medical membership (select U.S. locations only)
• Employee Stock Purchase Program (ESPP)
• Unlimited PTO
• 10 to 13 holidays annually (will vary)
• medical dental and vision PPO and CDHP plans
• company sponsored 401(k) retirement plan
• This role is eligible for equity, benefits and other forms of compensation.