About Istari Digital

Istari Digital is a government and commercial contracting company that partners with leading defense organizations on classified and ITAR-regulated data projects. We operate in a fast-paced, security-first environment where reliability, compliance, and innovation go hand in hand.

The Role

We're looking for a Staff IT Engineer to take ownership of our enterprise device management, SaaS ecosystem, systems integrations, and security tooling. This is a senior individual contributor role with high visibility — you'll be the go-to person for keeping our identity, endpoint, and automation infrastructure running smoothly while supporting our DevOps and cybersecurity compliance posture. If you like building things that scale and hate doing the same manual task twice, you'll fit right in.

Core Responsibilities

Endpoint & MDM Management

Own end-to-end device lifecycle management across macOS and Windows using JumpCloud MDM, including enrollment, configuration profiles, and policy enforcement

Maintain STIG-hardened endpoint configurations and ensure continuous compliance across the device fleet

Manage hardware provisioning, and offboarding/wipe procedures for both hardware and software accounts

Configure and enforce patching at the OS level and application level

Implement and maintain least privileged access across our ecosystem and conditional / geolocation based access to sensitive resources

Identity, Access & SaaS Integrations

Administer JumpCloud directory services including SSO, SCIM provisioning, LDAP, and MFA policy enforcement

Build and maintain integrations between JumpCloud and downstream SaaS platforms (Google Workspace, GitHub Enterprise, Atlassian, AI tooling, and others)

Own user lifecycle automation — provisioning, role changes, and offboarding — across many enterprise platforms

Manage Google Workspace administration including shared drives, email authentication (SPF/DKIM/DMARC), group policies, and organizational units

Build scripts and workflows (Python, Bash, PowerShell, Google Apps Script, or similar) to automate repetitive IT tasks

DevOps & Cloud Infrastructure

Assist in build and implementation of CI/CD pipelines with integrated security tooling (example tooling: SonarQube, Github Copilot, CrowdStrike Falcon Cloud Security, Snyk, Jfrog)

Manage AWS infrastructure including EC2, IAM policies, networking, and GovCloud environments to ensure continuous compliance with government NIST 800-171 requirements.

Administer GitHub Enterprise including repository management, branch protection policies, and access controls

Cybersecurity Tooling & Compliance

Administer and tune SEIM / EDR tooling for endpoint detection, cloud security, and logging operations

Support CMMC Level 2, NIST 800-171, and FedRAMP compliance efforts including evidence collection and control documentation

Required Qualifications

10+ years of experience in IT engineering, systems administration, or a related discipline — with a track record of owning complex technical initiatives end-to-end

Deep hands-on experience with JumpCloud or a comparable IDaaS/MDM platform (Okta, Azure AD, Jamf, or similar), including SSO, SCIM, and endpoint policy management

Strong experience managing macOS and Windows endpoints at scale, including hardened configurations in regulated environments

Proficiency with Google Workspace administration across user lifecycle, shared drives, and email authentication

Solid scripting skills in at least one language (Python, Bash, PowerShell, or similar) with the ability to translate manual processes into repeatable automation

Exceptional documentation skills — you write SOPs, runbooks, and technical guides that people actually use, and you treat documentation as a deliverable, not an afterthought

Proven ability to work autonomously in a fast-paced environment, self-prioritize across competing demands, and drive projects to completion with minimal hand-holding

A demonstrated appetite for picking up new tooling quickly — you're comfortable being handed something unfamiliar and figuring it out

Strong cross-functional collaboration skills, with experience coordinating technical work across multiple teams or stakeholders

U.S. Citizenship

One or more relevant certifications aligned to the DoD Cyber Workforce Framework (DoDM 8140.03), such as:

CompTIA Security+, CySA+, or Network+

ISC2 SSCP or CISSP

GIAC GSEC or GCED

AWS Solutions Architect or AWS Security Specialty

Cisco CCNA or CCNP Security

Preferred

Experience working in ITAR, FedRAMP, CMMC, or other regulated/compliance-driven environments — candidates from adjacent regulated industries are also encouraged to apply

Hands-on experience with SaaS management platforms (Zylo, Torii, BetterCloud, or similar) or IT asset management tooling

Working knowledge of NIST 800-171, NIST 800-53, or similar compliance frameworks — bonus points if you've contributed to SSP documentation or audit evidence packages

A habit of leaving things better documented than you found them — whether that's a runbook, a wiki, or an architecture diagram