Senior IT Systems Engineer

About The Position

Requirements

• Experience: 5–8 years in IT Systems Engineering, Corporate Infrastructure, or a closely related discipline within an enterprise environment.
• Endpoint Expertise: Deep hands-on experience managing macOS fleets at scale using MDM platforms; iOS and Linux experience a plus.
• Cloud Infrastructure: Working knowledge of at least one major cloud platform (GCP, AWS, or Azure) in a corporate IT context, IAM, networking, logging, and access controls.
• Identity & Access Management: Strong understanding of SSO (SAML/OIDC), MFA enforcement, SCIM provisioning, and directory services administration.
• Security & Compliance: Practical experience implementing technical controls aligned to SOC 2, HIPAA, or equivalent frameworks; familiarity with audit evidence collection.
• Scripting & Automation: Proficiency in Bash, Python, or equivalent scripting for system administration and operational automation tasks.
• Problem Solving: Ability to independently diagnose and resolve complex infrastructure and endpoint issues in a fast-moving environment.

Nice To Haves

• Experience with Fleet for open-source device management and osquery-based visibility.
• Familiarity with IaC tooling (Terraform) for infrastructure configuration management.
• Exposure to SIEM platforms and endpoint detection and response (EDR) tooling.
• Experience in healthcare or other regulated industries.

Responsibilities

• Endpoint Management: Own the full lifecycle of corporate endpoints, macOS, iOS, and Linux, including imaging, configuration management, patch enforcement, and compliance remediation using MDM platforms (JAMF, Fleet, or equivalent).
• Infrastructure Operations: Manage and maintain cloud infrastructure components (GCP, AWS, and/or Azure) supporting corporate IT, including identity federation, network segmentation, and access controls.
• Security & Compliance Hardening: Implement and enforce CIS benchmarks, endpoint security baselines, and configuration standards aligned with SOC 2 Trust Service Criteria and HIPAA technical safeguards.
• Identity & Access Management: Administer and maintain SSO, MFA, and directory services (Okta, Google Workspace, or equivalent); support access provisioning and deprovisioning workflows.
• Asset & Configuration Management: Maintain an accurate CMDB and asset inventory; enforce configuration-as-code practices where applicable.
• Cross-functional Collaboration: Partner with Security, Engineering, and IT Automation peers to evaluate new tooling, respond to audit requests, and drive continuous improvement of the infrastructure posture.

Benefits

• Generous Time Off : 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
• Comprehensive Health Plans : Medical, Dental, and Vision coverage for all full-time employees and their families.
• Generous HSA Contribution : If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA.
• Paid Parental Leave : Generous paid parental leave for all full-time employees.
• Family Forming Benefits: Resources and financial support to help you build your family.
• 401(k) Matching : Contribution matching to help invest in your future.
• Personal Device Allowance : Tax free funds for personal device usage.
• Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits.
• Lifestyle Wallet : Monthly contributions for fitness, professional development, coworking, and more.
• Mental Health Support : Dedicated access to therapy and coaching to help you reach your goals.
• Sabbatical Leave : Paid Sabbatical Leave after 5 years of employment.
• Compensation and Equity : Competitive compensation and equity grants for full time employees.