Senior IT Engineer

About Nue.io

What You’ll Do:

Responsibilities:

IT architecture, strategy & ownership

• Implement and maintain standard patterns for user lifecycle, access control, and device posture that align with security and compliance requirements, in partnership with the Director, IT.
• Contribute hands-on input to the design and continuous improvement of IT architecture for corporate endpoints, identity, and SaaS applications.

Endpoint & asset management

• Design and maintain hardened baseline configurations for Mac endpoints, including MDM/EDR policies, patching, and disk encryption.
• Ensure accurate, auditable asset inventories for laptops, networking gear, and key IT-managed services.
• Establish and optimize tooling and automation for device provisioning, configuration drift detection, and secure offboarding.

Identity, access & SaaS governance

• Lead day-to-day identity and access management (IAM) across Google Workspace, HRIS/SSO, Salesforce, Slack, Atlassian, and other core apps.
• Implement and drive RBAC and least‑privilege models, including role profiles by function and regular access reviews, in partnership with IT leadership.
• Partner with functional owners on SaaS vendor onboarding, risk reviews, renewals, and entitlement rationalization.
• Design and refine automated workflows (e.g., via HRIS/IdP/IT tooling) for joiner/mover/leaver processes.

Security, compliance & risk

• Act as a primary IT owner for controls related to:
  • Endpoint security (MDM/EDR, patching, disk encryption, USB/removable media policies).
  • Identity security (MFA enforcement, SSO, conditional access, OAuth governance).
  • Corporate SaaS hardening (admin roles, audit logs, configuration baselines).
• Execute against the IT compliance framework defined by IT leadership, helping to maintain controls and documentation needed for SOC 2 / SOC 1 / privacy and related frameworks.
• Collaborate with auditors and internal stakeholders to provide evidence, help identify and close gaps, and support readiness for security and compliance audits and assessments.
• Help drive vulnerability management remediation across endpoints and IT‑managed services; prioritize and track remediation in partnership with Dev Services and Engineering.
• Participate in incident response for account compromise, device loss, suspicious activity, or vendor breaches, including root cause analysis and follow‑up improvements.
• Support responses to customer questionnaires around security and compliance of our products, in partnership with IT leadership.
• Maintain an awareness of potential risks and vulnerabilities across Nue’s systems, and proactively raise and address gaps as they arise.

IT operations, automation & support

• Serve as the primary point of contact for support for all employees and senior escalation point to other IT team members for complex IT issues (identity/SSO, access, networking, device security).
• Design and implement automation and scripts to reduce manual toil across IT workflows.
• Maintain and improve internal IT documentation, runbooks, and standards, ensuring they’re usable by both IT peers and business stakeholders.
• Provide input into IT capacity planning (licenses, hardware refresh, key platforms) by surfacing trends, usage data, and technical recommendations to the Director, IT.
• Implement and monitor logging and alerting systems for critical services to enable proactive support and incident detection.

Leadership & mentorship

• Mentor other IT team members (including interns or junior engineers) on best practices, troubleshooting approaches, and security‑minded thinking.
• Model strong communication with stakeholders; help translate technical tradeoffs into clear options and recommendations.
• Influence and execute on IT projects and initiatives that align with security posture, audit requirements, and company growth, under the direction of IT leadership.

What You’ll Bring:

• 5+ years in corporate IT engineering, systems administration, or similar roles in a SaaS or high‑growth technology environment.
• Deep hands‑on experience with:
  • Identity/SSO and user lifecycle (e.g., Google Workspace, Okta/Rippling or equivalent IdPs, SCIM/SAML/OIDC concepts).
  • Endpoint management at scale (MDM/EDR, OS hardening, patching, secure baselines).
  • Administration of a modern SaaS stack (productivity, collaboration, ticketing/ITSM, monitoring/logging, etc.).
• Strong understanding of security and compliance frameworks (e.g., SOC 2, SOC 1, ISO 27001) and how IT controls support them.
• Proven experience implementing or improving:
  • Access reviews and entitlement recertifications.
  • Device and asset lifecycle processes.
  • Change management and documentation around IT changes.
• Excellent troubleshooting skills across layers (user/device → network → SaaS/IdP), with a bias toward root cause analysis and durable fixes.
• Strong written and verbal communication skills; ability to produce clear runbooks, SOPs, and audit‑ready documentation.

Bonus Points (optional):

• Experience contributing directly to security questionnaires, customer/vendor risk assessments, or audits.
• Familiarity with SIEM or security analytics tools and how IT telemetry feeds them.
• Experience in a distributed or remote‑first organization where async and documented processes are critical.
• Prior mentorship or informal leadership responsibilities within an IT or SecOps team.

Location & Work Style:

• Preferred: Ability to work in a North American time zone with strong overlap to Pacific Time.
• Remote‑friendly, with occasional travel for team meetings or company events as needed.

Compensation

What We Offer:

• Competitive compensation and benefits that reward your talent and impact.
• Comprehensive health, vision, dental, and life insurance 
• A front-row seat in the Silicon Valley tech ecosystem, where you’ll work on cutting-edge challenges shaping the future of SaaS, finance, and payments.
• The opportunity to build truly groundbreaking products — your work won’t just support the business; it will influence how companies around the world monetize and grow.
• A high-energy, collaborative culture where smart, supportive teammates push each other to learn fast, think boldly, and do the best work of their careers.
• Room to grow, lead, and make your mark in a fast-scaling company that values creativity, ownership, and ambition.