Enterprise IT & Tech Support Admin

We are looking for an Enterprise IT & Tech Support Administrator to be the backbone of our internal technology infrastructure. This is a hands-on, high-ownership role that spans the full IT stack — from unboxing and provisioning a new employee's laptop on their first day, to architecting SSO integrations that keep our HIPAA-compliant environment secure and audit-ready.

You will be the go-to person for everything that keeps our team connected, productive, and protected. That means owning device management, administering Google Workspace and Atlassian tools, managing VPN and network access, and ensuring our identity and access management practices meet the rigorous standards of a healthcare technology company. You are not just a helpdesk — you are a strategic infrastructure partner to every team in the organization.

The ideal candidate is someone who takes deep pride in a well-run IT environment, proactively identifies gaps before they become incidents, and understands that in a HIPAA-regulated company, IT security and compliance are never an afterthought.

WORKING IN A HIPAA-REGULATED ENVIRONMENT

This role operates within a HIPAA-covered entity. Every system you administer — from endpoint devices and VPN configurations to Google Workspace and SSO integrations — sits within our compliance boundary. You will be expected to understand the security and access control implications of your work, support audit readiness, and help enforce policies that protect PHI. Prior experience in a regulated healthcare or life sciences IT environment is a genuine advantage here, not just a checkbox.

TOOLS & SYSTEMS

Jamf Pro / Intune, Google Workspace, Okta / Azure AD, JIRA / Confluence, Tailscale / Cisco VPN, macOS / Windows, SCIM Provisioning, SAML 2.0 / OIDC, Slack / G Suite, GitHub / GitLab, HIPAA Controls, DLP Policies, Asset Management, MFA / YubiKey

KEY RESPONSIBILITIES

• Own the full device lifecycle — procurement, imaging, configuration, provisioning for new hires, and secure decommissioning for offboarded employees — across macOS and Windows environments.
• Administer the company's MDM platform (Jamf Pro or Microsoft Intune) to enforce security policies, manage software deployment, maintain patch compliance, and execute remote wipe procedures.
• Manage Google Workspace at the admin level — user accounts, organizational units, group policies, Drive sharing controls, Gmail routing rules, DLP configurations, and audit log monitoring.
• Administer and continuously improve the company's SSO environment (Okta, Google SSO, or Azure AD) — including SAML/OIDC application integrations, SCIM provisioning, MFA enforcement, and directory sync with downstream tools.
• Manage VPN infrastructure — configure and maintain secure remote access (Tailscale, Cisco AnyConnect, or equivalent), onboard users, enforce access policies, and monitor for anomalies.
• Serve as the primary Atlassian administrator for Jira and Confluence — manage users, groups, permission schemes, project configurations, automation rules, and integrations with GitHub, Slack, and SSO providers.
• Enforce HIPAA-aligned IT security controls — including access review cadences, minimum necessary access principles, audit trail maintenance, and timely response to access anomaly alerts.
• Serve as the primary IT support contact for all employees — triage and resolve hardware, software, and connectivity issues with urgency and professionalism, maintaining an internal ticket SLA.
• Maintain accurate IT asset inventory and documentation — hardware specs, software licenses, renewal calendars, and configuration runbooks that any team member can follow.
• Collaborate with engineering, operations, and HR on new hire onboarding and employee offboarding — ensuring accounts are provisioned and deprovisioned accurately and on time, every time.
• Contribute to security incident response — document events, contain access risks, coordinate with leadership, and support post-incident reviews to close gaps.

REQUIRED QUALIFICATIONS

• 3+ years of experience in an IT Administrator, Systems Administrator, or IT Support Engineer role with demonstrated ownership across multiple domains (not just helpdesk ticketing).
• Hands-on MDM administration experience — Jamf Pro for macOS environments is strongly preferred; Microsoft Intune experience also valued. Comfortable deploying configuration profiles, managing compliance policies, and handling escalated device issues.
• Google Workspace administration proficiency — beyond basic user management, including OU structure, group policy design, DLP, Vault, and audit reporting.
• SSO and identity management experience — practical implementation of SAML 2.0 or OIDC integrations, SCIM-based provisioning, and MFA policy enforcement in Okta, Azure AD, or Google Identity.
• VPN administration experience — configuration, user onboarding, access policy management, and basic network troubleshooting (Tailscale, Cisco, WireGuard, or similar).
• Atlassian administration experience (Jira and Confluence) — user and group management, permission schemes, project templates, and workflow configuration.
• Working understanding of HIPAA Security Rule requirements as they apply to IT systems — access controls, audit logs, encryption standards, and workforce security policies.
• Strong documentation habits — you write runbooks, maintain asset registers, and leave things better than you found them.
• Excellent interpersonal and communication skills — you are the face of IT for the entire company and need to balance technical precision with approachability for non-technical colleagues.

PREFERRED QUALIFICATIONS

• Strong Plus — Industry experience: 

Prior IT administration experience in a MedTech, Pharmaceutical, Clinical Research, or Hospital Technology company — particularly within a HIPAA-covered entity or SOC 2-certified environment — is a significant differentiator. Experience supporting IT audits, BAA management, or security risk assessments is highly valued.

• Experience configuring and managing hardware security keys (YubiKey or similar) for phishing-resistant MFA enforcement across a distributed workforce.
• Familiarity with endpoint detection and response (EDR) tools such as CrowdStrike, SentinelOne, or Jamf Protect.
• Scripting ability in Bash, Python, or PowerShell for automating repetitive IT tasks, account provisioning workflows, or compliance reporting.
• Experience with IT service management platforms (Zendesk, Freshservice, or Jira Service Management) including SLA configuration and reporting.
• Exposure to network infrastructure basics — DNS, DHCP, firewall rules, VLAN segmentation — even if not the primary network admin.
• CompTIA Security+, Google Workspace Administrator, Jamf Certified Associate, or Okta Certified Administrator certification is a plus.
• Experience supporting a distributed or fully remote workforce with async-first IT support processes and comprehensive remote onboarding workflows.