IT Manager
130k – 200kSan Francisco, CAOnsite3+ YOE
Summary
Own internal IT and security operations end-to-end as the company's first dedicated IT hire. Manage Mac fleet, SaaS/identity stack, help desk, compliance (SOC 2), and on-prem network security.
About the role
Responsibilities
- Own device management across primarily Mac/Apple fleet: provisioning, MDM, disk encryption, patch management, onboarding/offboarding
- Administer Google Workspace and wider SaaS/identity stack (SSO, MFA, SCIM provisioning), enforcing least-privilege access and running regular access reviews
- Stand up and run the help desk and day-to-day support; build workflows, set tooling, keep employees unblocked
- Maintain security hygiene: MFA, encryption, access reviews, application inventory, install/allowlisting policies
- Own right-sized compliance program (SOC 2 or similar): policy authorship, control implementation, evidence collection, audit support
- Audit installed software across fleet to identify and minimize attack vectors
- Secure and tune local network and on-prem infrastructure: firewalls, VPN, Wi-Fi, segmentation, office network performance and security
- Build security and compliance from first principles, right-sizing controls to company stage
- Manage IT vendors and/or external MSP: scope what to outsource vs. keep in-house, select partners, own relationships and SLAs
- Evaluate, procure, and manage IT and security tooling; own function budget
Requirements
- 3+ years in a hands-on IT role, with experience as the first or second dedicated IT hire at a top-tier startup or similarly high-performing organization
- Hands-on experience managing a Mac/Apple-based device fleet (MDM, encryption, patch management) and supporting macOS day to day
- Familiarity with Google Workspace administration and the wider SaaS/identity stack (SSO, MFA, SCIM provisioning)
- Practical experience securing and tuning on-prem and local networks: firewalls, VPNs, segmentation, and wireless
- Experience building or supporting a compliance program (SOC 2 / ISO 27001 / similar) without over-building it
- Experience managing IT vendors and MSPs, including scoping what to outsource and holding partners to SLAs
- Comfort owning a function as an individual contributor: self-directed, organized, able to set priorities and drive work independently
- Excellent communication, including ability to work directly with executive-level stakeholders
Nice-to-Haves
- Familiarity with Rippling for MDM, IT services, and SSO/SCIM provisioning
- Engineering or scripting skills for tooling and workflow automation
- Experience building IT systems from scratch (0 to 1) at an early-stage company
- Relevant certifications (Security+, CISSP, CISM, or equivalent)
- Familiarity with incident response and vulnerability management in practice
Skills
MDMmacOSGoogle WorkspaceSSOMFASCIMSOC 2firewallsVPNnetwork segmentationIT vendor managementcompliancehelp deskdevice provisioningpatch management
Similar roles at this salary range
All IT Support jobs →Senior IT Systems Engineer
Systems Engineer responsible for evolving IT infrastructure with focus on identity & access management, endpoint management, security, compliance, and enterprise email deliverability using AWS, Okta, and automation platforms.
142k – 237kSan Francisco, CAIT SupportHybrid7+ YOEAWSOkta
Data Center Operations Coordinator
Coordinate break/fix activities, ticket management, vendor dispatches, and operational reporting across multiple data centers to maintain uptime and fast issue resolution. Requires data center operations experience and hardware knowledge.
150k – 200kSan Francisco, CAIT SupportOn-siteJiraITIL