Job Description
Reports to: IT Manager
Location: Hybrid / Washington DC Metro Area
Clearance Requirement: Must be a U.S. Citizen eligible for security clearance
About Istari Digital
Istari Digital is a government and commercial contracting company that partners with leading defense organizations on classified and ITAR-regulated data projects. We operate in a fast-paced, security-first environment where reliability, compliance, and innovation go hand in hand.
The Role
We’re looking for a Staff IT Engineer to take ownership of our enterprise device management, SaaS ecosystem, systems integrations, and security tooling. This is a senior individual contributor role with high visibility — you’ll be the go-to person for keeping our identity, endpoint, and automation infrastructure running smoothly while supporting our DevOps and cybersecurity compliance posture. If you like building things that scale and hate doing the same manual task twice, you’ll fit right in.
Core Responsibilities
Endpoint & MDM Management
Own end-to-end device lifecycle management across macOS and Windows using JumpCloud MDM, including enrollment, configuration profiles, and policy enforcement
- Maintain STIG-hardened endpoint configurations and ensure continuous compliance across the device fleet
Manage hardware provisioning, and offboarding/wipe procedures for both hardware and software accounts
Configure and enforce patching at the OS level and application level
Implement and maintain least privileged access across our ecosystem and conditional / geolocation based access to sensitive resources
Identity, Access & SaaS Integrations
Administer JumpCloud directory services including SSO, SCIM provisioning, LDAP, and MFA policy enforcement
Build and maintain integrations between JumpCloud and downstream SaaS platforms (Google Workspace, GitHub Enterprise, Atlassian, AI tooling, and others)
Own user lifecycle automation — provisioning, role changes, and offboarding — across many enterprise platforms
Manage Google Workspace administration including shared drives, email authentication (SPF/DKIM/DMARC), group policies, and organizational units
Build scripts and workflows (Python, Bash, PowerShell, Google Apps Script, or similar) to automate repetitive IT tasks
DevOps & Cloud Infrastructure
Assist in build and implementation of CI/CD pipelines with integrated security tooling (example tooling: SonarQube, Github Copilot, CrowdStrike Falcon Cloud Security, Snyk, Jfrog)
Manage AWS infrastructure including EC2, IAM policies, networking, and GovCloud environments to ensure continuous compliance with government NIST 800-171 requirements.
Administer GitHub Enterprise including repository management, branch protection policies, and access controls
Cybersecurity Tooling & Compliance
Administer and tune SEIM / EDR tooling for endpoint detection, cloud security, and logging operations
Support CMMC Level 2, NIST 800-171, and FedRAMP compliance efforts including evidence collection and control documentation
Required Qualifications
10+ years of experience in IT engineering, systems administration, or a related discipline — with a track record of owning complex technical initiatives end-to-end
Deep hands-on experience with JumpCloud or a comparable IDaaS/MDM platform (Okta, Azure AD, Jamf, or similar), including SSO, SCIM, and endpoint policy management
Strong experience managing macOS and Windows endpoints at scale, including hardened configurations in regulated environments
Proficiency with Google Workspace administration across user lifecycle, shared drives, and email authentication
Solid scripting skills in at least one language (Python, Bash, PowerShell, or similar) with the ability to translate manual processes into repeatable automation
Exceptional documentation skills — you write SOPs, runbooks, and technical guides that people actually use, and you treat documentation as a deliverable, not an afterthought
Proven ability to work autonomously in a fast-paced environment, self-prioritize across competing demands, and drive projects to completion with minimal hand-holding
A demonstrated appetite for picking up new tooling quickly — you’re comfortable being handed something unfamiliar and figuring it out
Strong cross-functional collaboration skills, with experience coordinating technical work across multiple teams or stakeholders
U.S. Citizenship
One or more relevant certifications aligned to the DoD Cyber Workforce Framework (DoDM 8140.03), such as:
CompTIA Security+, CySA+, or Network+
ISC2 SSCP or CISSP
GIAC GSEC or GCED
AWS Solutions Architect or AWS Security Specialty
Cisco CCNA or CCNP Security
Preferred
Experience working in ITAR, FedRAMP, CMMC, or other regulated/compliance-driven environments — candidates from adjacent regulated industries are also encouraged to apply
Hands-on experience with SaaS management platforms (Zylo, Torii, BetterCloud, or similar) or IT asset management tooling
Working knowledge of NIST 800-171, NIST 800-53, or similar compliance frameworks — bonus points if you’ve contributed to SSP documentation or audit evidence packages
A habit of leaving things better documented than you found them — whether that’s a runbook, a wiki, or an architecture diagram
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
