#vacancy #удаленка #fulltime #devops #ai
IT Systems Engineer
Hi! We are "Aspirity Solution", a development studio that has been creating web and mobile applications, no-code solutions, and AI agents for a wide range of clients for 10 years. We are currently looking for an IT Systems Engineer for our partner's team.
Important ‼️
- Work schedule is oriented towards the PT (USA, Washington) time zone
- Located outside of Russia/Belarus
- English B2–C1 conversational
- Remote format, full-time
- $20 to $25 per hour net
About the role:
This is a hands-on generalist role: you need to be confident working in admin consoles, the terminal, tickets, and documentation. There will be some scripting and automation, but this is not a full-time software engineering position — it's an IT engineering role for someone who wants to make IT processes reliable, secure, and convenient for the entire team.
What you will be doing:
- Identity, SSO & Access Management
- Configure and maintain SSO integrations via SAML, OIDC, SCIM.
- Administer identity providers and maintain access order.
- Create, modify, and disable employee accounts.
- Manage groups, roles, and permission boundaries.
- Process access requests, verify approvals, and document the reasons for granting access.
- Participate in regular access reviews.
- Onboarding & Offboarding
- Prepare accounts, tools, equipment, and access for new employees before their first day.
- Help new employees understand IT tools.
- Conduct clean and verifiable offboarding: revoke access, return assets, preserve data according to policy, and close the process with People Ops.
- IT Administration & Productivity Systems
- Administer Google Workspace, Slack, identity providers, MDM, password managers, and other SaaS tools.
- Be the first line of support for employees on IT issues.
- Resolve, escalate, and document IT incidents and requests.
- Security Controls & Monitoring
- Maintain basic security controls: MFA, conditional access, least privilege.
- Monitor security tooling, alerts, and anomalies.
- Perform initial triage and escalation of security events.
- Help maintain an audit-ready state: access, changes, reviews, and documentation.
- Automation & Scripting
- Automate repetitive tasks using Python, Bash, TypeScript, or other tools.
- Work with SaaS APIs.
- Create small internal tools and improve runbooks.
- Eliminate manual and inconvenient processes wherever possible.
What we expect:
- 1–3 years of experience in IT engineering, IT operations, systems administration, or a similar role. Internships and strong pet/side projects are acceptable.
- Understanding of SSO and identity concepts: SAML, OIDC, SCIM, MFA.
- Understanding the difference between authentication and authorization.
- Confident terminal usage.
- Experience with at least one scripting language: Python, Bash, or similar.
- Ability to write, test, and commit code via git.
- Security-first mindset: understanding of least privilege, the importance of audit trails, and secure credential management.
- Strong written communication skills: ability to explain a solution to a non-technical user and document processes clearly.
- Responsible approach: if something is broken, figure it out, drive it to completion, and close the issue.
Will be a plus:
- Experience with identity providers: Okta, Google Cloud Identity, or similar.
- Experience administering Google Workspace.
- Experience working with Slack / Teams.
- Knowledge of SaaS security tooling, SIEM, or endpoint detection: CrowdStrike, SentinelOne, Sumo Logic, Datadog, or similar.
- Understanding of SOC 2, ISO 27001, HIPAA.
- Experience with infrastructure-as-code / configuration-as-code: Terraform, Ansible, or similar tools.
- Basic experience with AWS, GCP, or Azure and IAM in the cloud.
