Senior IT Engineer

About the role

We’re hiring a Senior IT Engineer to own and scale Truffle’s corporate IT and security infrastructure with a security-first mindset. This is a high-impact, hands-on role responsible for ensuring our systems, endpoints, identity platforms, and employee tooling remain secure, reliable, and scalable as the company grows.

You’ll serve as the primary IT owner for the organization, partnering closely with internal teams to deliver an exceptional employee experience while maintaining a strong security and compliance posture. This role is ideal for someone who thrives in a fast-moving startup environment, enjoys building automation-first systems, and has deep experience managing Apple/macOS environments. Your work will directly impact our ability to operate efficiently while maintaining a strong security posture.

What you'll be working on

Corporate IT & Endpoint Management

• Own and manage Truffle’s corporate IT infrastructure, including identity systems, endpoints, SaaS applications, and access controls
• Administer and scale a primarily macOS-based environment across the company
• Manage Apple device lifecycle operations, including provisioning, deployment, maintenance, and decommissioning
• Own and optimize Apple MDM infrastructure (currently Kandji)
• Troubleshoot complex endpoint and employee IT issues and serve as the primary escalation point for internal support

Identity & Access Management

• Manage identity provider (IdP) infrastructure and corporate authentication systems
• Administer Okta integrations, Device trust, SSO policies, MFA, and access provisioning workflows
• Maintain secure access lifecycle management across onboarding, offboarding, and role changes
• Partner with Rippling and other business systems to improve automation and employee provisioning workflows

Automation & IT Operations

• Build and improve automation across IT operations and employee lifecycle management
• Continue evolving existing onboarding/offboarding automation workflows
• Evaluate, implement, and optimize modern IT and security tooling
• Create and maintain clear documentation, operational runbooks, and scalable internal processes
• Provide responsive, service-oriented support to employees across the company and help foster a secure, productive work environment

Security & Compliance

• Support and coordinate SOC 2 compliance activities and audit readiness efforts
• Contribute to corporate security initiatives, including policy management, security best practices, and risk reduction efforts
• Partner cross-functionally to strengthen Truffle’s overall security posture
• Assist with light corporate security responsibilities and operational security tasks

What we're looking for

• 5+ years of experience in IT engineering, systems administration, or corporate IT infrastructure roles
• Strong experience managing macOS environments at scale
• Hands-on experience with Apple MDM platforms such as Kandji, Jamf, or similar tools
• Experience managing identity and access platforms such as Okta, Google Workspace, or Azure AD
• Experience supporting SaaS application management, SSO, and access provisioning workflows
• Strong troubleshooting skills across endpoints, identity systems, and corporate tooling
• Familiarity with SOC 2 or similar compliance/security frameworks
• Strong communication and people skills with a customer-service mindset for internal employee support
• Ability to operate independently as a highly autonomous, team-of-one IT function

Bonus points

• Experience building automation-heavy IT environments
• Exposure to EDR, device compliance, and endpoint security tooling
• Experience managing direct Apple Business/enterprise procurement workflows
• Prior experience balancing IT operations with light security/compliance ownership.

Salary Range: The target base salary range for this position is between $123,000-$170,000 for candidates in the United States. Starting salary will vary based on job-related skills, knowledge, and experience. Leveling will be determined during the interview process. You may also be offered a bonus, stock options, and benefits. These salary ranges are subject to change, and we encourage candidates outside of this salary range to apply.