IT Operations Engineer

Trail of Bits is a cybersecurity firm of ~100 people across 14+ countries fully remote since our founding in 2012. We conduct security audits build research tools and set standards the industry adopts. Our clients include the largest tech companies financial institutions and government agencies.

The Role

Trail of Bits seeks an IT Operations Engineer to own and evolve our internal IT infrastructure security compliance and employee technology experience.

Here's what makes this different from IT at most companies: our workforce is security researchers and engineers. They audit the cryptographic protocols that protect financial infrastructure build open-source security tools used across the industry and assess the security of systems trusted by millions of users. They have strong specific opinions about how corporate IT should be configured -- and they're usually right. Your job is to listen to that expertise implement it reliably and build the automation and tooling that keeps our systems in a state that matches the standards we set for our clients. You'll take technical direction from people who deeply understand the threat landscape and you'll exercise your own initiative to build improve and automate everything you touch.

Our IT infrastructure has scaled with the company over 14 years and like any growing organization it needs someone who can assess what's in place strengthen the foundations and build from there. Your first priority will be understanding the environment end-to-end -- auditing what's deployed against what's documented establishing operational discipline across our toolchain and closing gaps. Once the foundation is solid you'll build the automation and self-service tooling that takes our operations to the next level.

This is a builder role with high accountability. You'll write production-quality code -- not just scripts that work but tools that scale. You'll automate repetitive tasks build self-service tooling and promote consistent seamless experiences for a fully remote and globally distributed team. You'll also be responsible for endpoint management SaaS administration security compliance and cloud infrastructure.

The ideal candidate possesses a "no task too small no task too big" attitude proactively owns and solves problems and thrives working autonomously as the primary IT person for a deeply technical team. You should be comfortable balancing initiative -- you see the gap and close it -- with the discipline to take direction document transparently and never cut corners on process.

This role is open to candidates authorized to work in the United States.

What You'll Achieve

Endpoint Device Management

• Test deploy and maintain MDM solutions (Jamf Pro) and endpoint security tools (CrowdStrike Falcon iVerify)
• Our fleet is primarily macOS (~100 devices) with additional Windows and Linux endpoints driven by the diversity of our client and research work. Expert-level macOS management is the foundation; candidates with multi-OS experience will thrive given the breadth of our engagements.
• Maintain strict parity between the configuration repository and what is deployed across the fleet. The repo is the source of truth -- drift between documented and deployed state is unacceptable.
• Manage Apple Business Manager device lifecycle (ordering provisioning recovery) and automated onboarding/offboarding workflows
• Enforce macOS update policies and patch management across the fleet

Identity & Access Management

• Manage identity and access across the SaaS ecosystem including Google Workspace (with Context-Aware Access) 1Password Microsoft Entra GitHub Slack and other platforms
• Set up and integrate new systems with SSO (SAML OIDC OAuth 2.0)
• Enforce account lifecycle hygiene: provisioning on day one prompt suspension on departure regular audits of authorized devices and access
• Maintain organizational systems for credential management -- vaults naming conventions cross-references

Security & Compliance

• Maintain SOC 2 compliance posture and manage compliance automation platforms (Vanta)
• Respond to client security questionnaires and provide compliance documentation for engagements across government defense and enterprise sectors
• Manage endpoint detection and response (CrowdStrike Falcon) network canaries (Thinkst) email security (Material Security) and mobile device verification (iVerify)
• Proactively maintain security posture through vulnerability scanning configuration audits and patch management
• Monitor for and respond to supply chain threats -- package manager attacks extension supply chain risks dependency vulnerabilities -- with real-time detection where possible
• Write and maintain security policies runbooks and documentation

Cloud Infrastructure

• Manage and rationalize cloud infrastructure across GCP and other providers -- understand what's running why what it costs and whether it should still exist
• Maintain accurate inventory eliminate waste and enforce least-privilege access for service accounts and cloud IAM
• Develop reporting to monitor fleet health compliance state and infrastructure costs

Automation & Tooling

• Automate repetitive tasks across the company through scripting and custom tooling
• Build internal tools to improve employee self-service
• Maintain and extend workflow automation and internal tooling infrastructure
• Manage developer tooling governance: Claude API access VS Code extension security GitHub organization administration and Advanced Security
• Evaluate and implement new technologies to improve operational efficiency -- with rigorous vetting. In an era of AI-generated and AI-adjacent tooling we hold ourselves to a higher standard for what enters our environment. Every tool integration and dependency must be evaluated for security posture before adoption.

Documentation & Transparency

• Document every configuration script and policy change in GitHub and public Slack channels. Anyone in the organization should be able to understand what is running on their machine at any given time.
• Work visibly. Planned changes announced in advance coverage gaps flagged early status always obvious. Leadership should never have to ask what's happening in IT.
• Maintain the IT scripts and configuration repository as the single source of truth for what is deployed across the fleet.

Technical Support & Availability

• Provide technical support and guidance to employees in a remote-first environment via Slack
• Provide coverage for critical issues outside standard business hours -- password resets account lockouts and urgent security events cannot always wait for Monday
• Review code contributions to IT repositories and provide meaningful technical feedback
• Identify security events and integrate alerting processes into Slack

Why This Role Matters

At most companies IT security is a checkbox exercise. At Trail of Bits our internal security posture is an extension of our reputation. Our employees audit critical infrastructure for the world's most targeted organizations -- they notice when their own company's systems fall short. Nation-state adversaries have real reasons to target a firm like ours. The IT Operations Engineer is the person who ensures that our internal systems are as resilient as the standards we set for our clients.

When you do this well 100 people across 14 countries work without friction leadership never has to intervene in IT and our own house is in order -- visibly provably and at all times.

Experience

• Significant experience in IT Operations DevOps or Systems Administration -- we care more about what you can demonstrate than how many years you've been doing it
• Strong background in endpoint management using MDM systems or open-source tools
• Previous experience as the primary or solo IT person at a company
• Experience inheriting and improving existing infrastructure -- not just greenfield builds

Programming & Automation

• Strong programming skills in Python and Bash
• Comfortable writing production-quality scripts and tools that scale not just code that works
• Experience automating workflows and building internal tooling
• Able to review others' code and provide constructive technically grounded feedback

Endpoint & Platform Expertise

• Expert-level macOS administration experience with deep familiarity with MDM system configuration and endpoint management
• Experience managing Windows and Linux devices

Identity & Access Management

• Experience with authentication and access control protocols including OAuth 2.0 SAML FIDO/U2F TOTP/HOTP and other multi-factor authentication methods
• Experience with Google Workspace administration 1Password or similar credential management and identity providers (Entra or similar)

Cloud Infrastructure

• Experience managing cloud infrastructure on AWS Azure or GCP
• Demonstrated ability to audit rationalize and optimize cloud environments -- not just provision new resources

Compliance & Security

• SOC 2 compliance knowledge required
• Experience responding to client security questionnaires and providing compliance documentation
• Familiarity with NIST SP 800-171 NIST SP 800-53 CMMC or FedRAMP is a plus
• Experience with vulnerability scanning and patch management processes
• Familiarity with zero-trust security architectures is a plus

Communication & Organization

• Excellent written communication skills -- you'll write documentation runbooks and security policies that others rely on
• Strong organizational skills and ability to manage multiple priorities independently
• Comfortable providing support and guidance to a remote technical workforce
• Systems thinker: you diagnose root causes not just symptoms and build processes that prevent recurrence

Nice to Have

• Background working at a cybersecurity or security-focused organization
• Experience with infrastructure-as-code
• Experience inheriting and stabilizing IT environments during periods of organizational growth or transition

• Competitive salary commensurate with experience
• Comprehensive health insurance
• Equipment budget
• Professional development
• Flexible PTO

What We Do

Deepening the Science of Security Founded in 2012 by 3 expert hackers with no investment capital Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest and most challenging risks. It has helped secure some of the world's most targeted organizations and devices. Our combination of novel research with practical solutions reduces the security risks that our clients face from emerging technologies. Our work helps drive the security industry and the public understanding of the technology underlying our world. Cybersecurity preparedness is a moving target. Companies like ours are the tip of the spear in the fight against attackers. Our research-based and custom-engineering approach ensures that our client’s capabilities are at the forefront of what’s available. For companies and technologies that live and die by their security a proactive tailored approach is required to keep one step ahead of attackers. Democratizing security information is essential. As part of our business we provide ongoing informational support through blogs whitepapers newsletters meetups and open-source tools. The more the community understands security the more they’ll understand why a company like ours is so unique and valuable.

Why Work With Us

At Trail of Bits our 100+ global team members are the core of a remote-first people-centric culture. Emphasizing autonomy and trust we offer flexible work and meaningful benefits supporting diverse talents in pursuing innovation and well-being.

Gallery