tempo-xyz - IT Systems Engineer (Europe)

• 4+ years in IT engineering roles • Hands-on Okta administration: SSO, SCIM, SAML/OIDC integrations, lifecycle policies, Okta Workflows. Understands HRIS-as-source-of-truth (Rippling or similar) • Production Jamf Pro experience: PreStage enrollment, configuration profiles, software update management, certificate distribution. macOS-first • Deployed and operated an EDR platform (SentinelOne or comparable) — policy tuning, MDM deployment, alert triage • Strong scripting (Python/Bash/Go preferred), comfortable with REST APIs, webhooks, JSON, auth flows, and event-driven workflows • Git-based config management, CI/CD pipelines (GitHub Actions), Terraform or equivalent • Solid grasp of DNS, certificates/PKI, ZTNA (Tailscale or similar), and modern access control models • Crypto/blockchain security exposure — multisig/hardware-wallet workflows (Fireblocks or similar), phishing/lookalike-domain campaigns, high-value signer threat models • Detection-as-code: SIEM detections as version-controlled rules (Panther Python models, Sigma, or equivalent) • Apple platform depth beyond basic Jamf — DDM, MDM protocol internals, notarization/signing/packaging, macOS security frameworks (TCC, system extensions) • Mapped controls to SOC 2, ISO 27001, NIST CSF, or CIS — understands what audit-ready evidence looks like • Built Slack-driven workflows, bots, or self-service internal tooling • Public open-source contributions to IT/security tooling