San Francisco, CA Hybrid Full-time USD 110,000 – 165,000 / year

Amplitude is hiring a Senior IT Engineer

Responsibilities

  • Own and evolve Amplitude's IT automation platform with Okta Workflows as the primary engine.
  • Design and deliver reliable, scalable automations across onboarding and offboarding, access provisioning, SaaS license management, and compliance workflows.
  • Architect solutions with a high bar for maintainability and documentation, not one-off scripts.
  • Own the full Okta configuration surface, SSO integrations, SCIM provisioning, group rules, adaptive MFA, RBAC lifecycle automation, and access review workflows in Lumos.
  • Debug the full federation layer including attribute mapping, JIT provisioning, and SCIM reconciliation.
  • Maintain production-grade configurations across the fleet.
  • Design, implement, and troubleshoot complex SAML 2.0 and OIDC integrations across enterprise SaaS applications.
  • Understand both the SP and IdP sides of federation deeply, including attribute statements, assertion mapping, binding types, token claims, and PKCE flows.
  • Own the integration from initial configuration through ongoing reconciliation and incident triage.
  • Administer macOS device management at scale via Kandji, including zero-touch provisioning, Blueprint and Library Item configuration, software deployment, and security policy enforcement.
  • Maintain fleet compliance through automated checks.
  • Diagnose complex endpoint issues without escalation.
  • Have familiarity with Jumpcloud for Windows devices.
  • Champion AI adoption within IT, identifying high-value automation opportunities.
  • Evaluate AI-native and low-code tooling.
  • Build agentic workflows that augment IT service delivery.
  • Use LLMs to accelerate work (drafting runbooks, triaging issues, summarizing access reviews).
  • Build AI-powered automations where they create real leverage.
  • Own Google Workspace administration, including directory configuration, group management, Drive and sharing policy enforcement, DLP settings, and audit log triage.
  • Maintain clean provisioning and deprovisioning integration between Workspace and Okta.
  • Support SOC 2 evidence collection and access review workflows.
  • Build and maintain automated pipelines that surface access anomalies, generate reviewer-ready reports, and track remediation to closure.
  • Understand the compliance surface and own operational execution without hand-holding from GRC.
  • Own the full onboarding and offboarding lifecycle end-to-end - from Day 1 provisioning through final access termination - across Okta, Google Workspace, Kandji, and the broader SaaS stack.
  • Design and maintain automated workflows ensuring every joiner, mover, and leaver is handled consistently, completely, and on time.
  • Understand how lifecycle gaps create compliance risk, orphaned accounts, lingering elevated access, missed deprovisioning, and build controls and audit trails to close those gaps.
  • Work closely with People Ops and IT Security to align lifecycle triggers with HR systems.
  • Enforce role-based provisioning via SCIM and group rules.
  • Produce evidence needed for SOC 2 and access review cycles.
  • Manage the lifecycle of Amplitude's corporate SaaS stack, vendor onboarding integrations, license optimization, app security reviews, and offboarding automation.
  • Maintain up-to-date documentation, runbooks, and operational playbooks for every platform owned.
  • Partner with IT Security, Engineering, People Ops, and Finance to deliver high-impact projects.
  • Communicate clearly with both technical and executive audiences on project status, risk, and outcomes.

Requirements

  • 5–8+ years in IT systems engineering, with hands-on depth in at least three of: Okta/IdP administration, SAML/OIDC federation engineering, macOS endpoint management (Kandji or Jamf), Google Workspace administration, IT automation and integration, or SOC 2/compliance operations.
  • Built net-new SAML 2.0 and OIDC integrations from scratch on both the SP and IdP sides.
  • Can debug assertion failures, fix attribute mapping mismatches, troubleshoot SCIM sync errors, and own the full federation lifecycle without escalating to a vendor or another engineer.
  • Demonstrated track record of building multi-step, multi-system automation workflows with measurable business impact.
  • Okta Workflows experience is strongly preferred.
  • Design for maintainability, not just function.
  • Comfortable writing Python, Bash, or equivalent to extend low-code platforms, build lightweight tooling, or debug integration issues.
  • Can move quickly without looping in engineering.
  • Actively use AI tools (Claude, Copilot, or similar) to accelerate your own work.
  • Have built or designed AI-powered automations or agentic workflows.
  • Genuine curiosity about where LLMs and AI-native tooling create leverage in IT operations is a hard requirement, not a nice-to-have.
  • Work through ambiguous problems independently from initial triage through remediation and documentation.
  • Do not wait for perfect requirements.
  • Strong cross-functional collaboration skills.
  • Able to translate complex technical decisions for non-technical stakeholders and work effectively with Legal, People, Security, and Engineering.

Nice to Have

  • Deep Okta Workflows experience including complex branching, error handling, and cross-app orchestration.
  • Experience with enterprise iPaaS platforms (Workato or equivalent) in addition to Okta Workflows.
  • Familiarity with AI tool governance - acceptable use policies, connector security reviews, and data classification in AI contexts.
  • Experience supporting M&A technical integrations or cross-tenant identity migrations.
  • Zero-trust architecture patterns, CASB/SSPM tooling, or ZTNA experience.
  • Certifications in Okta, Kandji, or Google Workspace.
  • Prior experience at a high-growth tech company with a lean IT team and large scope.
About company
Amplitude

We are the Digital Analytics Platform. We help every business optimize the business value of digital product innovation.

Amplitude's AI-powered analytics platform enables companies to understand user behavior, drive product innovation, and deliver personalized customer experiences through data-driven insights.

All jobs at Amplitude Visit website
Job Details
Category other
Posted 3 hours ago