IT Systems Administrator at aero

<div> <h1 style="line-height: 1.2; margin-top: 16pt; margin-bottom: 8pt;"><strong><span style="font-size: 15pt; font-family: Arial, sans-serif;">ABOUT AERO</span></strong></h1> <p style="line-height: 1.2; margin-top: 0pt; margin-bottom: 6pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif;">Aero is a premium private aviation company redefining the charter flight experience. We combine white-glove concierge service with cutting-edge technology to deliver seamless, personalized travel. Our team is lean, fast-moving, and deeply committed to operational excellence.</span></p> <h1 style="line-height: 1.2; margin-top: 16pt; margin-bottom: 8pt;"><strong><span style="font-size: 15pt; font-family: Arial, sans-serif;">ABOUT THIS ROLE</span></strong></h1> <p style="line-height: 1.2; margin-top: 0pt; margin-bottom: 6pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif;">You will own and evolve the technology infrastructure that keeps Aero running — corporate cybersecurity, identity, device fleet, SaaS administration, and internal technical support. As the company’s primary IT leader, you will operate as a senior individual contributor partnering with Leadership, People Ops, and Ground &amp; Flight Operations. This is not a ticket-queue role; we need someone proactive who can shape strategy and execute hands-on.</span></p> </div> RESPONSIBILITIES Identity, Access & Security • Administer Google Workspace as our core identity platform — user lifecycle, SSO, context-aware access, and audit logging. • Implement and manage device trust policies and conditional access rules. • Detect, investigate, and mitigate security events (phishing, account compromise, unauthorized device access), including coordinating company-wide communications with leadership. • Evaluate and operate security tooling: VPN, firewalls, antispam, and anti-malware. Device & Endpoint Management • Manage the full device lifecycle for MacBooks, iPads, iPhones, Windows machines, and peripherals: procurement, configuration, deployment, repair/replacement, and decommissioning. • Operate Apple device management (Apple Business Manager, MDM profiles and scripts, managed Apple IDs); publish applications and updates to device groups. SaaS & Vendor Management • Administer core business platforms including Slack, Asana, and Metabase enterprise subscriptions. • Evaluate third-party integrations and API access; review NDAs and access-level requirements for external agencies and vendors. • Partner with Finance to track software spend, analyze trends by department, and build the annual software budget. Onboarding & Offboarding • Own user provisioning and deprovisioning across Google Workspace and all SaaS platforms. • Coordinate device shipments and tech onboarding emails (with setup instructions and tracking) for new hires alongside HR. • Maintain a unified inventory of company assets — devices and software licenses — tracking assignment, availability, and retrieval/decommissioning when employees depart. Support & Office Infrastructure • Serve as the primary point of contact for internal tech support via Slack, email, or the ticket system: account access, password resets, email configuration, and app connectivity. • Manage shared mailboxes, service accounts, and Google Groups with appropriate security controls. • Troubleshoot Google authentication flows, app-specific access issues, and SSO integrations across the tool stack. • Design and maintain office network and security infrastructure: architecture, equipment procurement, configuration, and updates. • Create and maintain documentation that accelerates onboarding and resolves common issues. REQUIREMENTS • 5+ years of experience in IT engineering, systems administration, or a similar hands-on technical role. • Deep expertise in Google Workspace administration: security settings, device management, user lifecycle, and audit log analysis. • Experience with Apple device management (MDM, Apple Business Manager). • Proficiency with Slack workspace-level administration. • Excellent written communication — able to draft clear, professional security advisories and onboarding documentation. • Based in the Los Angeles area and willing to work from the Van Nuys office 2–3 days per week. PREFERRRED EXPERIENCE • Familiarity with security and compliance frameworks (SOC 2, SOX, NIST, PCI, CIS). • Experience with Mosyle (Apple-specific MDM) and Windows device management. • Comfortable scripting (Python, JavaScript, or similar) for automation, bulk API operations, and managed-device configuration or remediation. • Experience in aviation, charter operations, or other regulated industries. • Familiarity with aviation operations platforms (e.g., Leon, Jeppesen, Airline Choice, ForeFlight). • Network architecture experience, including VPN for distributed teams. • Google Workspace, Google Cloud, or Apple IT Professional certifications.