Systems Engineer

About WorkOS 🚀

WorkOS builds modern developer tools and APIs that make it easy for companies to become Enterprise Ready. Our platform powers authentication, identity, authorization, and other critical infrastructure that developers need to securely scale their products to large organizations.
We recently raised a $100M Series C, valuing the company at $2B, led by Meritech and Sapphire with participation from Greenoaks, Craft, Abstract, and Audacious. WorkOS powers enterprise features for many of the fastest-growing AI companies, including OpenAI, Cursor, and Perplexity, Vercel, and Plaid.
As AI reshapes software, WorkOS is at the frontier of Human and Agent Authentication, Identity, and Access Control—helping companies answer a new critical question: who are your agents, and what are they allowed to do? Our fast-growing customer base includes hundreds of modern software companies building the next generation of enterprise-ready products.

About the Role

As a Systems Engineer at WorkOS, you will be the technical backbone of our internal IT organization — designing the systems, automations, and infrastructure that scale our internal operations. This is not a help desk role: you will architect endpoint management workflows, write scripts, ship automation, and build the foundation that keeps a fast-growing company running smoothly.

We have an MSP partner handling tier 1 support. Your job is to architect the systems the MSP executes against, automate everything upstream, and serve as the escalation point for complex tier 2/3 issues. You will own identity, device management, SaaS lifecycle, and the automation layer that ties it all together.

Who We're Looking For

We're looking for engineers who build and automate, not just operate. You think in systems — understanding how identity, devices, SaaS tools, and cloud infrastructure connect — and your instinct is to eliminate manual work. You might be a great fit if you:

• Have deep Okta expertise — not just user administration, but Workflows, integrations, and policy design

• Write scripts (Python, Bash) to automate what others do manually

• Use Terraform to manage infrastructure as code — not just for cloud, but for identity and SaaS configuration

• Understand SSO protocols (SAML, OAuth, SCIM) deeply enough to troubleshoot and architect, not just configure

• Are comfortable managing a macOS fleet end-to-end — zero-touch provisioning, policy enforcement, MDM

• Think about AI as a tool for IT automation — you are curious about using LLMs and agentic workflows to eliminate toil

• Take ownership, work independently, and follow through from identifying a problem to shipping a solution

Responsibilities ✔️

• Own and evolve our identity infrastructure — Okta (SSO, MFA, Workflows, SCIM provisioning, lifecycle management), Google Workspace, and downstream SaaS integrations

• Architect and ship automation across the IT stack — onboarding/offboarding workflows, access controls, license governance, and SaaS lifecycle management

• Own macOS endpoint management end-to-end — zero-touch provisioning, policy enforcement, detection and remediation scripting via MDM

• Manage infrastructure as code using Terraform for identity, SaaS, and cloud resources

• Serve as the escalation point for complex systems issues (tier 2/3) — working with our MSP partner to ensure smooth resolution

• Evaluate and enable new SaaS tools — pilot emerging technologies including AI-powered IT automation

• Create documentation and runbooks that reduce operational toil and increase durability

• Drive an automation-first culture across the IT function — if it can be automated, it should be

Qualifications 🌟

• 7+ years in IT systems, infrastructure, or identity engineering roles — with clear examples of designing, building, and automating at scale (not just operating)

• Deep experience with Okta — Workflows, integrations, policy design, SCIM provisioning (not just user administration)

• Proficiency in scripting (Python, Bash) and comfort with REST APIs, webhooks, and authentication flows

• Hands-on Terraform experience for managing infrastructure and configuration as code

• Strong macOS fleet management — MDM (Jamf, Kandji, or equivalent), scripting, zero-touch provisioning

• Deep understanding of SSO protocols (SAML, OAuth 2.0) and SCIM provisioning patterns

• Experience with Google Workspace administration at scale

• Solid understanding of networking fundamentals — DNS, HTTP, APIs, VPNs, firewalls

• Experience with AI/LLM tools for IT automation (agentic workflows, ChatGPT/Claude for scripting, Okta + AI integrations)

• GitOps or declarative approaches to device and identity management

• Cloud infrastructure experience (GCP or AWS)

• SOC 2 or ISO 27001 compliance experience

• Experience operating in an MSP-augmented IT model

Benefits (US Only) 💖

At WorkOS, we offer resources that emphasize personal and familial well-being. We offer healthcare coverage for you and your family, including medical, dental, and vision. We offer parental leave, paid-time off and fully remote working arrangements.

Benefits include:

- Competitive pay

- Substantial equity grants

- Healthcare insurance (Medical, Dental and Vision) for you and your family

- 401k matching

- Wellness and fitness monthly allowances

- PTO + paid holidays + unlimited sick leave

- Autonomy and flexibility with remote work

Please inquire directly with our recruiting team for benefits available to those working outside the US.

Equal Opportunity Employer

WorkOS is an equal opportunity employer, committed to diversity and inclusiveness. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.