Optimo Capital
Website:
optimocapital.in
Job details:
About The Role
We’re hiring an IT Systems Administrator for an NBFC to secure endpoints, SaaS, and networks across ~50 branches, ~250+ field staff, and ~50+ office users.
This is primarily an IT Admin + Security role, with secondary exposure to AWS cloud ops + light DevOps + basic DB access management.
If you’re an IT Admin aiming to break into AWS Cloud Ops + DevOps, this role is a strong next step — you’ll own core IT/security and get hands-on exposure to cloud operations and deployments.
Key responsibilities (Primary: IT Admin + Security)
- Manage endpoint security for laptops and mobiles (policies, patching, encryption, antivirus/EDR); drive MDM implementation now/future (e.g., Intune/Jamf).
- Administer Google Workspace (Gmail/Drive/Calendar): users, groups, permissions, SSO, MFA, sharing controls.
- Own joiner–mover–leaver lifecycle: provisioning/deprovisioning, access controls, periodic access reviews.
- Secure branch connectivity: VPN, internal Wi-Fi, internet usage controls; coordinate troubleshooting and standardization across branches.
- Manage HO security stack: firewall operations, rule changes with change control, monitoring/log review (basic but consistent).
- Secure SaaS tools (CRM/HRMS/comms like Slack/Zoom): role-based access, MFA enforcement, offboarding, integration/OAuth controls.
- Maintain IT asset inventory: procurement coordination, issuance/return, audits, warranty/AMC, license renewals; remote lock/wipe for lost devices.
- Handle security incidents: phishing, account compromise, device loss/theft — contain, investigate, recover, and prevent recurrence.
- Run backups and basic DR testing; maintain SOPs/documentation and train staff on cyber hygiene.
- Provide hands-on user support: laptop builds, software installs, Outlook/Excel issues, VPN/Wi-Fi troubleshooting, escalations and vendor coordination.
Secondary responsibilities (AWS + DevOps + DB ops support)
- Support AWS administration: IAM users/roles/policies, MFA, access key hygiene, basic log review (e.g., CloudTrail).
- Manage AWS access controls: security groups/firewall rules, IP allowlists/whitelisting (admin tools, databases, vendor access).
- Assist engineering with DevOps operations:
- CI/CD support (deployment coordination, rollbacks, environment configuration)
- Secrets/credentials management and rotation (no shared creds)
- DNS + SSL/TLS certificates, basic monitoring/alerting coordination
- Bonus: Docker/Kubernetes and Terraform exposure
- Basic database operations (admin-lite):
- DB user creation, roles/permissions, least-privilege access
- IP allowlisting/whitelisting for DB access via VPN/approved sources
- Backup/restore verification coordination and basic monitoring signals (connections/storage)
Requirements
- 3+ years in IT security / systems administration (BFSI or branch-heavy org preferred).
- Hands-on with Google Workspace or Microsoft 365 administration.
- Must have hands-on experience leading or executing an email suite migration (e.g., Google Workspace ↔ Microsoft 365), including mailbox migration, DNS cutover, MX/SPF/DKIM/DMARC reconfiguration, and user transition management.
- Strong endpoint/security fundamentals: encryption, patching, AV/EDR, remote support, device compliance.
- Comfortable with networks: VPN/Wi-Fi/LAN troubleshooting; firewall basics and change discipline.
- Strong operational discipline: asset tracking, vendor management, documentation, ticketing, user communication.
- Practical AWS familiarity (IAM, access controls, logging) and ability to support DevOps workflows.
Nice to have
- Experience implementing MDM at scale (Intune/Jamf/SureMDM).
- Exposure to SOC2 / ISO27001 evidence, controls, and audit workflows.
- Scripting for automation (PowerShell/Bash/Python).
- Familiarity with managed databases and secure access patterns.
Skills:- System Administration, IT security, MDM, Endpoint protection, Sophos, Patch Management, Google Apps administration, Office 365, IT asset management, IT service management, Network Security, Firewall administration, VPN, Amazon VPC, Incident management, Disaster recovery, Amazon Web Services (AWS), CI/CD, DevOps, Databases and AWS IAM
Click on Apply to know more.