About Compa

• Design, build, and operate Compa's enterprise security systems, including identity, access control, endpoint management, and enterprise SaaS administration.
• Own end-to-end identity and access workflows, including role-based access models, access packages, provisioning, deprovisioning, and ongoing access hygiene.
• Support employees by ensuring reliable, secure access to the tools they need, resolving access and device issues with a strong bias toward durable, system-level fixes.
• Implement security-first onboarding, offboarding, and access change processes that scale smoothly as the company grows.
• Design and maintain integrations across enterprise security systems (identity, devices, SaaS, and supporting tooling) to ensure consistency, reliability, and scalability.
• Automate wherever possible, reducing manual work and operational risk while improving reliability, auditability, and employee experience.
• Operate and continuously improve endpoint and device management systems (for example: Jamf, Intune), balancing security requirements with usability.
• Own the accuracy and consistency of enterprise security sources of truth, including users, devices, and applications.
• Collaborate with the Security team on shared security operations responsibilities, helping improve detection, response, and investigation through better system design, signals, and operational readiness.
• Continuously raise Compa's defensive posture by evolving enterprise security controls such as just-in-time access, trusted devices, and zero trust, and by contributing to a strong internal security culture.
• Support the security team with access reviews, audits, and investigations by providing high-quality system design, evidence, and operational context.
• Maintain clear documentation, runbooks, and operational processes that enable resilience, self-service, and predictable failure modes.
• Act as a force multiplier for the Security team by translating security intent into durable, well-designed enterprise systems that allow Compa to move fast, securely.
• Employees have fast, secure access to the tools they need, with minimal friction and a consistently strong user experience.
• Access is clean, role-based, least-privilege, continuously reviewed, and auditable.
• Enterprise security systems scale smoothly as the company grows and evolve as new risks emerge.
• Manual work is continuously reduced through automation, better system design, and clear sources of truth.
• Enterprise systems provide reliable signals that support detection, response, and investigation.
• Security, compliance, and operational needs reinforce each other rather than compete, enabling Compa to move fast, securely.
• Demonstrated experience owning and operating enterprise systems such as identity providers, access management, endpoint management, or enterprise SaaS platforms.
• Strong systems thinking: ability to reason about workflows, failure modes, scale, and operational risk.
• Comfort designing access models and operational processes, not just executing tickets.
• Ability to automate or significantly reduce manual operational work, and to improve systems over time.
• Ability to support users effectively by diagnosing and resolving system issues with a bias toward durable fixes.
• Clear written and verbal communication, especially around systems, trade-offs, and security implications.
• Low ego, strong ownership mindset, and good judgment in ambiguous environments.
• Gumption — experience working in high-growth or resource-constrained environments.
• Experience operating identity and access management systems (for example: Microsoft Entra).
• Experience designing role-based access control, access reviews, and provisioning workflows.
• Familiarity with compliance frameworks such as SOC 2 and supporting audits through system evidence.
• Experience contributing to detection, response, or investigation through identity, device, or access signals.
• Experience supporting organizations with high security and privacy expectations.
• Interest in continuously improving defensive posture through controls such as just-in-time access, trusted devices, or identity-driven security.
• Interest in growing into broader ownership over Enterprise Security or IT as the company scales.