
IT Systems Engineer
About Us
- Insurance brokers sit at the intersection of care, cost, and access — yet remain one of the most underleveraged assets in the $5T healthcare value chain. They guide millions of Americans through plan selection, coverage questions, and care navigation, yet still rely on spreadsheets, manual workflows, and outdated tools that limit their growth and impact.
- Gyde is reimagining this. We’re building the first AI-native insurance brokerage platform—a system that learns from every client interaction to automate operations, power intelligent voice and chat experiences, and predict the right coverage and products for every individual or business.
- Our approach combines acquisition and AI: we acquire traditional brokerages and transform them into next-generation, data-driven organizations. Through Gyde’s platform, agencies run more efficiently, serve clients more personally, and scale faster than ever before.
- Join us if you’re excited to:
- Redefine how millions of people access and understand their healthcare coverage, by building systems that turn unstructured data, human conversations, and fragmented processes into intelligence.
- Build AI systems that improve how people access healthcare
- Design production-grade voice, chat, and predictive models for a highly regulated domain
- Launch technologies that augment human judgment and make complex decisions transparent and scalable
- Help reinvent an entire industry from the inside out
- We’re creating the future of brokerage — where every interaction, insight, and decision is powered by intelligence.
- Our founding team boasts pedigrees from Oscar, Stripe, Vista Equity Partners, and Alpine. Lightspeed led Gyde’s $60M financing, with participation from Optum Ventures, Crystal Venture Partners, Virtue, MVP Ventures, and multiple endowment funds, among others. Hear why on LSVP Investment Memo.
Role Summary
You are the systems engineer behind every agency we bring into Gyde — and the person they reach when something breaks. When we acquire an agency, its people need accounts, laptops, and access working on day one, and you own that experience end to end: before, during, and after cutover. But you don't just run that playbook by hand — you engineer it. Every provisioning step, compliance check, and access change is something you'd rather express as code and automate than repeat.
You'll sit on the Infrastructure team, report to the Head of Infrastructure, and turn the Infra Engineer's integration runbooks into repeatable, automated systems — while staying close enough to real users to know exactly where the friction is.
There is real operations work here, and more of it as we scale: device fleets across multiple entities, MFA and SSO resets, and account lifecycle across Entra/Okta and Google Workspace/M365. What defines this role is how you approach that work. You treat each recurring operational task as a bug to fix at the root and a candidate for automation — not a ticket to close and forget. It's also high-trust: we operate in a HIPAA-aware environment, so you handle identity verification, device loss, and access changes with care, every time.
The ideal hire has run end-user IT in a fast-moving, multi-tenant or MSP-style environment, is fluent with scripting and configuration-as-code, stays calm under a cutover deadline, and is happiest when they've automated away last month's busywork.
Key Responsibilities
- Engineer the agency-integration experience, don't just run it. Own onboarding, cutover, hypercare, and day-to-day support for acquired agencies as the primary IT point of contact — and continuously convert that work into scripted, repeatable systems so each integration is faster and more hands-off than the last.
- Manage endpoints and devices as code. Image, enroll, ship, and lifecycle-manage laptops (provisioning through RMA and offboarding retrieval); operate the MDM (Hexnode) day to day, and codify policies, baselines, and compliance remediation instead of clicking through consoles.
- Automate the identity and access lifecycle. Provision, modify, and deprovision accounts across Entra/Okta, Google Workspace/M365, and core SaaS; run JML workflows with same-day deprovisioning as a non-negotiable, and drive toward automated, HRIS-triggered lifecycle so it happens reliably without manual steps.
- Turn integration runbooks into repeatable tooling. Take the Infra Engineer's runbooks, schedule and run cutover waves with agency leadership, capture friction, and feed fixes back as automation and version-controlled process; own status comms during rollouts and incidents.
- Build security hygiene into the system. Enforce endpoint baselines, disk encryption, MFA enrollment, and screen-lock policies through managed, auditable configuration; support phishing reporting and basic user security education; flag anomalies (impossible travel, unmanaged devices, shadow IT) to Security/Infra; keep HIPAA-aware habits by default.
What you bring / core competencies
- Automation & Configuration-as-Code. You script and version-control your work (PowerShell, Python, Graph API, or similar), and you'd rather define infrastructure and policy as code than manage it by hand. You see a recurring task and instinctively reach for a way to make it disappear.
- Identity & Access Management. Confident across an IdP (Entra/Okta), Google Workspace/M365, MFA, SSO, and conditional access, with clean JML hygiene. You reason about least privilege and entitlements, and you don't need to be told when an offboarding has to happen same-day.
- Endpoint & MDM Operations. You've owned a device fleet, not just touched one — imaging, enrollment, lifecycle, inventory reconciliation, and policy/compliance troubleshooting in an MDM (Hexnode or comparable), ideally managed as code.
- End-User Support & Troubleshooting. You diagnose and resolve laptop, SaaS, connectivity, and access issues quickly and explain them plainly to non-technical users — and you treat a recurring issue as a signal to fix or automate something upstream, not a task to close.
- Communication & Stakeholder Management. Calm, clear, and credible with non-technical agency users and leadership, especially under cutover pressure. You can explain what's happening and what's next without jargon.
- Operational Rigor & Security Mindset. You follow and improve runbooks, document recurring quirks, and handle HIPAA-aware verification and device-loss scenarios without being prompted. You build process and tooling, not just habit.
Technical / Functional Requirements
- 4–6 years in end-user IT, IT operations, systems engineering, or an MSP environment.
- Hands-on scripting and automation (PowerShell, Python, or similar) and comfort managing configuration as code. This is a core requirement for this role, not a bonus.
- Hands-on administration of an IdP (Entra ID or Okta) plus Google Workspace and/or Microsoft 365.
- MDM experience including policy and compliance management (Hexnode a plus; Intune, Jamf, or Kandji acceptable).
- Comfortable imaging/provisioning laptops and managing the device lifecycle end to end.
- Solid working grasp of MFA, SSO/conditional access, VPN, and AVD or a comparable remote-desktop setup.
Nice to have
- Config-as-code / IaC tooling for identity or endpoints (e.g., Terraform, Okta Workflows, Entra Lifecycle Workflows, or Intune-as-code).
- Experience supporting a HIPAA or otherwise regulated environment.
- Multi-tenant, MSP, or M&A / agency-integration IT experience.
- Hexnode and Azure Virtual Desktop (AVD) specifically.
What we offer
Gyde offers a competitive benefits package to all employees.
- Top of the market compensation
- Flexible (Unlimited) Paid Time Off
- Medical, Dental, and Vision benefits for you and your family
- Retirement Plan (e.g., 401K)
- Parental Leave
Apply for this job
*
indicates a required field