About Aero
Aero is a premium private aviation company redefining the charter flight experience. We combine white-glove concierge service with cutting-edge technology to deliver seamless, personalized travel. Our team is lean, fast-moving, and deeply committed to operational excellence.
About This Role
You will own and evolve the technology infrastructure that keeps Aero running — corporate cybersecurity, identity, device fleet, SaaS administration, and internal technical support. As the company’s primary IT leader, you will operate as a senior individual contributor partnering with Leadership, People Ops, and Ground & Flight Operations. This is not a ticket-queue role; we need someone proactive who can shape strategy and execute hands-on.
Responsibilities
Identity, Access & Security
- Administer Google Workspace as our core identity platform — user lifecycle, SSO, context-aware access, and audit logging
- Implement and manage device trust policies and conditional access rules
- Detect, investigate, and mitigate security events (phishing, account compromise, unauthorized device access), including coordinating company-wide communications with leadership
- Evaluate and operate security tooling: VPN, firewalls, antispam, and anti-malware
Device & Endpoint Management
- Manage the full device lifecycle for MacBooks, iPads, iPhones, Windows machines, and peripherals: procurement, configuration, deployment, repair/replacement, and decommissioning
- Operate Apple device management (Apple Business Manager, MDM profiles and scripts, managed Apple IDs); publish applications and updates to device groups
SaaS & Vendor Management
- Administer core business platforms including Slack, Asana, and Metabase enterprise subscriptions
- Evaluate third-party integrations and API access; review NDAs and access-level requirements for external agencies and vendors
- Partner with Finance to track software spend, analyze trends by department, and build the annual software budget
Onboarding & Offboarding
- Own user provisioning and deprovisioning across Google Workspace and all SaaS platforms
- Coordinate device shipments and tech onboarding emails (with setup instructions and tracking) for new hires alongside HR
- Maintain a unified inventory of company assets — devices and software licenses — tracking assignment, availability, and retrieval/decommissioning when employees depart
Support & Office Infrastructure
- Serve as the primary point of contact for internal tech support via Slack, email, or the ticket system: account access, password resets, email configuration, and app connectivity
- Manage shared mailboxes, service accounts, and Google Groups with appropriate security controls
- Troubleshoot Google authentication flows, app-specific access issues, and SSO integrations across the tool stack
- Design and maintain office network and security infrastructure: architecture, equipment procurement, configuration, and updates
- Create and maintain documentation that accelerates onboarding and resolves common issues
Requirements
- 5+ years of experience in IT engineering, systems administration, or a similar hands-on technical role
- Deep expertise in Google Workspace administration: security settings, device management, user lifecycle, and audit log analysis
- Experience with Apple device management (MDM, Apple Business Manager)
- Proficiency with Slack workspace-level administration
- Excellent written communication — able to draft clear, professional security advisories and onboarding documentation
- Based in the Los Angeles area and willing to work from the Van Nuys office 2-3 days per week
Preferrred Experience
- Familiarity with security and compliance frameworks (SOC 2, SOX, NIST, PCI, CIS)
- Experience with Mosyle (Apple-specific MDM) and Windows device management
- Comfortable scripting (Python, JavaScript, or similar) for automation, bulk API operations, and managed-device configuration or remediation
- Experience in aviation, charter operations, or other regulated industries
- Familiarity with aviation operations platforms (e.g., Leon, Jeppesen, Airline Choice, ForeFlight)
- Network architecture experience, including VPN for distributed teams
- Google Workspace, Google Cloud, or Apple IT Professional certifications
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
