IT Administrator & Helpdesk

gravity9 is a fast-growing technology consultancy (UK-headquartered, predominantly PL-based delivery teams) and a MongoDB Premier Partner. Our internal IT estate has scaled to the point where we need a dedicated person owning day-to-day support and the underlying admin — keeping a ~150-person consultancy running smoothly across Okta, Azure, Atlassian, Microsoft 365, GitHub, Kolide, NordLayer and a long tail of SaaS tools.

This role has been operating on an interim basis and we now want to make it permanent. You will be the first point of contact for everything from “I got a new phone and Okta won’t enrol” through to standing up a new SSO integration or a piece of internal automation. You will work closely with our IT Support Lead, our Head of Operations, and senior leadership on improvements to our security posture and IT operating model.

We are a Zero-Trust shop: Okta SSO + Kolide device compliance gate access to everything, and our infrastructure runs on Azure. You will help us continue to raise the bar in advance of client security audits.

•   Be the default responder in #itsupport and on the JIRA Service Management ITSUP queue. We currently see 10–15 tickets a week. Typical examples:

◦    Okta enrolment on new phones, MFA resets, password recovery

◦    Kolide device-compliance issues (macOS updates, Parallels, mobile sleep-mode quirks)

◦    NordLayer VPN authentication and SSO assignment

◦    Access requests across Atlassian (Jira/Confluence), Azure DevOps, GitHub, SharePoint, Microsoft 365, BreatheHR, Ruddr

◦    Software license provisioning and approval workflow (Claude, Granola, JetBrains, GitHub Copilot, Postman, etc.)

◦    Returning-consultant re-onboarding and full leaver offboarding

•   Help consultants set up and troubleshoot VDI environments when working on partner engagements 

•   Own ticket lifecycle in JIRA: triage, prioritise, work, communicate, close, and keep an eye on aging tickets.

•   Maintain a public-facing FAQ / runbook for the most common requests so users can self-serve where possible.

•   Day-to-day administration of Okta (users, groups, app assignments, SSO integrations, MFA policies, lifecycle hooks).

•   Entra ID / Microsoft Graph administration — app registrations, role assignments, conditional access, B2B guest management.

•   Azure RBAC across our subscriptions (Internal IT, client-facing, gravity9 Sandbox, etc.) — granting least-privilege roles on request and reviewing standing access.

•   Azure DevOps organisation administration — project creation, admin role grants, service-connection setup, group membership.

•   Joiner / mover / leaver process across Okta, Microsoft 365, BreatheHR, Ruddr, GitHub, Atlassian, NordLayer, and any project-specific tooling.

•   Own Kolide day-to-day: investigate failing checks, work with users on remediation, manage temporary lifts where appropriate, and feed back to the DevOps team where checks need tuning.

•   Support periodic IAM / access audits — cross-referencing Ruddr, Okta, Kolide and HR records for completeness.

•   Help drive ongoing improvement of our security posture in support of client audits and certifications (UK Cyber Essentials Plus, SOC 2 readiness, due-diligence questionnaires).

Tenant-level admin across our core stack:

•   Atlassian Cloud — Jira, Confluence, JIRA Service Management (incl. our IT Support project)

•   Microsoft 365 & SharePoint — site permissions, license assignment, distribution lists

•   GitHub — org membership, team permissions, repo creation, Copilot seats

•   NordLayer, JetBrains licensing, Claude, Granola, BreatheHR, Ruddr, Slack workspace admin

We treat internal IT as a small product surface. Recent / current work in this space includes:

•   The gravity9 IT Support Slack Bot (Python; runs in Azure Container Apps in our Internal IT subscription; integrated with JIRA Service Management). Maintain, extend, and hand new requests off to it.

•   n8n self-hosted on Azure with Okta SSO via an OAuth2 proxy + auth bridge pattern — increasingly used for internal automations.

•   SSO integration of new SaaS products into our Okta tenant as the business adopts them.

•   IT Policy reminder automation (Slack-driven, tied to Kolide / BreatheHR signals).

•   ISO acknowledge reminder automation (Slack-driven)

•   Other ad-hoc internal tooling on Azure as opportunities arise.

You should be comfortable writing and shipping code at this scale (Python or Node typical, containerised, deployed via Azure DevOps pipelines). You are not expected to operate at a senior platform-engineer level — but you should be able to run the loop end-to-end on small/medium internal tools without hand-holding.

Cover for the DevOps team on internal-leaning work where it makes sense — Azure subscription cleanup, pipeline tweaks, service-connection wiring, occasional Function App / Container App config changes — typically in collaboration with IT Support Lead.