Sr. Systems Administrator El Segundo, California,

Low Earth orbit is open for business. Varda is accelerating the development of commercial space infrastructure, from in-orbit pharmaceutical processing to reliable and economical reentry capsules.

From life‑saving pharmaceuticals to more powerful fiber optics, there is a world of products used on Earth today that can only be manufactured in space. Varda is accelerating innovation in the orbital economy by creating both the products and infrastructure needed so space can directly benefit life on Earth. Our mission is to expand the economic bounds of humankind.

Our team is uniquely suited to accomplishing this goal, with leadership and staff comprised of veterans from Space

X, Blue Origin, major pharmaceutical companies and Silicon Valley. Varda was founded in January 2021 by Will Bruey and Delian Asparouhov with significant backing from world class investors including Khosla Ventures, Lux Capital, Founders Fund, Caffeinated Capital, General Catalyst, and Also Capital.

Varda is headquartered in El Segundo, California, where we have offices and a production facility where our vehicles, equipment, and materials are built, integrated, and tested. Varda also has offices in Washington, DC and Huntsville, AL.

Join Varda, and work to create a bustling in‑space ecosystem.

Varda is looking for a Sr. Systems Administrator who is equal parts identity architect and cloud operator who can own platforms that every employee, device, and application depends on to get work done. You’ll be the technical authority for Okta, Microsoft 365 GCC High, Azure/Entra , and our MDM ecosystem across macOS, Windows, and Linux. This isn’t just about keeping the lights on: you’ll architect zero‑trust access policies, drive lifecycle identity automation, integrate device compliance into conditional access, and ensure our platforms are audit‑ready in an ITAR‑regulated environment.

You’ll work directly with Engineering, Security, Manufacturing, and Business Operations teams — and your decisions will directly shape how securely and efficiently a fast‑growing space company operates.

This is a full‑time, exempt position located in our El Segundo headquarters.

• Architect and administer the Okta tenant end‑to‑end — SSO application integrations, MFA policies, lifecycle management (joiner/mover/leaver), Okta Workflows, and Identity Governance and Administration (IGA) features, including access certifications and entitlement management.
• Own Microsoft 365 GCC High and Azure/Entra  — Exchange Online, SharePoint, Teams, conditional access policies, and tenant security configuration tuned for ITAR compliance boundaries.
• Design and maintain hybrid identity infrastructure, including Active Directory, Entra Connect synchronization, and federation trust relationships.
• Architect and administer endpoint management across all platforms — JAMF Pro for macOS, Microsoft Intune for Windows, and supplemental MDM tooling for Linux — including device enrollment, configuration profiles, compliance policies, application deployment, and OS patch management.
• Bridge device compliance and identity: integrate JAMF and Intune compliance signals into Okta and Entra l access policies so device trust is a hard requirement for resource access.
• Develop and enforce conditional access and zero‑trust policies across Okta and Entra  protect sensitive resources in an ITAR‑regulated environment.
• Build and maintain Okta Workflows and Azure Logic Apps/Power Automate flows to automate user provisioning, deprovisioning, group management, and access request fulfillment.
• Administer and optimize SCIM provisioning between Okta and downstream SaaS applications — Google Workspace, Jira, Confluence, Slack, Smartsheet, 1
  
  Password, and others.
• Monitor and respond to identity‑related security events — such as suspicious sign‑ins, token abuse, and privilege escalation — using Okta System Log, Entra  logs, and Crowd Strike telemetry.
• Partner with the Security team on compliance efforts tied to Vanta, NIST 800‑171, CMMC, and ITAR, with direct ownership of access control, audit logging, and least‑privilege enforcement.
• Manage certificate life cycles, SAML/OIDC trust…