Last Lock Inc. IT / Systems Administrator Madison, WI · Full time Company website

Apply for IT / Systems Administrator

Founded in Madison, WI, by Jack Ryan and Alex Mahnke, Last Lock has redefined what it means for a lock to be "smart." Beyond essential locking and unlocking, Last Lock's self-powering, retrofit smart lock provides secure access management for coworking spaces. Last Lock also deploys its technology to other industries through access control partners. At Last Lock, we are dedicated to continuously enhancing the security and technology of access control worldwide. Join our visionary team and be a driving force in revolutionizing the future of access. Together, we'll shape a world where convenience meets unparalleled safety, and innovation knows no bounds.

System Administrator

High-Level Objectives

• Maintain and improve reliability, security, and visibility across all internal systems.

• Ensure smooth day-to-day IT operations and scalable cloud infrastructure management.

• Serve as point-of-contact for systems access, configuration, and troubleshooting.

• Support engineering with cloud development and management.

• Support automation and policy-driven infrastructure as the company grows.

Core Responsibilities

System Administration

• Triage and resolve incoming support tickets.

• Perform device and user provisioning/deprovisioning

• Maintain inventory and asset tracking.

• Manage endpoint configuration, patching, and compliance (macOS, Windows, Linux).

• Document and continuously improve internal processes (zero-touch setup, etc.).

• Resolve access requests

• Manage MDM policies, OS baselines, and enforcement (macOS/Windows).

• Manage device lifecycle logistics (repairs, warranties, shipping).

• Run quarterly access reviews and remediation (for SaaS & AWS).

• Maintain asset disposal and media sanitization procedures.

• Follow policy and maintain documentation for compliance related to the above items

Identity & Access Management

• Administer user lifecycle and access controls across SaaS, cloud, and internal tools.

• Enforce least-privilege and MFA policies across systems.

• Configure and maintain SSO via JumpCloud, including integrations (e.g., Tailscale, Google,

AWS).

• Regularly audit access and automate provisioning

• Follow policy and maintain documentation for compliance related to the above items

Cloud Infrastructure (AWS)

• Audit and maintain AWS account structure and billing/management account setup, etc.

• Design and implement best-practice org structures (e.g., Organizations, SCPs, consolidated

billing).

• Manage IAM roles, policies, and access boundaries.

• Maintain monitoring, logging, and alerting (e.g., CloudTrail, GuardDuty, Cost Explorer).

• Support developers with VPC, EC2, S3, IAM, and service integrations while maintaining

appropriate least privilege and security boundaries

• Review AWS cost anomalies and propose optimizations (RI/SP purchases, storage lifecycle

policies).

• Coordinate with engineering for secure, repeatable infrastructure changes.

• Advise and assist engineering with infrastructure development and deployment

• Follow policy and maintain documentation for compliance related to the above items

Networking & Security

• Manage onsite networking

• Oversee VPN/Tailscale configuration and access control policies.

• Manage DNS (Route53 or internal equivalent) and internal networking configs.

• Conduct periodic security reviews (password policy, logging, audit readiness).

• Implement endpoint security baselines and response playbooks.

• Follow policy and maintain documentation for compliance related to the above items

Internal Tooling & Automation

• Develop and maintain related CI/CD pipelines (GitHub Actions, etc)

• Maintain and extend internal automation (e.g., provisioning, backups, SSO sync).

• Script routine admin tasks (Python, Go, or shell).

• Maintain self-hosted CI runners (MacOS)

Software & Platform Misc

• Triage and respond to requests from automated tooling and auditors for compliance

• Own business continuity and disaster recovery documentation/testing.

• Expand observability tooling (metrics, logs, cost telemetry).

• Ensure log retention policies, structured logging standards, and access controls for

observability tools

• Maintain actionable alerting (avoid noisy alerts, continuous tuning).

• Vulnerability management (OS, containers, dependencies) and coordination of remediation

with engineering.

• Security incident response participation: triage, containment, forensics-lite, documentation.

• Manage license renewals, seat optimization, etc.

• Administrate public facing website (Webflow)