Systems & Security Administrator (Msp/Mssp)

This is a remote job, but preference will be given to candidates near Richmond, Virginia.  

At Bento Security, we’re Managed Resilience Partners for legal and wealth management firms. We provide security-integrated information technology management where cybersecurity and IT strategy are inseparable. Our clients trust us with fiduciary-level access to their most sensitive systems and data. That means everyone on our team operates with security foundations baked into everything they do..

Who We Are

We’re a data-centric managed services provider serving clients in legal and wealth management who need VP-level IT and security thinking without VP-level headcount. We build automation, write our own software, solve complex problems, and treat our clients’ systems like we own them because for all practical purposes, we do.

We’re fanatical about our customers, but not at the expense of our team’s learning, advancement, and family. We’re growing because we’ve proven that security-integrated IT management isn’t just possible, rather it’s the only sustainable model.

Our people are builders, innovators, and subject matter experts. We evaluate every team member on four leadership principles: customer obsession, ownership, ingenuity, and bias for action.

Key Traits and Expectations

Respects Context – You understand that legal and wealth management clients operate in regulated environments with fiduciary responsibilities. One careless mistake can end our business. You’re methodical, careful, and security-minded in everything you touch. Confidence without recklessness.

Seeks Early Wins – Within your first 30 days, you’ll identify one process that can be improved or automated. By 60 days, you’ll implement it. By 90 days, you’ll have demonstrated you can operate independently while staying professionally visible.

Thinks Like a Builder – You don’t just follow procedures you improve them. You document as you learn. You write scripts instead of repeating manual tasks. You see systems, not just tickets. You’ve built things on your own before anyone gave you permission.

Skills and Experience You Bring

Required:

• 1-4 years relevant IT experience OR demonstrated track record of independent operation
• Proven ability to figure things out on your own (prior job, home lab, projects, self-taught skills)
• Comfortable administering macOS and Windows systems in production environments
• Working knowledge of networking fundamentals (TCP/IP, DNS, DHCP, VPN, VLANs)
• Scripting or automation experience (PowerShell, bash, Python, or equivalent)
• Strong written and verbal communication skills (you keep people informed without being asked)
• Clean background check (fiduciary client access requires it)
• Local to Richmond, VA area (remote work, but available for in-person collaboration)

Preferred:

• Experience with AWS, Azure, or M365 environments in production
• Identity and access management (Okta, JumpCloud, Google Workspace, Microsoft Entra ID)
• MDM/RMM platform experience (Intune, Jamf, Apple Business Manager)
• Prior MSP or professional services experience
• Exposure to legal, wealth management, or regulated industries
• Relevant certifications (AWS SysOps, Microsoft certifications, Security+)

Evidence we’re looking for:

• Prior managers/colleagues describe you as “figures things out” and “doesn’t need hand-holding”
• You’ve operated independently in a previous role with production system access
• You’ve built automation, tools, or improvements on your own initiative
• You can point to specific examples of solving problems without waiting for direction

The Systems and Security Philosophy

“At Bento Security, there is no separate ‘security team.’ Security is integrated into every system we touch, every decision we make, every line of code we write. We protect our clients as aggressively as possible while keeping their teams productive.

What You’ll Actually Do

Client Support and Systems Administration:

• Provide systems and security administration for managed services clients across legal and wealth management sectors
• Manage devices and user accounts in mixed macOS, Windows, and Linux environments
• Implement and maintain security controls using our control framework
• Administer identity and access management through Okta, JumpCloud, Google Workspace, and Microsoft Entra ID
• Deploy and manage endpoints via MDM platforms (Apple Business Manager, Intune)
• Troubleshoot complex issues in bespoke client environments using automation and AI tools
• Own your ticket pipeline you decide priorities, manage your work, and communicate status

Security Operations:

• Evaluate vulnerabilities, assess risk, and implement mitigation actions
• Implement email security, anti-phishing, and data protection controls
• Monitor security events and respond to incidents following documented procedures
• Participate in security reviews and compliance activities
• Maintain security documentation for clients and internal use
• Make judgment calls about risk/impact and escalate appropriately

Infrastructure and Network Management:

• Administer Windows Server environments (Active Directory, Group Policy, DNS, DHCP, DFS)
• Manage AWS environments (VPC, EC2, RDS, S3) with infrastructure-as-code approach
• Configure and maintain Cisco Meraki firewalls, switches, and access points
• Implement VPNs and lateral movement protections
• Handle email delivery, routing, and protection systems

Automation and Improvement:

• Automate redundant tasks through scripting and workflow tools
• Build automation that makes life better for clients, the team, and yourself
• Leverage AI to improve efficiency and problem-solving
• Contribute to internal projects and tool development
• Write code with version control, implement proper secrets management

Documentation and Knowledge Management:

• Maintain internal and client-facing documentation
• Write procedures, summaries, and technical notes as you work
• Build knowledge base articles that others can follow
• Document solutions so problems stay solved

Collaboration and Growth:

• Work with modern support systems for client interaction
• Participate in code reviews and technical discussions
• Prepare client-facing content including presentations and training materials
• Collaborate with senior engineers on complex projects
• Participate in sales process and help grow client relationships
• Actively pursue certifications and learning opportunities

Who Thrives in This Role

You figured things out on your own before anyone gave you permission. You built a home lab, taught yourself to code, or solved real problems without formal training. You have evidence of self-directed capability.

You thrive on having real responsibility from day one. The idea of touching production systems immediately excites you, not terrifies you. You want to work where your decisions matter.

You’re looking to grow with a company over years, not hop jobs every 18 months. You see the path from $52-65k now to $75-85k+ as Senior Engineer in 2-3 years.

This isn’t for you if:

• You need someone to tell you what to work on every day
• You go silent when you’re stuck instead of asking questions
• You confuse “independence” with “not communicating”
• You’re looking for a structured training program or hand-holding
• You need top dollar now rather than proving capability first
• You’re uncomfortable with privileged access monitoring and code reviews
• You want a “hold over” job while looking for something better

Compensation and Benefits

Starting Compensation: $52,000 – $65,000

• $52k: 1-2 years experience with demonstrated independent operation
• $58k: 2-3 years experience, proven track record in similar environment
• $65k: 3-4 years experience, MSP/professional services background, minimal ramp time

Salary placement based on:

• Prior experience operating independently
• Technical depth and breadth of skills
• Quality of references and demonstrated track record
• Evidence of self-directed learning and building
• How quickly you can be productive in our environment

Growth Path:

• 90-day review: Performance-based increase if exceeding expectations
• 1-year review: Significant raise when operating at full capability ($65-70k range)
• 2-3 years: Senior Systems and Security Engineer role ($75-85k+)

Benefits:

• Remote work with flexible schedule (6 productive hours, 2 for learning/admin)
• Training and certification support (we’ll help with AWS, Microsoft, security certs)
• Access to learning budget for courses, tools, and resources
• Exposure to cutting-edge automation and AI implementations
• Small team where your contributions are visible and valued
• Professional services experience that’s valuable anywhere

Work Expectations:

• Your day is 8 hours: 6 hours productive work, 2 hours for documentation/learning/admin use it well
• Serial-single-tasking is reality we don’t believe in multitasking, but you’ll switch contexts regularly
• Available for in-person collaboration in Richmond area when needed
• Time tracking required (for your benefit and ours)
• Demonstrate value, manage resources, use time effectively

To Apply

Send your resume to [email protected] with answers to these three questions:

1. Customer-Obsession: Describe a specific time you went beyond what was asked to solve someone’s actual problem. What was the underlying need you discovered, and how did you address it?

2. Ingenuity: What’s something you automated, optimized, or built because you saw a better way to do it? Walk us through your thinking, implementation, and the impact it had.

3. Bias-for-Action: Tell us about a technical problem you diagnosed and fixed without waiting for someone to tell you how. What was your troubleshooting methodology, and what did you learn?

Real examples only. We can tell the difference between lived experience and aspirational answers. These questions are your first test they demonstrate whether you actually embody these principles or just understand them conceptually.

Also include: Links to GitHub, home lab documentation, or anything you’ve built that shows you figure things out on your own.

Bento Security does not sponsor H-1B visa applicants.