Nexthire logo

Metadome.AI-IT Systems Engineer

Nexthire
2 days ago
Full-time
On-site
Bengaluru, Karnataka, India

METADOME.AI-IT Systems Engineer

Own the identity, endpoints, network, and compliance backbone that powers immersive technology at scale.

Location Bengaluru, India · On-site

Department IT & Information Security

Employment Type Full-time

Experience 5+ years in IT systems / infrastructure

Reports To Engineering Leadership

About Metadome.ai

Metadome.ai is an immersive 3D & XR technology company that enables cloud-based, photorealistic, and captivating customer experiences for brands. Our technology offers a complete stack for creating immersive 3D & XR applications with omni-channel deployment across both in-store and digital touchpoints, and over a multitude of devices. These experiences span a spectrum of use cases across the automotive, home décor, fashion, and cosmetics & accessories sectors. Our flagship automotive platform — Autodome — enables unprecedented photorealistic, cloud-based immersive 3D & XR applications that cover the entire pre-retail funnel, empowering brands to launch products virtually and drive awareness, engagement, and bookings among modern automotive consumers.

Today, we are trusted partners to leading brands across the globe — including Unilever, MG Motor, Lexus, Asian Paints, Tata Motors, and Royal Enfield, among others. We have also partnered with the likes of TCS, SAP, and PwC, and are an active voice in the XR community, including the Metaverse Standards Forum and the VR/AR Association.

About the Role

We are looking for a hands-on IT Systems Engineer to own and run the technology backbone that keeps our teams productive and our data secure. You will be the single point of accountability for IT operations and information security across a multi-location business where 24x7 systems availability is core to how we operate — managing identity, endpoints, network, and our cloud workspace, while operating and continuously hardening our GDPR, SOC 2, and ISO 27001 compliance posture. This is a builder-operator role, not a supervisory one. We run a tight ship on security and compliance, and we expect you to have personally implemented and operated the systems and controls described below — you should know them inside out, down to the configuration, the evidence, and the edge cases.


Key Responsibilities

Identity & Access Management — JumpCloud

• Own the JumpCloud directory end-to-end: user lifecycle (joiner / mover / leaver), groups, and organizational structure.

• Administer SSO, enforce MFA, and configure conditional and device-based access policies across all SaaS applications.

• Manage cross-platform device policies (macOS, Windows, Linux) via JumpCloud device management, including disk encryption and compliance baselines.

• Integrate RADIUS / LDAP for Wi-Fi and application authentication.

• Automate onboarding and offboarding to guarantee least-privilege access and clean, auditable deprovisioning.

Google Workspace Administration — GWS

• Administer the Google Workspace tenant: users, groups, organizational units, and email routing.

• Configure and enforce security controls — 2-Step Verification, context-aware access, DLP rules, and sharing / visibility policies.

• Manage retention, eDiscovery, and legal holds through Google Vault.

• Optimize licensing and SaaS spend across Workspace and other portals.

Endpoint & Threat Protection — Sophos

• Deploy, configure, and manage Sophos Central (Intercept X / XDR) across all endpoints and servers.

• Monitor alerts, triage threats, and lead incident detection, response, and remediation.

• Maintain endpoint encryption, web / application control, and device-hardening standards.

• Where Sophos Firewall is in use, manage firewall policies, IPS, and secure remote access.

Network, Firewall & Wi-Fi

• Design, configure, and maintain firewalls, VLAN segmentation, VPN, and secure remote access.

• Administer enterprise Wi-Fi and wired networks (switches, access points), including RADIUS-backed authentication.

• Manage LAN / WAN connectivity, ISP relationships, and network performance and uptime.

• Implement network monitoring, intrusion detection, and centralized logging.

Hardware, Software & Asset Management

• Own the full hardware lifecycle — procurement, provisioning / imaging, maintenance, repair, and decommissioning.

• Support a mixed fleet of macOS, Windows, and Android devices, including high-performance workstations and XR / VR hardware used by our creative and engineering teams.

• Maintain an accurate hardware and software inventory and asset register.

• Manage software deployment, patch management, and license compliance.

Security, Risk & Compliance — GDPR · SOC 2 · ISO 27001


• Operate and continuously improve the company's Information Security Management System (ISMS).

• Own day-to-day compliance for GDPR, SOC 2 (Type II), and ISO/IEC 27001 — including control implementation, evidence collection, and continuous monitoring.

• Conduct risk assessments, internal audits, periodic access reviews, and vendor security / DPA assessments.

• Serve as a primary point of contact during external audits and customer security reviews.

• Maintain security policies, records of processing (RoPA), DPIAs, and incident / breach-response runbooks.

• Drive security-awareness and phishing-simulation programs across the organization.

IT Operations & Support

• Ensure 24x7 high availability of core systems and meet defined uptime and SLA metrics.

• Provide escalation-level troubleshooting and support across macOS, Windows, and Android.

• Manage backups, disaster recovery, and business-continuity testing.

• Coordinate internal teams and third-party vendors to deliver IT projects on time and within budget.

• Maintain documentation, runbooks, and standard operating procedures.

• Own and report on the IT budget and asset allocation.

Required Skills & Experience

• 5+ years in IT systems / infrastructure engineering — with direct, hands-on ownership of the systems below rather than purely supervisory exposure.

• JumpCloud — demonstrated hands-on expertise across identity, SSO, MFA, and device management.

• Google Workspace (GWS) — deep admin-console experience including security, DLP, and Vault.

• Sophos — hands-on endpoint / XDR administration and threat response.

• Networking — firewall configuration, Wi-Fi, VLANs, VPN, LAN / WAN, and RADIUS / LDAP fundamentals.

• GDPR, SOC 2 & ISO 27001 — hands-on — you have personally taken an organization through at least one full audit / certification cycle and know the controls, evidence, and auditor expectations inside out.

• Cross-platform support — proven troubleshooting across macOS, Windows, and Android in a 24x7, multi-location environment.

• System security — solid grasp of IDS / IPS, endpoint hardening, encryption, and backup / recovery.

• Education — B.Sc. / B.Tech in Information Technology, Computer Science, or a related discipline.

• Mindset — strong documentation discipline, ownership, resourcefulness, and a structured, problem-solving approach.


Preferred Qualifications

• Relevant certifications — e.g., ISO 27001 Lead Implementer / Auditor, CompTIA Security+ / Network+, or vendor certifications from JumpCloud and Sophos.

• Experience with compliance-automation platforms such as Sprinto, Vanta, or Drata.

• Scripting and automation for IT operations (Bash, PowerShell, or Python).

• Experience in a fast-paced SaaS or technology company serving enterprise and global clients.

• Familiarity with supporting creative, 3D, or XR workflows and high-performance computing environments.

Why Join Us

You will own the systems and security posture of a company building category-defining immersive technology for some of the world's most recognizable brands. It is a high-trust, high-ownership role with the autonomy to design things properly — and the visibility that comes with keeping a security- and compliance-first business running flawlessly.