This website uses cookies to ensure you get the best experience.

Crossmint and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, that is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
Skip to main content
United States, Spain · Hybrid

IT / Client Platform Engineer (US / Spain)

About Crossmint

Crossmint is the leading enterprise-grade, all-in-one stablecoin and wallet infrastructure platform enabling fintechs and enterprises to integrate stablecoin rails and smart wallets with speed, compliance, and scale.

Backed by Ribbit Capital, Franklin Templeton, NYCA, First Round, and Lightspeed Faction, with $23.6M raised in 2025. Trusted by more than 40,000 clients including global leaders such as MoneyGram, WireX, Toku, and more, Crossmint provides embedded smart wallets, on/offramps, cross-chain stablecoin orchestration, tokenization, and other blockchain primitives through simple, developer-friendly APIs that integrate in minutes and scale to millions of users.

In January 2026, Crossmint secured MiCA authorization from Spain's CNMV, becoming one of a select few stablecoin infrastructure providers fully licensed to operate across all 27 EU member states and held to the same regulatory standards as traditional financial institutions. Crossmint also powers the Republic of the Marshall Islands' first digital UBI program, backs MoneyGram's new stablecoin cross-border experience launching in LATAM, and recently partnered with WireX to expand multichain stablecoin payment infrastructure to non-EVM networks like Stellar.

The future of finance is stablecoin-native. Crossmint makes it easy to get there.

Location

Preferred: Madrid, New York City, or Miami.

We are also open to remote candidates based in Spain or the United States.

Type of Employment

Full-time

Seniority

10+ years of experience in IT Operations / Client Platform / Endpoint Engineering in modern, high-growth environments.

About The Role

We are looking for a hands-on, generalist IT / Client Platform Engineer to own day-to-day IT operations while building scalable foundations across identity, access, device management, and onboarding/offboarding.

This is not just a help desk role. While you will support employees directly, your primary mission is to design and implement automated, secure, and scalable IT systems, especially around identity (SSO/SCIM), Mac fleet management, and AWS access.

You’ll be the backbone of our internal IT platform, ensuring employees have seamless access to what they need, securely and efficiently.

What You Will Do

Identity, Access & SaaS Administration

  • Own Google Workspace administration (email, groups, security settings, user lifecycle).

  • Manage and improve SSO integrations across SaaS apps (primarily SAML-based).

  • Troubleshoot authentication issues (SSO, MFA, sessions, login failures).

  • Implement and improve SCIM provisioning (automated create/update/deprovision flows).

  • Drive clean and automated joiner / mover / leaver processes.

  • Maintain a structured SaaS inventory (owners, licenses, criticality, usage).

  • Run periodic access reviews and enforce least-privilege access by default.

Mac Endpoint Management (Apple-First Environment)

  • Own Mac fleet management end-to-end (primarily macOS).

  • Manage MDM solutions (Rippling MDM; Kandji experience highly relevant).

  • Implement and maintain zero-touch deployment via Apple Business Manager / Automated Device Enrollment.

  • Standardize device configuration (FileVault, OS updates, security baselines, Wi-Fi/VPN profiles).

  • Manage software packaging and deployment (Munki and/or AutoPkg are a plus).

  • Maintain asset inventory, lifecycle tracking, compliance, and secure offboarding wipes.

AWS Access & Account Management

  • Manage AWS IAM access (federated access, users, roles, policies).

  • Support AWS account administration and permissions troubleshooting.

  • Enforce secure access practices: MFA, key rotation, role-based access, minimizing long-lived credentials.

  • Support audits and access reviews related to AWS environments.

IT Support & Operations

  • Provide L1/L2 support for employees (accounts, laptops, SaaS issues).

  • Own internal ticket flow (prioritization, response times, documentation).

  • Create and maintain clear runbooks, onboarding guides, and internal “how-to” documentation.

  • Partner with Security, Engineering, and People Ops to deliver a smooth employee experience.

About You

  • 10+ years of experience in IT Operations / Client Platform / Endpoint Engineering in a modern company (startup experience or MacAdmins-style environments strongly preferred).

  • Strong hands-on macOS administration experience in company environments.

  • Experience managing Mac MDM solutions (Kandji, Jamf, Rippling MDM, Workspace ONE, Intune, etc.).

  • Experience with Apple zero-touch deployment (Apple Business Manager / Automated Device Enrollment).

  • Strong Google Workspace administration experience.

  • Working knowledge of:

    • SAML SSO (setup and troubleshooting)

    • SCIM provisioning (setup and troubleshooting)

    • IAM fundamentals (groups, roles, least privilege, audits)

  • Hands-on experience with AWS IAM (policies, roles, access troubleshooting).

  • Comfortable providing direct support to non-technical users.

  • Strong ownership mindset: you can build processes from scratch, document them clearly, and continuously improve them.

  • Scripting and automation skills (Bash, Python) to reduce manual work.

Strong Plus If You Have

  • OIDC knowledge.

  • Experience with Munki and/or AutoPkg for macOS software deployment.

  • Light tooling skills (Golang or JavaScript) to reduce repetitive manual workflows.

  • Experience managing IT tooling at SaaS scale (100–500 employees, many apps).

  • Familiarity with security and compliance practices (SOC 2 controls in practice: access reviews, device encryption, logging, disciplined offboarding).

  • Experience with device telemetry / visibility tools (e.g., osquery, Fleet).

We highly value engineers who think beyond manual processes:

  • Interest in using automation and AI features within modern IT tools to reduce repetitive work.

  • Experience (or curiosity) with AI-powered service desk tools or virtual agents.

  • Ability to design self-service flows (software access requests, password reset guidance, troubleshooting workflows) using low/no-code automation.

  • Exposure to AI-assisted SaaS management (shadow IT discovery, license insights, contract tracking).

  • Awareness of modern identity threats (phishing, session hijacking, credential stuffing) and interest in evolving toward risk-based or continuous identity security models.

This list is a guide, not a checklist. You do not need to meet every requirement to be a strong candidate.

Why Join Crossmint?

You’ll play a foundational role in building the internal systems that power the company. This is a high-ownership position where you’ll shape how identity, devices, and access work from the ground up—while balancing security, automation, and a great employee experience.

If you enjoy building clean systems, automating away repetitive work, and designing secure-by-default IT environments, we’d love to hear from you.

What Success Looks Like (First Months)

  • New hires receive a zero-touch laptop with correct access on Day 1.

  • Offboarding is clean and immediate (accounts disabled, tokens revoked, devices wiped).

  • Most SaaS applications are behind SSO and provisioned with SCIM where possible.

  • AWS access is fully integrated with our identity provider.

  • Clear SaaS inventory with ownership and visibility.

  • Fewer access surprises and a stronger security posture.

  • Employees describe IT as reliable, fast, and easy to work with.

Benefits

  • Extensive access to leading AI tools and subscriptions, with AI actively encouraged and integrated into daily workflows.

  • Stock options program.

  • We conduct two performance reviews annually. The first addresses performance ratings, bonuses, and promotions. The second encompasses these elements along with salary adjustments reflecting inflation and market conditions.

  • Unlimited, flexible PTO.

  • Flexible work schedule.

  • Company laptop and allowance for any necessary home equipment.

  • Daily stipend for commuting to the office.

  • Company-paid trips for annual off-sites and onsites.

  • Insurance covered by Crossmint.

  • 401(k) Plan (US only).

Our Principles

  • Results and delivery: Ship high quality work fast.

  • Build for the long term: Build scalable, secure, and reliable solutions. Use AI.

  • Extreme Ownership: Be an effective Directly Responsible Individual (DRI). Be proactive.

  • Be a team player: Be an effective and kind colleague providing credible challenge. Be present and reliable.

Talent research indicates that women are often less inclined than men to apply for a role unless they have experience in 100% of the listed skills. However, this list is only a guide. We welcome your application even if you feel you meet around 75% of the requirements. At Crossmint, we believe skills can be learned, and diversity makes us stronger.

We work to foster a respectful environment where each person can be their authentic self, free from harassment, racism, and any form of discrimination. We proudly uphold our commitment to diversity and inclusion as an equal opportunity employer, and this policy applies to all employment practices within our organization.

Please note that Crossmint never conducts AI-based interviews, and all of our processes include an initial video call with a team member. Crossmint will not request your personal identification documents or any payment at any point during your interview process. Please stay vigilant about potential fraud. If you receive an email that claims to be from Crossmint but ends with any domain other than @crossmint.com, @crossmint.io or @paella.dev, it is not from us. We own these three domains listed before, and they are the only legitimate ones.

Please let our Talent Team know if you need any assistance completing any forms, or participating in the process.

Follow us on Linkedin and Twitter to keep updated with our latest activity! 👣

Locations
United States, Spain
Remote status
Hybrid
Employment type
Full-time
United States, Spain · Hybrid

IT / Client Platform Engineer (US / Spain)

Loading application form

Already working at Crossmint?

Let’s recruit together and find your next colleague.

Applicant tracking system by Teamtailor