JOBS

Internal Systems Engineer | Microsoft 365 → Google Workspace | Okta | SSO | SaaS Platforms | $180k + Super + Bonus

Job Category: Engineering SaaS Platform Systems Engineer
Job Type: Full Time onsite
Job Location: Sydney

Internal Systems Engineer
Microsoft 365 → Google Workspace | Okta | SSO | SaaS Platforms

Sydney CBD | 5 Days Onsite | $180k + Super + Bonus. “You’re our only hope.” Okay, maybe that’s a little dramatic. But this is a genuinely important Internal Systems Engineering role inside a fast-moving, technology-led business scaling a platform used by tens of thousands of users daily.

Rebel Alliance starfighter pilot

The Mission

The company is growing, the platform is evolving, and the internal systems environment needs someone who can bring order, structure, security, and serious technical ownership to the SaaS stack behind the scenes.

Lead and own a major Microsoft 365 to Google Workspace migration, while helping shape the broader internal systems environment across Okta, SSO, identity federation, SaaS integrations, access control, security posture, automation, and platform ownership.

This is not a help desk role. This is not L1/L2 support. This is not “log a ticket and hope someone else fixes it” territory. This is proper hands-on systems engineering.

You’ll be joining the Rebel Alliance, not polishing the Empire’s admin console.

What You’ll Be Doing

  • Leading and supporting the Microsoft 365 to Google Workspace migration: planning, execution, stakeholder communication, migration hygiene, risk management, change impact, and post-migration optimisation.
  • Rolling out and improving SSO and identity federation, with Okta as the preferred direction.
  • Designing and supporting authentication flows across SAML, OIDC, SCIM, RBAC, and JML processes.
  • Owning integration architecture between internal SaaS platforms, including APIs, webhooks, scripted automation, and workflow integrations.
  • Reviewing and rationalising the internal tools environment across productivity, communication, work management, cloud, dev, security, and business systems.
  • Improving security posture around least privilege, secrets management, API keys, certificates, passwords, access reviews, audit trails, and lifecycle management.

Identity & Access You’ll Own

SAML. OIDC. SCIM provisioning. RBAC. Joiner/mover/leaver automation. Access reviews. Least-privilege controls. Audit trail hygiene. Or, to put it another way: “The Force is strong with this one… but so is their access governance.”

Twin suns over a desert horizon

Current Stack

You’ll work across a modern SaaS and cloud-heavy environment:

  • Productivity: Google Workspace, Microsoft 365, Slack
  • Work management: Jira, ClickUp, Notion, Confluence
  • Identity and security: 1Password, with Okta as the preferred direction
  • Cloud and dev: AWS, Cloudflare, GitHub
  • Business systems: HubSpot, Intercom

You don’t need to have worked with every single tool, but you do need to be confident owning SaaS platforms at a deep technical level. This is architect-level systems ownership, not just admin-level maintenance.

About You

  • 5+ years’ experience in systems engineering within a SaaS-first, cloud-first, or modern technology environment.
  • Strong experience with Microsoft 365 and/or Google Workspace at migration, architecture, and platform ownership level.
  • Experience leading, owning, or playing a major role in at least one significant SaaS migration. A Microsoft 365 to Google Workspace migration would be especially valuable.
  • Hands-on experience with SSO / IdP implementation, ideally including Okta.
  • Strong technical understanding of SAML, OIDC, SCIM, RBAC, and joiner/mover/leaver workflows.
  • Experience integrating SaaS platforms using APIs, webhooks, scripts, workflow automation, or integration tools.
  • A strong security mindset across least privilege, secrets management, audit hygiene, access reviews, and lifecycle controls.
  • The ability to own outcomes, communicate clearly, and lead technical change across a business.

You should be comfortable saying: “I’ll own that.” Not: “That sounds like someone else’s ticket.”

Milky Way over a mountain ridge

Nice-to-Have Skills

Useful, but not essential: AWS or cloud infrastructure experience; Docker or containerised tooling; secrets management tools such as 1Password, HashiCorp Vault, or AWS Secrets Manager; MDM / device management experience with Jamf, Intune, Kandji, or NinjaOne; scripting in Python, PowerShell, or Bash; fintech, trading, payments, or another regulated environment; HubSpot, Intercom, Meraki, or ITIL exposure.

What This Role Is Not

Let’s be clear, because these are not the droids we’re looking for. This is not an AI engineer role. Not a prompt engineering role. Not a help desk role. Not an L1/L2 support role. Not old-school on-prem infrastructure with a sprinkle of SaaS. Not an IT Manager role for someone who no longer wants to be hands-on. This role is about platform ownership, migration leadership, identity, integrations, security, automation, governance, and operational maturity.

The Setup

Salary: $180k + super + bonus
Location: Sydney CBD
Work setup: 5 days onsite

Yes, it is onsite. No, it is not remote. Yes, the salary reflects that.

Final Word

If you’re the kind of Internal Systems Engineer who can take a fast-moving SaaS environment from “mostly working” to “properly scalable, secure, documented, automated, and clean”, this could be a brilliant move.

If you’ve led complex SaaS migrations, understand Google Workspace and Microsoft 365 deeply, know your way around Okta, SAML, OIDC, SCIM, RBAC and JML, and you’re comfortable owning both the build and the ongoing operation, then this one is worth a serious look.

As Yoda might say: “Migrate the Workspace, you must.”

And as the Rebel Alliance would say: May the SSO be with you.

Big Wave Digital, Sydney-based tech recruitment for brands that actually ship.


Apply for this position

Allowed Type(s): .pdf, .doc, .docx