Zoárd Manó Csoltai | TechOps, Identity & Automation

Work Experience

Pleo

Senior TechOps Engineer

Aug 2021 — Present

Own identity, access, fleet, and automation for 1,000+ users in a product-led fintech, partnering closely with People, SRE, DevX, and People Tech.
Led company-wide authentication and SSO rollout, using convention-based Okta group minting to push access into Slack, Google, and GitHub automatically.
Migrated a 1,000+ macOS fleet from Jamf to Kandji, reducing manual upkeep by roughly 40% while aligning device posture with zero-trust and ISO 27001 requirements.
Built zero-touch onboarding automations that provision accounts and devices so new joiners are productive on day one with minimal IT intervention.
Represented TechOps during ISO 27001 audit work, walking auditors through lifecycle controls and evidence that supported Pleo's first certification.

The Olive Kitchen & Bar

Restaurant Manager

2017 — 2021

Managed a 20-person team and ran daily operations with a strong focus on service quality, coordination, and accountability.
Built the operational judgment and people skills that still shape how I lead cross-functional technical work today.

Selected Work

Role-Based Access Control at Pleo

Built a convention-driven RBAC model in Okta so access follows organization structure instead of manual ticket work.

Designed group minting patterns that automatically fan out access to Slack, Google Workspace, and GitHub.
Reduced access friction for employees while improving consistency and auditability for security stakeholders.

Read Article

GitHub Governance Through Identity Automation

Synced directory groups into GitHub teams, reviewer pools, and CODEOWNERS so permissions stay aligned with the actual org.

Removed recurring manual administration around team membership and repository ownership.
Made engineering access governance more reliable by tying it directly to the source of truth for identity.

Read Article

Zero-Touch Onboarding and Fleet Migration

Connected onboarding automation, device provisioning, and policy design into a tighter internal platform experience.

Created a day-one-ready onboarding flow where automations handle account provisioning and most device setup steps.
Paired a large Jamf-to-Kandji migration with safer defaults and staged OS update policies tied to zero-trust controls.

Writing

Featured writing

Case studies and systems notes published directly on the site, so the best work is readable without bouncing out to external tools.

See all writing

23 August 2025 Okta RBAC Access Management

How Pleo approaches role-based access control

How we made HRIS the source of truth, used Okta Workflows to mint lifecycle-aware org groups, and pushed that structure into Slack, Google, and GitHub.

Read article

5 July 2023 Okta RBAC Access Management

Using Okta to Automate GitHub Teams

A short writeup on using Okta-driven org data and GitHub's team sync APIs to automate team creation, linking, and cleanup.

Read article

See all writing

Skills & Practice

I work at the intersection of internal tooling, identity, and practical operations. The through-line in my work is reducing friction without losing control: building systems that are easier for employees to use, easier for auditors to understand, and easier for teams to maintain.

Identity and Access +

Okta
SSO (OIDC/SAML)
SCIM
RBAC
Okta Workflows

Automation and IaC +

Python
Webhooks
REST APIs
Terraform (HCL)
OpenTofu

SaaS and Tooling +

Slack Enterprise Grid
Google Workspace
GitHub Enterprise
Greenhouse
NetSuite
Notion
Airtable

Operations and Practice +

macOS fleet management
Jamf Pro
Kandji
OS update policy design
Zero-touch people journey automations
Plain-English documentation
ISO 27001 audit readiness