Key skills
AndroidAWSiOSJamfMacOSPythonBashPowerShellAILLMLangChainAgenticAutoGenEntra IDOktaActive DirectoryCommunicationCollaborationZero Trust
About this role
Role Overview
- Engineer, configure, and optimize endpoint environments across Windows, macOS, Ubuntu, iOS, and Android platforms.
- Manage enterprise MDM platforms including JAMF Pro, Microsoft Intune, Autopilot, Entra ID, and Active Directory.
- Lead endpoint patching strategies for OS and third-party applications, minimizing downtime while ensuring compliance.
- Champion ITIL-aligned process improvement, embedding AI and agentic automation to drive continuous operational efficiency.
- Serve as a subject matter expert during audits, incident response, and vulnerability remediation exercises.
- Architect, deploy, and administer JAMF Pro across a complex enterprise environment of 3,000+ macOS endpoints.
- Build automated workflows for device provisioning, application deployment, patch management, and compliance reporting.
- Develop and maintain scripts in Bash, Python, AppleScript, and PowerShell to extend and automate JAMF functionality.
- Manage JAMF configuration profiles, policies, smart groups, and operational dashboards.
- Partner with Security to enforce FileVault encryption, CIS benchmark hardening, and Zero Trust policy controls.
- Maintain Apple Business Manager (ABM/DEP), VPP licensing, APNs certificates, and MDM enrollment pipelines.
- Design and deploy AI-assisted endpoint automation pipelines to reduce manual operational overhead and accelerate response times.
- Build and maintain autonomous agents (LangChain, AutoGen, or custom LLM integrations) to handle routine endpoint tasks including compliance checks, self-healing workflows, and incident triage.
- Integrate LLM APIs into endpoint tooling for natural-language policy authoring, log analysis, and intelligent alert summarization.
- Develop event-driven automation using JAMF Pro webhooks, Microsoft Power Automate, or custom Python/API pipelines to trigger remediation workflows without manual intervention.
- Evaluate and adopt AIOps platforms to predict device health issues, proactively surface compliance drift, and optimize patch scheduling.
- Define an AI automation roadmap for endpoint operations, establishing governance, testing, and rollback standards for agentic workflows.
- Continuously assess emerging AI tooling and agent frameworks for applicability to endpoint management use cases.
- Integrate endpoint tooling with SIEM and SOAR platforms for proactive threat monitoring and automated incident response.
- Design and enforce Conditional Access policies, identity frameworks, and data loss prevention controls.
- Ensure endpoint posture meets regulatory requirements including GDPR, HIPAA, and PCI-DSS.
- Participate in Zero Trust architecture reviews, risk assessments, and compliance audits.
- Implement and validate encryption standards across platforms (BitLocker for Windows, FileVault for macOS).
- Mentor junior engineers through knowledge sharing, code reviews, and coaching, including upskilling the team on AI-assisted and agentic operations.
- Serve as the escalation point for complex endpoint and macOS issues across global teams.
- Partner with Security, Networking, and Identity teams to integrate MDM platforms with tools such as Okta and AWS VDI.
- Produce and maintain technical documentation, architecture decision records, and end-user guides.
- Strong communication skills for both technical and non-technical audiences; able to clearly convey complex concepts to stakeholders at all levels.
Requirements
- Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent professional experience
- 5+ years of IT experience with at least 3 years in endpoint engineering or EUC roles
- Demonstrated expertise managing large-scale endpoint environments (10,000+ devices).
- JAMF 400 Certification (JAMF Certified Expert) or equivalent expert-level hands-on experience.
- Proficiency in scripting: Bash, Python, AppleScript, and PowerShell.
- Deep knowledge of the Apple ecosystem: ABM/DEP, VPP, MDM protocol, APNs.
- Strong understanding of endpoint compliance, encryption (BitLocker, FileVault), and Zero Trust frameworks.
- Experience with vulnerability remediation, patch lifecycle management, and endpoint security tooling.
- Excellent written and verbal communication and cross-team collaboration skills.
- Available to work until 1:00 PM EST.
Tech Stack
- Android
- AWS
- iOS
- Jamf
- MacOS
- Python
Benefits
- Great benefits and perks like larger tech companies
- Independence to make a larger impact on the company and take ownership of work