We are seeking a highly skilled and motivated Senior Endpoint & Jamf Engineer to join our global Workplace Computing/End User Computing team. This role combines broad expertise in managing cross-platform endpoints (Windows, macOS, Ubuntu, iOS, Android) with deep specialization in Jamf and Apple macOS device management. You will play a key role in designing, deploying, and maintaining enterprise-scale endpoint solutions, ensuring optimal performance, security, and user experience for 10,000+ devices worldwide.
As a trusted subject-matter expert, you will drive automation, compliance, and integration initiatives, collaborating with security, identity, and infrastructure teams to deliver secure, scalable, and user-centric endpoint environments.
Key Responsibilities: Endpoint Engineering & Management:
- Engineer, configure, and optimize endpoint environments across Windows, macOS, Ubuntu, iOS, and Android.
- Manage enterprise device management platforms including Jamf Pro, Microsoft Intune, Autopilot, EntraID (Azure AD), and Active Directory. - Lead endpoint patching strategies for OS and 3rd-party applications, minimizing downtime and ensuring compliance. - Contribute to ITIL-aligned processes leveraging automation and AI for continuous improvement. - Participate in audits, incident response, and vulnerability remediation as an endpoint subject-matter expert.
Jamf & Apple macOS Expertise:
- Lead the architecture, deployment, and administration of Jamf Pro in a complex enterprise environment managing 3,000+ macOS endpoints.
- Implement automated workflows for provisioning, application deployment, patching, and compliance. - Develop and maintain scripts (Bash, Python, AppleScript, PowerShell) to extend Jamf functionality. - Maintain and optimize Jamf profiles, policies, smart groups, and reporting. - Partner with Security teams to enforce FileVault, CIS benchmarks, and Zero Trust principles.
Collaboration & Leadership:
- Mentor junior engineers, fostering knowledge sharing and skills growth.
- Act as escalation point for complex endpoint and macOS issues. - Collaborate with Security, Networking, and Identity teams to integrate endpoint and MDM platforms (e.g., Intune, Okta, AWS VDI). - Produce and maintain technical documentation, architecture decisions, and end-user guides.
Soft Skills & Professional Attributes:
- Strong communication skills for both technical and non-technical audiences.
- Highly organized, adaptable, and proactive problem solver. - Customer-focused with a strong commitment to enhancing user experience. - Resilient under pressure with proven ability to manage competing priorities. - Collaborative team player with leadership qualities to influence and mentor others.
Security & Compliance:
- Integrate endpoint management with SIEM and SOAR tools for proactive monitoring and incident response.
- Implement endpoint security measures including threat detection, encryption, and compliance enforcement. - Design and enforce Conditional Access policies and identity frameworks. - Ensure compliance with regulatory standards (GDPR, HIPAA, PCI-DSS). - Participate in risk assessments and audits aligned with Zero Trust security models.
Expected Outcomes:
- Achieve and maintain endpoint compliance of 95%+ across all platforms.
- Reduce downtime through streamlined provisioning, patching, and automation. - Deliver measurable improvements in endpoint security posture and end-user satisfaction. - Implement automation to reduce manual endpoint management tasks by 30%+. - Align endpoint strategies with organizational goals and industry best practices.
Required Qualifications & Experience:
- Bachelor s degree in Computer Science, IT, or related field (or equivalent experience).
- 5+ years of IT experience, with 3+ years in endpoint engineering roles. - Proven expertise in managing large-scale endpoint environments (10,000+ devices). - Jamf 400 Certification (Jamf Certified Expert) or equivalent expert-level experience. - Proficiency in Bash, Python, AppleScript, and PowerShell scripting. - Strong knowledge of the Apple ecosystem (ABM/DEP, VPP, MDM, APNs). - Strong understanding of endpoint compliance, encryption (BitLocker, FileVault), and Zero Trust frameworks. - Experience with vulnerability remediation, patch management, and endpoint security integration. - Excellent communication, documentation, and cross-team collaboration skills.
Preferred Qualifications:
- Experience in regulated industries (finance, healthcare, government).
- Hands-on experience with AWS VDI image creation and management. - Knowledge of modern identity and security frameworks (Zero Trust, Conditional Access).
