We are seeking a highly skilled and motivated Senior Endpoint & Jamf Engineer to join our global Workplace Computing/End User Computing team. This role combines broad expertise in managing cross-platform endpoints (Windows, macOS, Ubuntu, iOS, Android) with deep specialization in Jamf and Apple macOS device management. You will play a key role in designing, deploying, and maintaining enterprise-scale endpoint solutions, ensuring optimal performance, security, and user experience for 10,000+ devices worldwide.
As a trusted subject-matter expert, you will drive automation, compliance, and integration initiatives, collaborating with security, identity, and infrastructure teams to deliver secure, scalable, and user-centric endpoint environments.
Key Responsibilities:
Endpoint Engineering & Management:
- Engineer, configure, and optimize endpoint environments across Windows, macOS, Ubuntu, iOS, and Android.
- Manage enterprise device management platforms including Jamf Pro, Microsoft Intune, Autopilot, EntraID (Azure AD), and Active Directory.
- Lead endpoint patching strategies for OS and 3rd-party applications, minimizing downtime and ensuring compliance.
- Contribute to ITIL-aligned processes leveraging automation and AI for continuous improvement.
- Participate in audits, incident response, and vulnerability remediation as an endpoint subject-matter expert.
Jamf & Apple macOS Expertise:
- Lead the architecture, deployment, and administration of Jamf Pro in a complex enterprise environment managing 3,000+ macOS endpoints.
- Implement automated workflows for provisioning, application deployment, patching, and compliance.
- Develop and maintain scripts (Bash, Python, AppleScript, PowerShell) to extend Jamf functionality.
- Maintain and optimize Jamf profiles, policies, smart groups, and reporting.
- Partner with Security teams to enforce FileVault, CIS benchmarks, and Zero Trust principles.
Collaboration & Leadership:
- Mentor junior engineers, fostering knowledge sharing and skills growth.
- Act as escalation point for complex endpoint and macOS issues.
- Collaborate with Security, Networking, and Identity teams to integrate endpoint and MDM platforms (e.g., Intune, Okta, AWS VDI).
- Produce and maintain technical documentation, architecture decisions, and end-user guides.
Soft Skills & Professional Attributes:
- Strong communication skills for both technical and non-technical audiences.
- Highly organized, adaptable, and proactive problem solver.
- Customer-focused with a strong commitment to enhancing user experience.
- Resilient under pressure with proven ability to manage competing priorities.
- Collaborative team player with leadership qualities to influence and mentor others.
Security & Compliance:
- Integrate endpoint management with SIEM and SOAR tools for proactive monitoring and incident response.
- Implement endpoint security measures including threat detection, encryption, and compliance enforcement.
- Design and enforce Conditional Access policies and identity frameworks.
- Ensure compliance with regulatory standards (GDPR, HIPAA, PCI-DSS).
- Participate in risk assessments and audits aligned with Zero Trust security models.
Expected Outcomes:
- Achieve and maintain endpoint compliance of 95%+ across all platforms.
- Reduce downtime through streamlined provisioning, patching, and automation.
- Deliver measurable improvements in endpoint security posture and end-user satisfaction.
- Implement automation to reduce manual endpoint management tasks by 30%+.
- Align endpoint strategies with organizational goals and industry best practices.
Required Qualifications & Experience:
- Bachelor’s degree in Computer Science, IT, or related field (or equivalent experience).
- 5+ years of IT experience, with 3+ years in endpoint engineering roles.
- Proven expertise in managing large-scale endpoint environments (10,000+ devices).
- Jamf 400 Certification (Jamf Certified Expert) or equivalent expert-level experience.
- Proficiency in Bash, Python, AppleScript, and PowerShell scripting.
- Strong knowledge of the Apple ecosystem (ABM/DEP, VPP, MDM, APNs).
- Strong understanding of endpoint compliance, encryption (BitLocker, FileVault), and Zero Trust frameworks.
- Experience with vulnerability remediation, patch management, and endpoint security integration.
- Excellent communication, documentation, and cross-team collaboration skills.
Preferred Qualifications:
- Experience in regulated industries (finance, healthcare, government).
- Hands-on experience with AWS VDI image creation and management.
- Knowledge of modern identity and security frameworks (Zero Trust, Conditional Access).
