Apple/macOS Engineer (Remote)
Overview
- The Apple/macOS Engineer is responsible for engineering and maintaining the secure macOS endpoint environment, including workstation image development, macOS baseline configuration, JAMF administration, Apple Business Manager integration, macOS device enrollment, patching, compliance, authentication support, logging, and operational documentation.
- This role ensures that macOS endpoints used by on-site and remote users are securely configured, consistently provisioned, fully inventoried, and integrated with VDI, authentication, monitoring, and incident response requirements.
Responsibilities
- Design, build, maintain, and harden standard macOS workstation images for on-site and remote/VDI use.
- Engineer and maintain secure macOS baseline configurations, compliance settings, and lifecycle controls.
- Administer JAMF Pro and Apple Business Manager enrollment and provisioning workflows for macOS devices.
- Support macOS device provisioning, policy deployment, software distribution, patching, configuration drift remediation, and secure decommissioning.
- Integrate macOS endpoint images and device configurations with VDI access requirements, security agents, logging agents, and authentication controls.
- Support passwordless authentication and hardware-backed credentials, where approved, for macOS users and privileged accounts.
- Configure and validate macOS logging and telemetry, including Unified Logs, endpoint agent reporting, and forwarding of relevant logs to SIEM/EDR platforms.
- Develop runbooks for macOS imaging, enrollment, patch validation, troubleshooting, and recovery.
- Assist with forensic collection support, audit readiness, and post-change validation for macOS endpoints.
- Provide technical guidance to the Engineer, Cloud Service Desk Representative, and company stakeholders on macOS endpoint architecture, security posture, and supportability.
Qualifications
CORE Qualifications:
- Bachelor’s degree in IT, Cybersecurity, or related field preferred; equivalent experience acceptable
- Must possess an active or interim Top Secret security clearance
- 8+ years of experience in IT, Endpoint Engineering, or Cybersecurity
- 6+ years of experience performing engineering functions in enterprise environments
- Experience working under formal change control, audit, and security governance processes
Additional Qualifications:
- Experience building and maintaining macOS workstation images
- Experience engineering secure macOS baseline configurations for remote and on-site users
- Experience integrating macOS endpoints with VDI clients, authentication agents, EDR/AV tools, and logging agents
- Experience validating image integrity and supporting image release, rollback, and testing
- Experience using JAMF Pro for macOS endpoint management
- Experience with Apple Business Manager for enrollment and provisioning workflows
- Experience managing macOS device enrollment, compliance, software deployment, and lifecycle operations
- Experience supporting FileVault/recovery key escrow, device wipe, reassignment, and decommissioning
- Experience configuring and supporting macOS Unified Logs
- Experience validating forwarding of macOS logs and telemetry to SIEM/EDR platforms
- Experience supporting secure authentication methods, including hardware-backed credentials where approved
- Experience with macOS compliance monitoring, baseline drift remediation, and audit support