Apple/macOS SME

About The Position

Requirements

• 8+ years of experience in Information Technology, Endpoint Engineering, or Cybersecurity
• 6+ years performing engineering (not help desk) functions in enterprise environments
• Expert-level proficiency with JAMF Pro for macOS endpoint management and compliance enforcement
• Experience with Apple Business Manager for macOS and iOS device enrollment and provisioning
• Experience building/maintaining macOS workstation images, including automation, validation, and rollback
• Experience configuring macOS Unified Logs and forwarding telemetry to enterprise SIEM and EDR platforms
• Experience working under formal change control, audit, and security governance processes
• Apple Certified Support Professional (ACSP) or equivalent certification
• Experience managing macOS endpoints in a federal or highly regulated environment
• Familiarity with Gatekeeper and macOS security hardening frameworks
• Must possess or be eligible to obtain and complete a government security screening and/or a Secret security clearance.
• Active Top Secret (TS) clearance required.
• Must be a U.S. Citizen

Nice To Haves

• Bachelor's degree in Information Technology, Cybersecurity, or a related field preferred
• Formal education requirements may be waived based on relevant professional experience, as determined by the government

Responsibilities

• Design and maintain secure macOS workstation images incorporating approved security baselines, authentication agents, logging, and VDI/remote access capabilities
• Deploy and manage Apple Business Manager and JAMF Pro for macOS device enrollment, configuration profiles, and compliance enforcement
• Implement and maintain OS and application patching for macOS endpoints; validate patches post-deployment and support rollback
• Configure passwordless authentication and hardware-backed credentials for macOS devices; manage FileVault recovery key escrow and custody records
• Maintain device enrollment workflows and accurate asset inventory for macOS endpoints, including provisioning, reassignment, decommissioning, and secure wipe
• Ensure macOS Unified Log telemetry is properly configured and forwarded to enterprise SIEM and EDR platforms
• Produce and maintain engineering documentation, runbooks, and change records for all macOS endpoint configurations

Benefits

• Virtual health visits
• commuter perks
• pet insurance
• entertainment discounts
• Annual performance reviews
• tuition assistance
• internal career growth opportunities
• Generous 401(k) matches
• life and disability insurance
• financial wellness tools
• Annual awards
• service anniversaries
• referral bonuses
• peer-to-peer shoutouts
• Healthcare coverage
• wellness programs
• flu shots
• biometric screenings