Apple/macOS Subject Matter Expert (SME)

About The Position

Requirements

• Must possess an active Top Secret security clearance.
• A Bachelor’s degree in Information Technology, Cybersecurity, or a related field (or equivalent experience) is preferred.
• Regularly required to stand, sit, talk, hear, reach, stoop, kneel, and use hands and fingers to operate a computer, telephone, keyboard, and standard office equipment.
• Specific vision abilities required by this job include close vision requirements due to computer work.
• The employee must occasionally lift and/or move up to 15 pounds.
• Fine hand manipulation (keyboarding).

Responsibilities

• Provide high-level engineering support for enterprise macOS environments, ensuring system stability, security, and performance.
• Build and maintain macOS workstation images. Manage image automation, validation, rollback, and version control processes. Integrate images with Virtual Desktop Infrastructure (VDI), Endpoint Detection and Response (EDR), authentication, and logging agents.
• Utilize tools such as Ivanti and/or KACE for OS and application patching. Manage configuration drift, execute remediation workflows, and provide comprehensive reporting. Validate patches post-deployment and support necessary rollback procedures.
• Leverage JAMF Pro for comprehensive macOS endpoint management and provisioning. Implement and manage advanced authentication methods, including passwordless authentication and hardware-backed credentials (e.g., YubiKey, CAC, software keys).
• Configure robust endpoint logging (e.g., macOS Unified Logs). Forward and validate logs into SIEM/EDR platforms (such as MS Sentinel) to support forensic collection, audit readiness, and continuous monitoring.
• Assist in administering all information security functions for the macOS baselines, including updates, upgrades, policy administration, and validation for special access to segmented environments (both cloud and non-cloud).
• Develop and maintain detailed technical documentation, operational procedures, and configuration baselines.
• Actively support federal security and compliance requirements through rigorous engineering practices and under formal change control, audit, and security governance processes.