Desktop System Software Engineer II

About The Position

Requirements

• 3–5 years of experience in a systems engineering, endpoint engineering, or desktop platform role (not generalist IT support)
• Deep hands-on experience with macOS (preferably) and/or Windows at a configuration and troubleshooting level beyond standard user support
• Demonstrated experience with one or more enterprise MDM platforms: Kandji/Iru, Jamf Pro, or Microsoft Intune
• Proficiency in at least one scripting language: Bash, Python, or PowerShell
• Hands-on experience diagnosing desktop application issues — including crash log analysis, OS permission models, app sandboxing, auto-update mechanisms, and the interaction between security tooling and application runtime behavior
• Familiarity with enterprise security tools (EDR, Zero Trust/CASB, identity platforms) and how they can affect desktop application behavior
• Ability to write clear, detailed bug reports and escalation summaries that product engineering teams can act on without requiring additional back-and-forth
• Strong written communication skills — able to produce runbooks, diagnostic guides, and engineering documentation

Nice To Haves

• Experience with Kandji/Iru specifically, including Blueprint architecture, Liftoff enrollment, and custom enforcement scripts
• Familiarity with Electron-based desktop applications and their specific packaging, update, and permission behaviors on macOS and Windows
• Experience with CrowdStrike Falcon, including understanding how sensor policies and network containment affect application-layer behavior
• Experience with Cloudflare Zero Trust / WARP in a managed enterprise environment and its impact on desktop app traffic
• Exposure to Okta device trust or certificate-based authentication flows as they relate to desktop application SSO
• Background working in a SaaS product company where IT and Engineering teams collaborate closely on end-user issues
• Experience using Qualys VMDR or similar vulnerability management tooling
• Familiarity with Jira Service Management for ticket and change management workflows

Responsibilities

• Collaborate and contribute on the strategy and execution of macOS and Windows endpoint configuration, policy enforcement, and lifecycle management via Kandji/Iru and/or Microsoft Intune
• Build, maintain, and iterate on device enrollment workflows, configuration profiles, compliance policies, and custom scripts
• Design and enforce software deployment, patch management, and application allowlisting/blocklisting strategies
• Collaborate with Security on EDR (CrowdStrike Falcon), Zero Trust (Cloudflare WARP/Gateway), and identity (Okta) integrations at the endpoint layer
• Maintain scripting libraries (Bash, Python, PowerShell) to automate endpoint management tasks and reduce manual intervention
• Serve as a primary technical escalation point for issues users experience within AlphaSense's desktop applications on managed endpoints
• Reproduce client-side issues across macOS and Windows versions, app build versions, and endpoint configurations to isolate root causes
• Investigate and diagnose desktop application behavior including crash analysis, rendering issues, performance degradation, update/upgrade failures, and OS-level permission or sandboxing conflicts
• Partner with product engineering teams to log detailed bug reports, provide environmental context, and validate fixes as they are released
• Capture crash logs, console output, network traces, and system-level diagnostics to accelerate resolution of complex application-layer problems
• Maintain a diagnostic runbook library covering common desktop application issues on Kandji/Iru- and Intune-managed devices
• Test new desktop application releases against the managed device baseline before broad rollout, flagging regressions early
• Monitor endpoint fleet health, identify systemic issues, and drive proactive remediation before issues impact users
• Contribute to internal tooling and automation to improve IT operations and reduce ticket volume
• Document configurations, processes, and runbooks in the team's knowledge base
• Participate in incident response for endpoint-related security events alongside the Security team

Benefits

• performance-based bonus
• equity
• generous benefits program