Senior Mac Systems Engineer

About The Position

Requirements

• 7+ years managing macOS at scale in a fast-moving engineering organization.
• Deep production experience with at least one major MDM (Jamf, Kandji, Mosyle, SimpleMDM, Workspace ONE, or similar).
• A strong automation instinct; reaching for code before consoles.
• Practical experience applying AI and LLM-based tooling to real IT and operations problems.
• Strong scripting and software development skills (Python, Go, Bash, or Swift).
• Hands-on experience with infrastructure as code and modern DevOps practices: Terraform, Git-based workflows, CI/CD, code review.
• Working knowledge of endpoint telemetry and device trust tooling: osquery, Fleet, Kolide, Munki, AutoPkg, or comparable open-source ecosystems.
• Deep understanding of Apple's management surface area: declarative device management, MDM protocol, configuration profiles, FileVault, Gatekeeper, system extensions, and Apple Silicon implications.
• Experience running a macOS hardware lifecycle program at scale: forecasting, procurement, asset management, refresh planning, and end-of-life logistics.
• Identity and access fluency: Okta, SSO, SCIM, certificate-based authentication.
• A track record of replacing manual or vendor-locked workflows with automated, observable, and testable systems.
• Excellent written communication skills (RFCs, vendor evaluations, runbooks).

Nice To Haves

• Active participant in the MacAdmins community, Penn State Slack, MacDevOpsYVR, MacSysAdmin, or similar.
• Open-source contributions to projects like Munki, Nudge, AutoPkg, osquery, Fleet, swiftDialog, or own published tooling.
• Experience building or deploying agentic AI workflows in a production IT or operations context.
• Experience standing up or significantly improving a Zero Trust device-trust program.
• Background supporting compliance frameworks such as CMMC, SOC 2, ISO 27001, or FedRAMP.
• Familiarity with managing Windows or Linux endpoints alongside Mac (Intune, Jamf Pro for iOS, Fleet on Linux).
• Experience integrating endpoint data into a broader security data lake or SIEM.

Responsibilities

• Own Postman's macOS fleet management strategy and execution: provisioning, configuration, patching, telemetry, and lifecycle.
• Treat infrastructure as code, managing endpoint configuration, automation, and integrations through version-controlled, peer-reviewed code.
• Lead automation as a first-class engineering discipline, identifying and replacing manual workflows with reliable, observable, testable automation.
• Apply AI and agentic systems pragmatically across IT operations: triage, remediation, knowledge surfacing, vendor analysis, and developer self-service.
• Own the macOS hardware lifecycle end to end: demand forecasting, procurement strategy, depot and inventory operations, refresh cycles, warranty and AppleCare programs, and responsible end-of-life and sustainability practices.
• Continuously evaluate the endpoint stack, identifying limitations, prototyping alternatives, and leading migrations.
• Build internal tooling where vendors fall short: inventory pipelines, compliance reporting, automated remediation, and self-service workflows for engineers.
• Partner with Security, GRC, and IT Operations to deliver controls that satisfy CMMC Level 2 and other compliance frameworks.
• Design and operate the telemetry layer for endpoint visibility using tools like osquery, Fleet, or Kolide.
• Mentor IT Systems Administrators and partner with adjacent teams on cross-functional initiatives.
• Act as the senior technical voice in vendor evaluations, contract negotiations, and architecture decisions for the Mac fleet.

Benefits

• Full medical coverage
• Flexible PTO
• Wellness reimbursement
• Monthly lunch stipend
• Wellness programs
• Frequent and fascinating team-building events
• Donation-matching program