The Apple/macOS Engineer is responsible for engineering and maintaining the secure macOS endpoint environment, including workstation image development, macOS baseline configuration, JAMF administration, Apple Business Manager integration, macOS device enrollment, patching, compliance, authentication support, logging, and operational documentation. This role ensures that macOS endpoints used by on-site and remote users are securely configured, consistently provisioned, fully inventoried, and integrated with VDI, authentication, monitoring, and incident response requirements.ResponsibilitiesDesign, build, maintain, and harden standard macOS workstation images for on-site and remote/VDI use.Engineer and maintain secure macOS baseline configurations, compliance settings, and lifecycle controls.Administer JAMF Pro and Apple Business Manager enrollment and provisioning workflows for macOS devices.Support macOS device provisioning, policy deployment, software distribution, patching, configuration drift remediation, and secure decommissioning.Integrate macOS endpoint images and device configurations with VDI access requirements, security agents, logging agents, and authentication controls.Support passwordless authentication and hardware-backed credentials, where approved, for macOS users and privileged accounts.Configure and validate macOS logging and telemetry, including Unified Logs, endpoint agent reporting, and forwarding of relevant logs to SIEM/EDR platforms.Develop runbooks for macOS imaging, enrollment, patch validation, troubleshooting, and recovery.Assist with forensic collection support, audit readiness, and post-change validation for macOS endpoints.Provide technical guidance to the Engineer, Cloud Service Desk Representative, and company stakeholders on macOS endpoint architecture, security posture, and supportability.QualificationsCORE Qualifications: Bachelor’s degree in IT, Cybersecurity, or related field preferred; equivalent experience acceptableMust possess an active or interim Top Secret security clearance8+ years of experience in IT, Endpoint Engineering, or Cybersecurity6+ years of experience performing engineering functions in enterprise environmentsExperience working under formal change control, audit, and security governance processesAdditional Qualifications: Experience building and maintaining macOS workstation imagesExperience engineering secure macOS baseline configurations for remote and on-site usersExperience integrating macOS endpoints with VDI clients, authentication agents, EDR/AV tools, and logging agentsExperience validating image integrity and supporting image release, rollback, and testingExperience using JAMF Pro for macOS endpoint managementExperience with Apple Business Manager for enrollment and provisioning workflowsExperience managing macOS device enrollment, compliance, software deployment, and lifecycle operationsExperience supporting FileVault/recovery key escrow, device wipe, reassignment, and decommissioningExperience configuring and supporting macOS Unified LogsExperience validating forwarding of macOS logs and telemetry to SIEM/EDR platformsExperience supporting secure authentication methods, including hardware-backed credentials where approvedExperience with macOS compliance monitoring, baseline drift remediation, and audit support