Apetan Consulting LLC · 1 day ago
Senior macOS Endpoint Engineer
Downers Grove, IL
Contract
Onsite
Mid, Senior Level
3+ years expApetan Consulting LLC is expanding macOS as a first class platform and is seeking a Mac Endpoint Engineer to build and harden a modern, Intune managed Mac environment. The role focuses on delivering zero touch enrollment, macOS application packaging for Intune, and ensuring compliance and security posture in a hands-on engineering capacity.
Information Technology
Responsibilities
Design, standardize, and operate zero touch enrollment with Apple Business Manager (ABM) + Automated Device Enrollment (ADE)—from PreStage to post enrollment remediations
Establish a predictable first sign in flow leveraging PSSO and Intune so every new Mac enrolls, configures, and signs in the same way every time
Continuously identify improvements to enrollment flows, bootstrap content, and post enrollment automations
Lead macOS packaging for Intune (PKG/DMG with pre/post install scripts), including detection rules, dependencies, retries, and uninstallers
Build a sustainable approach for third party apps at scale (staged rings, rollback plans, and change control)
Partner with App Packaging and QA to standardize versioning, testing, and release notes
Operate within established baseline configuration and compliance policies in Intune; propose optimizations where they improve reliability or user experience
Implement and maintain controls aligned to the CIS benchmark for macOS; partner with InfoSec (policy owners) while owning configuration and enforcement
Integrate and support endpoint/security agents and posture: Entra ID, Defender for Endpoint (DLP), CrowdStrike, CyberArk EPM, Qualys, and GlobalProtect ZTNA
Use scripting (choose the right tool for macOS—e.g., bash/zsh/Python/PowerShell for Graph) to automate provisioning, remediations, health checks, and reporting
Leverage Intune compliance dashboards to publish actionable metrics (enrollment success, first sign in duration, compliance drift, packaging SLA)
Produce clear KB/how to articles and contribute to knowledge transfer with Support Services; provide periodic Tier 3 guidance (no on call)
Work with Identity, Security, Networking, and Support to ready the platform for go live and scale beyond the initial fleet
Provide feedback on standards, guardrails, and SOPs to ensure stability as adoption grows across the US user base
Qualification
Required
3–5 years of enterprise macOS MDM management (e.g., Intune, Jamf, or other Apple focused MDMs)
Demonstrated expertise in macOS app packaging for Intune (PKG/DMG, scripts, detection/uninstall logic, rings, rollback)
Strong zero touch/ADE experience and hands on PSSO implementation for first sign in
Practical scripting for macOS engineering (bash/zsh/Python/PowerShell for Graph as applicable)
Proven experience enforcing controls aligned to CIS macOS with Intune configuration/compliance policies
Familiarity with enterprise security agents and posture tooling: Defender for Endpoint, CrowdStrike, CyberArk EPM, Qualys, GlobalProtect
Excellent documentation skills; ability to produce KB/how tos and perform knowledge transfer to Support
Preferred
Experience building repeatable, self healing remediations (post enrollment, drift correction, telemetry driven fixes)
iOS/iPadOS management exposure (Intune/ABM/VPP)—bonus only; role remains macOS focused
Familiarity with Conditional Access integrations for macOS via Entra ID
Awareness of Apple management trends (e.g., evolving PSSO support, modern macOS security/privacy controls)
Company
Apetan Consulting LLC
We are a prominent executive search & selection company, providing a wide range of recruitment solutions for various requirements.
201-500 employees
Funding
Current Stage
Growth StageCompany data provided by crunchbase