Senior Endpoint Engineer — JAMF & Linux Administration

Senior Endpoint Engineer — JAMF & Linux Administration

Our client, an Ev Manufacturing company, is looking for a Senior Endpoint Engineer for their Palo Alto, CA/Hybrid location.

Responsibilities:

• Own and administer the JAMF Pro environment including device enrollment, configuration profiles, policies, patch management, and smart groups
• Manage the full Apple device lifecycle (macOS, iOS, iPadOS) from provisioning through decommissioning using JAMF and Apple Business Manager (ABM)
• Administer and maintain Linux endpoint device management across the enterprise fleet — including enrollment, configuration, compliance policies, and patch management for Linux endpoints using tools such as Canonical Landscape, Fleet, or similar Linux MDM solutions
• Design and enforce security baselines and compliance policies across macOS and Linux platforms
• Develop and maintain JAMF policies, scripts, and extension attributes to automate device management workflows
• Lead end-to-end deployment testing for all policy changes, OS updates, and software rollouts before production release
• Own software currency across the macOS and Linux fleet — managing patch cycles, OS upgrades, and application lifecycle management
• Manage and maintain the JAMF Self Service portal — ensuring apps and resources are correctly published and available to end users
• Write and maintain shell scripts and automation tooling to support system configuration, reporting, and remediation
• Partner with Security teams to ensure endpoint posture meets organizational and compliance requirements (e.g., CIS benchmarks, SOC 2)
• Follow and contribute to formal change management processes — including submitting RFCs, documenting changes, and communicating impact to stakeholders
• Troubleshoot complex endpoint issues across macOS and Linux environments, serving as the escalation point for junior team members
• Create and maintain technical documentation, runbooks, and SOPs for all managed platforms
• Evaluate emerging JAMF features, Apple platform updates, and Linux tooling to inform the team's roadmap

Requirements:

• 5+ years of experience in enterprise endpoint management with a strong focus on JAMF Pro administration
• Expert-level knowledge of macOS and iOS/iPadOS device management using JAMF Pro and Apple Business Manager
• Hands-on experience with Linux endpoint device management at scale including policy enforcement, software distribution, OS patching, and compliance reporting across Linux desktop/laptop fleets
• Proficiency in shell scripting (Bash) for automation, reporting, and system configuration
• Strong understanding of macOS and Linux security hardening, including CIS benchmarks and endpoint compliance frameworks
• Experience with JAMF Self Service, smart groups, extension attributes, and policy scoping
• Solid understanding of PKI, certificate management, and identity integration (LDAP, SSO, Okta, or similar)
• Strong working knowledge of change management principles and processes including submitting, documenting, and communicating changes through formal change control workflows (CAB, RFC, etc.)
• Experience working within ITSM frameworks such as ServiceNow or Jira
• Proven ability to lead end-to-end deployment testing with staged rollouts and rollback planning
• JAMF certifications: Jamf Certified Tech (JCT), Jamf Certified Admin (JCA), or Jamf 300/400
• Experience with configuration management tools such as Ansible, Puppet, or Chef for Linux fleet management
• Familiarity with Microsoft Intune or other MDM platforms in a co-managed environment
• Experience with endpoint detection and response (EDR) tools such as CrowdStrike or SentinelOne on macOS and Linux
• Exposure to containerization and cloud environments (Docker, AWS, GCP) from an endpoint/infrastructure perspective
• Experience in a high-growth or manufacturing/tech company environment
• Deep technical expertise paired with a pragmatic, solutions-oriented approach
• Ability to operate independently and lead complex initiatives with minimal oversight
• Strong written and verbal communication skills able to document clearly and collaborate across Security, Engineering, and IT teams
• A proactive mindset identifying gaps and improving systems before they become problems
• Mentorship instincts and a willingness to elevate the broader team

Why Should You Apply?

• Health Benefits
• Referral Program
• Excellent growth and advancement opportunities

ICONMA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law.