Mac Systems Engineer (JAMF / Apple Endpoint Management)

How you move is why we’re here. ®
Now more than ever.

Get back to what you need and love to do.
The possibilities are endless...

Now more than ever, our guiding principles are helping us in our search for exceptional talent - candidates who align with our unique workplace culture and who want to maximize the abundant opportunities for growth and success.

If this describes you then let’s talk!

HSS is consistently among the top-ranked hospitals for orthopedics and rheumatology by U.S. News & World Report. As a recipient of the Magnet Award for Nursing Excellence, HSS was the first hospital in New York City to receive the distinguished designation. Whether you are early in your career or an expert in your field, you will find HSS an innovative, supportive and inclusive environment.

Working with colleagues who love what they do and are deeply committed to our Mission, you too can be part of our transformation across the enterprise.

Emp Status

Regular Full time

Work Shift

Day (United States of America)

Compensation Range

The base pay scale for this position is $35.16 - $53.71. In addition, this position will be eligible for additional benefits consistent with the role. The salary of the finalist selected for this role will be determined based on various factors, including but not limited to: scope of role, level of experience, education, accomplishments, internal equity, budget, and subject to Fair Market Value evaluation. The hiring range listed is a good faith determination of potential compensation at the time of this job advertisement and may be modified in the future.

What you will be doing

JOB DESCRIPTION

Position Summary

The Mac Systems Engineer is responsible for the design, implementation, and ongoing management of Apple endpoint infrastructure, with a primary focus on Jamf Pro. This role ensures secure, scalable, and automated lifecycle management of macOS devices in an enterprise environment. The engineer partners with security, infrastructure, and end-user computing teams to deliver a seamless and compliant Apple user experience.

Key Responsibilities

Endpoint Management & Engineering

• Administer and maintain Jamf Pro for macOS device lifecycle management
• Design and implement macOS provisioning workflows using zero-touch deployment (e.g., Apple Business Manager)
• Develop and maintain configuration profiles, policies, and compliance baselines
• Manage OS upgrades, patching, and application deployment

Automation & Scripting

• Develop automation using Bash, Python, or Zsh scripting
• Create custom scripts for device configuration, remediation, and reporting
• Integrate JAMF with enterprise tools (identity, security, ticketing systems)

Security & Compliance

• Enforce endpoint security policies aligned with corporate standards
• Implement disk encryption (FileVault), compliance monitoring, and remediation
• Integrate macOS endpoints with identity providers (e.g., Microsoft Entra ID, Okta)
• Support vulnerability remediation and audit readiness

Application & Patch Management

• Package, deploy, and maintain macOS applications
• Maintain application catalog and self-service portal
• Monitor and remediate patch compliance across macOS fleet

User Experience & Support

• Partner with Service Desk and Desktop Engineering teams to support Mac users
• Troubleshoot advanced macOS issues and escalations
• Improve onboarding and device provisioning experience

Monitoring & Reporting

• Develop dashboards and reporting for compliance, inventory, and patch status
• Track key metrics (device health, patch compliance, policy success rates)
• Provide reporting for audits and leadership reviews

Required Qualifications

• 3–5+ years of experience managing macOS in an enterprise environment
• Hands-on experience with Jamf Pro
• Strong understanding of macOS architecture and administration
• Experience with scripting (Bash, Python, or Zsh)
• Experience with Apple device enrollment and management via Apple Business Manager
• Knowledge of endpoint security controls and compliance frameworks

Preferred Qualifications

• Experience integrating macOS with identity providers such as Microsoft Entra ID or Okta
• Familiarity with MDM concepts and frameworks
• Experience with enterprise tools (e.g., ServiceNow, Intune, endpoint security platforms)
• JAMF certifications (e.g., JAMF 200/300/400/JAMF Pro)
• Experience in regulated environments (e.g., healthcare, finance)

Non-Discrimination Policy
Hospital for Special Surgery is committed to providing high quality care and skilled, compassionate, reliable service to our community in a safe and healing environment. Consistent with this commitment, Hospital for Special Surgery provides care, admits, and treats patients and provides all services without regard to age, race, color, creed, ethnicity, religion, national origin, culture, language, physical or mental disability, socioeconomic status, veteran or military status, marital status, sex, sexual orientation, gender identity or expression, or any other basis prohibited by federal, state, or local law or by accreditation standards.