Senior Endpoint Engineer — JAMF & Linux Administration

Senior Endpoint Engineer — JAMF & Linux Administration#26-15448 $33.76-$44.66 per hour Palo Alto, CA Onsite Job Description Our client, is a Ev Manufacturing company, is looking for a Senior Endpoint Engineer — JAMF & Linux Administration for their Palo Alto, CA/Hybrid location.

Responsibilities:

Own and administer the JAMF Pro environment including device enrollment, configuration profiles, policies, patch management, and smart groups Manage the full Apple device lifecycle (macOS, iOS, iPadOS) from provisioning through decommissioning using JAMF and Apple Business Manager (ABM) Administer and maintain Linux endpoint device management across the enterprise fleet — including enrollment, configuration, compliance policies, and patch management for Linux endpoints using tools such as Canonical Landscape, Fleet, or similar Linux MDM solutions Design and enforce security baselines and compliance policies across macOS and Linux platforms Develop and maintain JAMF policies, scripts, and extension attributes to automate device management workflows Lead end-to-end deployment testing for all policy changes, OS updates, and software rollouts before production release Own software currency across the macOS and Linux fleet — managing patch cycles, OS upgrades, and application lifecycle management Manage and maintain the JAMF Self Service portal — ensuring apps and resources are correctly published and available to end users Write and maintain shell scripts and automation tooling to support system configuration, reporting, and remediation Partner with Security teams to ensure endpoint posture meets organizational and compliance requirements (e.g., CIS benchmarks, SOC 2) Follow and contribute to formal change management processes — including submitting RFCs, documenting changes, and communicating impact to stakeholders Troubleshoot complex endpoint issues across macOS and Linux environments, serving as the escalation point for junior team members Create and maintain technical documentation, runbooks, and SOPs for all managed platforms Evaluate emerging JAMF features, Apple platform updates, and Linux tooling to inform the team's roadmap

Requirements:

5+ years of experience in enterprise endpoint management with a strong focus on JAMF Pro administration Expert-level knowledge of macOS and iOS/iPadOS device management using JAMF Pro and Apple Business Manager Hands-on experience with Linux endpoint device management at scale including policy enforcement, software distribution, OS patching, and compliance reporting across Linux desktop/laptop fleets Proficiency in shell scripting (Bash) for automation, reporting, and system configuration Strong understanding of macOS and Linux security hardening, including CIS benchmarks and endpoint compliance frameworks Experience with JAMF Self Service, smart groups, extension attributes, and policy scoping Solid understanding of PKI, certificate management, and identity integration (LDAP, SSO, Okta, or similar) Strong working knowledge of change management principles and processes including submitting, documenting, and communicating changes through formal change control workflows (CAB, RFC, etc.) Experience working within ITSM frameworks such as ServiceNow or Jira Proven ability to lead end-to-end deployment testing with staged rollouts and rollback planning JAMF certifications: Jamf Certified Tech (JCT), Jamf Certified Admin (JCA), or Jamf 300/400 Experience with configuration management tools such as Ansible, Puppet, or Chef for Linux fleet management Familiarity with Microsoft Intune or other MDM platforms in a co-managed environment Experience with endpoint detection and response (EDR) tools such as CrowdStrike or SentinelOne on macOS and Linux Exposure to containerization and cloud environments (Docker, AWS, GCP) from an endpoint/infrastructure perspective Experience in a high-growth or manufacturing/tech company environment Deep technical expertise paired with a pragmatic, solutions-oriented approach Ability to operate independently and lead complex initiatives with minimal oversight Strong written and verbal communication skills able to document clearly and collaborate across Security, Engineering, and IT teams A proactive mindset identifying gaps and improving systems before they become problems Mentorship instincts and a willingness to elevate the broader team ICONMA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law.