Systems Engineer

The Systems Engineer is responsible for designing, administering, securing, and continuously improving Apple device management solutions across the organization within the Microsoft Intune and Entra ID ecosystems. This role is the primary engineering owner for Apple platforms, including iPads, iPhones, NEO devices, and MacBooks, with a focus on secure, scalable, and as close to zero-touch provisioning as possible.

We are seeking a passionate systems engineering professional with strong experience supporting Apple endpoints in enterprise environments, including automated device enrollment, mobile device management, application deployment, identity integration, security baselines, and lifecycle management. This individual will work closely with Information Technology, business partners, security stakeholders, and vendors to modernize endpoint management, improve operational efficiency, and ensure Apple devices are provisioned, secured, monitored, and supported consistently across the organization.

The Systems Engineer will be instrumental in implementing and supporting Intune, Entra ID, Apple Business Manager, Microsoft 365 integrated authentication, MFA, Defender for Endpoint, conditional access, app protection policies, compliance policies, and related endpoint security solutions.

As a Systems Engineer, you will support the following areas:

• Design, implement, administer, and continuously improve Apple device management solutions within Microsoft Intune, Entra ID, and Apple Business Manager
• Own engineering standards for iPads, iPhones, NEO devices, and MacBooks, including enrollment, configuration, security, compliance, application deployment, and lifecycle management
• Implement and support zero-touch or near-zero-touch provisioning workflows for Apple endpoints, including Automated Device Enrollment, enrollment profiles, device configuration profiles, and user-driven provisioning
• Engineer and maintain secure Microsoft 365 integrated login experiences across Apple platforms, including Entra ID authentication, conditional access, MFA, SSO extensions, and app protection policies
• Deploy, manage, and support applications across Apple devices using Intune, including Microsoft 365 apps, business applications, required applications, available applications, and update policies
• Implement and maintain security baselines, compliance policies, device restrictions, encryption requirements, network configurations, certificates, Wi-Fi profiles, VPN profiles, and endpoint protection policies
• Support Microsoft Defender for Endpoint on Apple platforms, including deployment, configuration, monitoring, alerting, reporting, and remediation workflows
• Partner with security and infrastructure teams to ensure Apple endpoint solutions align with organizational security, compliance, logging, monitoring, and operational requirements
• Support identity and access management practices across Microsoft Entra ID, Google, and other enterprise systems as needed, including account lifecycle workflows, permissions, MFA, and access reviews
• Evaluate, implement, and support Microsoft, Apple, Google, and third-party solutions, including but not limited to Intune, Entra ID, Apple Business Manager, Defender for Endpoint, MFA, DLP, Chromebook console, and related endpoint management platforms
• Support large, distributed environments with a focus on automation, standardization, software patching, endpoint compliance, and platform stability
• Automate manual tasks and improve operational workflows using scripting and modern endpoint management practices
• Work closely with business partners, technical teams, and leadership to identify technology solutions that meet business, security, and operational requirements
• Meet deadlines and commitments, establish and measure SLAs, and ensure endpoint management services meet business needs
• Create, maintain, and improve technical documentation, operational procedures, deployment standards, support runbooks, and engineering diagrams
• Build strategic relationships with internal counterparts, external vendors, and service providers, holding them accountable for delivery and support expectations
• Implement and support required logging, alerting, reporting, and monitoring tools to provide visibility into endpoint health, compliance, security posture, uptime, and performance
• Establish standardized tools, configurations, and operational procedures for Apple endpoint management
• Work across third-party solution providers, understand business needs, define success metrics, and measure outcomes
• Multitask across several initiatives simultaneously while maintaining quality, security, and operational discipline
• Ensure concise and clear written and verbal communication
• Adhere to established standards, policies, and procedures
• Deliver outstanding human-centric customer service through all support, engineering, and operational efforts

About You:

• Bachelor's degree or equivalent experience
• Strong experience engineering and supporting Apple device management in enterprise environments, including iOS, iPadOS, and macOS
• Hands-on experience with Microsoft Intune for Apple device enrollment, configuration profiles, compliance policies, application deployment, app protection policies, and endpoint lifecycle management
• Experience with Apple Business Manager, Automated Device Enrollment, volume app assignment, managed Apple IDs, and Apple platform management best practices
• Experience integrating Apple endpoints with Microsoft Entra ID, Microsoft 365, MFA, conditional access, SSO, and identity-based security controls
• Experience with Microsoft Defender for Endpoint, endpoint compliance, security baselines, and device posture reporting
• Extensive experience with Identity Access Management best practices, implementation, reporting, and auditing
• Highly organized, able to multitask, with high attention to detail and the ability to prioritize
• Patient and active listener
• Ability to pass federal and state criminal background checks, including FBI/BCI
• Ability to think independently and contribute to the overall effort without significant direction
• Confident, self-motivated, and a true team player
• Successful individuals will be innovative, persuasive, creative, and have a genuine curiosity in their business partner’s business; goal and results oriented; optimistic; smart; value-added in mindset; proactive; and able to adapt easily to change
• Exceptional ability to communicate and foster positive business relationships
• Accountability and personal organization are essential
• Demonstrate leadership qualities and abilities
• Ability to establish milestones and ensure execution is on track
• Ability to analyze and optimize existing processes
• Strong scripting abilities within Microsoft cloud environments, Apple endpoint management workflows, and account management automation is preferred
• Experience with Google cloud environments, Chromebook console, and Google account management is preferred
• SharePoint permissions and administration experience preferred
• Cleveland or Columbus preferred

Compensation and Benefits: The compensation and benefits information below is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.

The annual starting salary for this position is between $90,000 – $110,000 annually.  Factors which may affect starting pay within this range may include geography/market, skills, education, experience and other qualifications of the successful candidate. 

We offer the following benefits for this position, subject to applicable eligibility requirements: medical insurance, dental insurance, vision insurance, 401(k) retirement plan, life insurance, long-term disability insurance, short-term disability insurance, 10 paid holidays annually.

Paid Time Off: Paid Time Off to cover sick, vacation, and personal absences.

We offer 4 unique health insurance plans to choose from that cover a wide range of deductibles and co- insurance levels. Our goal is to provide you with maximum choice in finding a plan that meets you and your family’s needs. Employees can choose from co-pay or High Deductible Health Plans.

EQUAL EMPLOYMENT OPPORTUNITY

It is our policy to abide by all federal, state and local laws prohibiting employment discrimination based solely on a person’s race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental and/or intellectual disability, age, military status, veteran status (including protected veterans), marital status, registered domestic partner or civil union status, familial status, gender (including sex stereotyping and gender identity or expression), medical condition, genetic information, sexual orientation, or any other protected status except where a reasonable, bona fide occupational qualification exists.