Senior MDM Engineer

The Role

We’re looking for a Senior MDM Engineer to own and drive the strategy, automation, and day-to-day management of our endpoint fleet across Windows and macOS platforms. You will be a senior member of the team responsible for building and maintaining the “Zero Touch” device experience for every SolarWinds employee.

This isn’t a break-fix role. You’ll be engineering the platform that makes laptops just work — from unboxing to retirement. You’ll partner closely with Director of User Experience, the Global Helpdesk, and IT leadership to keep our endpoints secure, compliant, and frictionless.

What You’ll Do

Endpoint Management & Strategy

• Own and mature our Microsoft Intune environment — Autopilot profiles, compliance policies, configuration profiles, Autopatch rings, and Conditional Access integration via Entra ID.
• Own and mature our JAMF Pro environment — automated enrollment (DEP/ABM), Self Service policies, JAMF Connect, scripting, and smart/static group management.
• Architect and maintain the Intune + JAMF integration (JAMF as Management Authority, Intune as Compliance Authority) to enforce a single security posture across platforms.
• Design, test, and deploy Zero Touch provisioning workflows for both Windows (Autopilot) and macOS (DEP/ABM + JAMF) so new hires are productive from day one.

Security & Compliance

• Build and enforce device compliance policies aligned with security requirements — encryption, OS currency, antivirus status, Conditional Access gating.
• Partner with Our Security Teams to remediate endpoint vulnerabilities, deploy emergency patches, and manage security agent deployments (SentinelOne, Microsoft Defender).
• Manage Endpoint Privilege Management (Admin By Request) policies and Intune RBAC roles.
• Support audit and compliance requirements by maintaining clean device inventories and accurate reporting.

Lifecycle & Operations

• Manage full device lifecycle: enrollment → provisioning → patching → compliance monitoring → retirement/wipe.
• Maintain and improve application packaging and deployment pipelines for both platforms.
• Handle Tier 3 escalations from the Global Helpdesk related to MDM, device provisioning, and platform issues.
• Develop and maintain Knowledge Base articles and runbooks to enable Helpdesk shift-left on common MDM issues.

Automation & Continuous Improvement

• Write and maintain PowerShell and Bash/Shell scripts to automate device management tasks, reporting, and remediation.
• Build dashboards and reporting (e.g., compliance rates, enrollment success, OS version distribution, patch status) to track fleet health.
• Identify opportunities to reduce ticket volume through proactive policy, self-healing scripts, and improved self-service options.
• Contribute to sprint-based project work (MDM team runs Jira sprints) for platform improvements and security initiatives.

Qualifications

• 5+ years of hands-on experience managing endpoints at scale in a corporate environment.
• Deep expertise in Microsoft Intune — Autopilot, compliance policies, configuration profiles, Autopatch, Conditional Access, Entra ID integration.
• Deep expertise in JAMF Pro — DEP enrollment, Self Service, JAMF Connect, configuration profiles, smart groups, scripting (Bash/Shell).
• Strong understanding of Apple Business Manager (ABM) and the Apple device lifecycle.
• Solid experience with Windows 10/11 and macOS administration and troubleshooting.
• Proficiency scripting in PowerShell and Bash/Shell for automation and reporting.
• Understanding of Entra ID (Azure AD), Conditional Access, and modern identity-driven security models.
• Familiarity with endpoint security tooling — EDR, privilege management, encryption enforcement.
• Strong documentation habits — you write the KB article before someone asks.
• Relevant certifications: Microsoft Certified (Intune/Endpoint Manager), JAMF 200/300/370, Apple Certified.