Addrovia Technologies
Senior Macos/Intune MDM Engineer
β - Featured Role | Apply direct with Data Freelance Hub
This role is for a Senior macOS/Intune MDM Engineer in Denver, Colorado, for 6 months. Pay rate is unspecified. Requires 5+ years in macOS management, 3+ years with Intune, and expertise in Apple Business Manager, security protocols, and scripting.
π - Country
United States
π± - Currency
$ USD
-
π° - Day rate
Unknown
-
ποΈ - Date
April 8, 2026
π - Duration
More than 6 months
-
ποΈ - Location
On-site
-
π - Contract
Unknown
-
π - Security
Unknown
-
π - Location detailed
United States
-
π§ - Skills detailed
#MDM (Master Data Management) #SAML (Security Assertion Markup Language) #Documentation #Scripting #Computer Science #Compliance #Defender #Bash #Vault #Python #Azure #Leadership #Debugging #iOS #Kerberos #API (Application Programming Interface) #Deployment #Graph API #Monitoring #Strategy #Security
Role description
ο»ΏJob Title:β Senior macOS Intune MDM/MAM Engineer
Location: Denver Colorado
Duration: 06 Months
Visa: USC, GC
Moi: Skype
Position Overview
We are seeking a Senior Engineer to lead enterprise macOS device management using Microsoft Intune (Endpoint Manager). This role focuses on secure deployment, configuration, and lifecycle management of Apple devices, leveraging Apple Business Manager (ABM) and Automated Device Enrollment (ADE) for zero-touch provisioning.
The engineer will design and implement advanced security controls including passwordless authentication, FileVault encryption, and Single Sign-On (SSO), ensuring seamless integration with Microsoft Entra ID and adherence to Zero Trust principles.
Key Responsibilities
1. macOS Endpoint Management
β’ Manage full lifecycle of macOS devices via Intune MDM
β’ Configure policies, compliance rules, and profiles
β’ Ensure performance, security, and user experience standards
1. Apple Business Manager & ADE
β’ Integrate Intune with Apple Business Manager
β’ Manage ADE (DEP) for zero-touch Mac provisioning
β’ Oversee enrollment profiles and device onboarding
1. Mobile Application Management (MAM)
β’ Deploy and manage macOS apps via Intune
β’ Use VPP for app distribution
β’ Enforce app protection policies for corporate & BYOD devices
1. Passwordless Authentication & SSO
β’ Implement passwordless login (Secure Enclave, passkeys)
β’ Configure Platform SSO using Microsoft Enterprise SSO plug-in
β’ Enable seamless Azure AD authentication (PRT-based access)
1. Device Security & Encryption
β’ Enforce FileVault disk encryption with key escrow
β’ Utilize Secure Enclave & Apple Silicon security features
β’ Deploy Microsoft Defender for Endpoint
β’ Apply compliance and endpoint protection policies
1. BYOD Management
β’ Develop strategies for managing personal macOS devices
β’ Implement MAM policies for data protection
β’ Enforce conditional access for secure resource usage
1. Identity & SSO Integration
β’ Manage SSO integrations across apps and browsers
β’ Deploy SSO extensions and plugins
β’ Align macOS authentication with Entra ID, MFA, and Conditional Access
1. Security Best Practices
β’ Apply Zero Trust and least-privilege principles
β’ Monitor identity threats (e.g., password spray attacks)
β’ Implement identity protection controls (MFA, Smart Lockout)
1. Troubleshooting & Support
β’ Resolve Intune enrollment, SSO, and FileVault issues
β’ Troubleshoot SecureToken and authentication problems
β’ Provide root cause analysis and long-term fixes
1. Documentation & Leadership
β’ Create runbooks, guides, and policies
β’ Train IT teams and mentor junior staff
β’ Evaluate new Microsoft and Apple features
Required Qualifications
Education & Experience
β’ Bachelorβs degree in IT, Computer Science, or related field
β’ 5+ years macOS enterprise management
β’ 3+ years hands-on Intune experience
Technical SkillsIntune & MDM
β’ Strong expertise in Intune MDM/MAM for macOS
β’ Experience with configuration profiles, compliance, and policies
Apple Ecosystem
β’ Hands-on experience with Apple Business Manager & ADE
β’ Knowledge of Apple MDM protocols and deployment workflows
macOS Security
β’ FileVault encryption and key management
β’ Secure Enclave, SecureToken, Touch ID
β’ Endpoint hardening and compliance
Identity & Access Management
β’ Strong experience with Microsoft Entra ID (Azure AD)
β’ SSO protocols (SAML, OAuth, OIDC, Kerberos)
β’ Conditional Access and MFA implementation
β’ Identity protection and risk mitigation
Scripting & Troubleshooting
β’ Bash, PowerShell, or Python scripting
β’ Experience with Microsoft Graph API
β’ Strong debugging and problem-solving skills
Communication
β’ Strong documentation and training skills
β’ Ability to collaborate across teams
β’ Experience handling enterprise incidents
Preferred QualificationsCertifications
β’ Microsoft 365 Certified (Modern Desktop / Enterprise Admin / Identity)
β’ Apple certifications (ACSP or equivalent)
Security Frameworks
β’ Knowledge of Zero Trust, NIST, CIS benchmarks
Additional Experience
β’ Microsoft Defender for Endpoint (macOS)
β’ Azure AD security (PIM, MFA, Conditional Access)
β’ Experience with iOS/iPadOS or cross-platform MDM
β’ Exposure to SIEM tools (e.g., Microsoft Sentinel)
Key Skills Summary
β’ Intune macOS MDM & MAM
β’ Apple Business Manager & ADE
β’ FileVault, Secure Enclave, endpoint security
β’ Passwordless authentication & SSO
β’ Entra ID, Conditional Access, MFA
β’ BYOD strategy & app protection
β’ Identity threat monitoring & Zero Trust
ο»ΏJob Title:β Senior macOS Intune MDM/MAM Engineer
Location: Denver Colorado
Duration: 06 Months
Visa: USC, GC
Moi: Skype
Position Overview
We are seeking a Senior Engineer to lead enterprise macOS device management using Microsoft Intune (Endpoint Manager). This role focuses on secure deployment, configuration, and lifecycle management of Apple devices, leveraging Apple Business Manager (ABM) and Automated Device Enrollment (ADE) for zero-touch provisioning.
The engineer will design and implement advanced security controls including passwordless authentication, FileVault encryption, and Single Sign-On (SSO), ensuring seamless integration with Microsoft Entra ID and adherence to Zero Trust principles.
Key Responsibilities
1. macOS Endpoint Management
β’ Manage full lifecycle of macOS devices via Intune MDM
β’ Configure policies, compliance rules, and profiles
β’ Ensure performance, security, and user experience standards
1. Apple Business Manager & ADE
β’ Integrate Intune with Apple Business Manager
β’ Manage ADE (DEP) for zero-touch Mac provisioning
β’ Oversee enrollment profiles and device onboarding
1. Mobile Application Management (MAM)
β’ Deploy and manage macOS apps via Intune
β’ Use VPP for app distribution
β’ Enforce app protection policies for corporate & BYOD devices
1. Passwordless Authentication & SSO
β’ Implement passwordless login (Secure Enclave, passkeys)
β’ Configure Platform SSO using Microsoft Enterprise SSO plug-in
β’ Enable seamless Azure AD authentication (PRT-based access)
1. Device Security & Encryption
β’ Enforce FileVault disk encryption with key escrow
β’ Utilize Secure Enclave & Apple Silicon security features
β’ Deploy Microsoft Defender for Endpoint
β’ Apply compliance and endpoint protection policies
1. BYOD Management
β’ Develop strategies for managing personal macOS devices
β’ Implement MAM policies for data protection
β’ Enforce conditional access for secure resource usage
1. Identity & SSO Integration
β’ Manage SSO integrations across apps and browsers
β’ Deploy SSO extensions and plugins
β’ Align macOS authentication with Entra ID, MFA, and Conditional Access
1. Security Best Practices
β’ Apply Zero Trust and least-privilege principles
β’ Monitor identity threats (e.g., password spray attacks)
β’ Implement identity protection controls (MFA, Smart Lockout)
1. Troubleshooting & Support
β’ Resolve Intune enrollment, SSO, and FileVault issues
β’ Troubleshoot SecureToken and authentication problems
β’ Provide root cause analysis and long-term fixes
1. Documentation & Leadership
β’ Create runbooks, guides, and policies
β’ Train IT teams and mentor junior staff
β’ Evaluate new Microsoft and Apple features
Required Qualifications
Education & Experience
β’ Bachelorβs degree in IT, Computer Science, or related field
β’ 5+ years macOS enterprise management
β’ 3+ years hands-on Intune experience
Technical SkillsIntune & MDM
β’ Strong expertise in Intune MDM/MAM for macOS
β’ Experience with configuration profiles, compliance, and policies
Apple Ecosystem
β’ Hands-on experience with Apple Business Manager & ADE
β’ Knowledge of Apple MDM protocols and deployment workflows
macOS Security
β’ FileVault encryption and key management
β’ Secure Enclave, SecureToken, Touch ID
β’ Endpoint hardening and compliance
Identity & Access Management
β’ Strong experience with Microsoft Entra ID (Azure AD)
β’ SSO protocols (SAML, OAuth, OIDC, Kerberos)
β’ Conditional Access and MFA implementation
β’ Identity protection and risk mitigation
Scripting & Troubleshooting
β’ Bash, PowerShell, or Python scripting
β’ Experience with Microsoft Graph API
β’ Strong debugging and problem-solving skills
Communication
β’ Strong documentation and training skills
β’ Ability to collaborate across teams
β’ Experience handling enterprise incidents
Preferred QualificationsCertifications
β’ Microsoft 365 Certified (Modern Desktop / Enterprise Admin / Identity)
β’ Apple certifications (ACSP or equivalent)
Security Frameworks
β’ Knowledge of Zero Trust, NIST, CIS benchmarks
Additional Experience
β’ Microsoft Defender for Endpoint (macOS)
β’ Azure AD security (PIM, MFA, Conditional Access)
β’ Experience with iOS/iPadOS or cross-platform MDM
β’ Exposure to SIEM tools (e.g., Microsoft Sentinel)
Key Skills Summary
β’ Intune macOS MDM & MAM
β’ Apple Business Manager & ADE
β’ FileVault, Secure Enclave, endpoint security
β’ Passwordless authentication & SSO
β’ Entra ID, Conditional Access, MFA
β’ BYOD strategy & app protection
β’ Identity threat monitoring & Zero Trust
