Mac System Administrator

This is a fully remote position, open to applicants in United States.

📋 Description

• Take ownership of the macOS endpoint platform, manage the identity provider and Google Workspace on a daily basis, and spearhead technical project initiatives.

• Oversee the complete macOS lifecycle, from imaging and deployment to refresh and retirement.

• Collaborate with the CISO and the MSP to triage endpoint detection and response alerts.

• Manage the identity provider (preferably Okta) on a daily basis across various groups, applications, SCIM provisioning, lifecycle workflows, and MFA policies.

• Provide in-depth administration of Google Workspace, including user management, group organization, organizational unit design, DLP rules, security center monitoring, Vault retention, and application access policies.

• Lead technical projects such as identity provider implementations, MDM migrations, integrations, and automation initiatives.

• Act as a Tier 3 escalation point for the managed service partner, addressing issues beyond their scope.

• Maintain thorough documentation and operate within an active HIPAA, SOC 2, and HiTrust environment.

⛳️ Requirements

• A minimum of 4 years of hands-on systems administration experience, with at least 2 years in a macOS-centric environment.

• Proficient understanding of macOS internals, command line operations, scripting in Bash and Python, along with strong troubleshooting skills.

• Relevant production experience with an enterprise MDM; Iru (formerly Kandji) is strongly preferred, although comparable experience with another MDM is acceptable.

• Extensive Google Workspace administration experience, including user and group management, DLP, security center, Vault, organizational unit design, and application access policies; superficial administrative experience is insufficient for this role.

• Familiarity with a modern identity provider, with a strong preference for Okta; SSO, MFA, SCIM provisioning, and lifecycle workflows should be part of your everyday vocabulary.

• Knowledge of endpoint detection and response systems, such as SentinelOne or similar alternatives.

• A strong commitment to documentation practices; we will seek evidence of this during the interview process.

🏝️ Benefits

• Accrual-based PTO.

• Options for Medical, Dental, Vision, and supplemental insurance.

• 401(k) Plan with a 3.5% Company Match.

• Company-provided equipment.