New

Mac Systems Engineer

TEKsystems
$55.00 - $60.00 / hr
life insurance, sick time, 401(k), retirement plan
United States, New York, New York
Jun 10, 2026
Description Role Overview We are seeking an experienced IT Systems Administrator (Contingent Worker) to serve as a high-autonomy execution partner within the IT organization. This role is designed for a versatile, hands-on administrator who can operate across the full breadth of an enterprise IT stack-with particular depth in device management and identity platforms. You will work in close coordination with the Senior Client Platform Engineer (FTE), who sets technical direction and architectural priorities. Your focus will be translating that direction into shipped work: configuring, maintaining, troubleshooting, automating, and documenting systems across device management, identity and access management, SaaS administration, and IT operations. Key Responsibilities Device Management & Fleet Operations * MDM administration: Build, maintain, and troubleshoot policies, configuration profiles, Smart Groups, Extension Attributes, scripts, and packages within Jamf Pro across a macOS fleet. * Fleet remediation: Investigate and resolve compliance drift, permissions issues, and configuration inconsistencies surfaced through monitoring, Smart Groups, or support escalations. * macOS lifecycle: Support OS migration campaigns, enrollment workflows, device provisioning (DEP/ADE), and hardware lifecycle processes. * Scripting & automation: Write production-quality bash/zsh/Python scripts for fleet operations, including Extension Attributes, remediation workflows, software deployment, and scheduled maintenance. * Endpoint visibility: Contribute to endpoint query and observability tooling (e.g., FleetDM/osquery) as assigned. Identity & Access Management * Okta administration: Execute SSO/SAML/OIDC application integrations, SCIM provisioning, group and lifecycle policy management, and access reviews. * Directory services: Support Google Workspace directory management, OU policy configuration, and admin console operations. * Access governance: Assist with Device Trust, conditional access policy configuration, and endpoint compliance enforcement initiatives. SaaS & General IT Administration * SaaS operations: Administer and support business-critical SaaS applications, including user provisioning, configuration, license management, and vendor-side troubleshooting. * IT process execution: Participate in change management, access request fulfillment, onboarding/offboarding automation, and operational runbook execution. * Security collaboration: Support security-driven initiatives, including access audits, endpoint hardening, extension/plugin policy enforcement, incident response tasks, and remediation of security vulnerabilities (e.g., CVE-driven tickets) as assigned. Operational & Cross-Functional * Backlog execution: Work from a prioritized task board (Jira), providing regular status updates and proactively flagging blockers. * Documentation: Produce clear runbooks, decision logs, and technical documentation for all completed work. * Async collaboration: Coordinate with Security, Engineering, and IT peers via Slack and other asynchronous channels, ensuring clear written handoffs across time zones. Required Qualifications * 7+ years of hands-on experience in IT systems administration, endpoint engineering, or a comparable infrastructure operations role. * Strong working knowledge of at least one enterprise MDM platform; direct Jamf Pro experience is strongly preferred and FleetDM second. * Experience administering Okta or a comparable enterprise identity provider, including SSO integrations, SCIM, and lifecycle management. * Proficiency in shell scripting (bash/zsh) for system automation; Python experience is a strong plus. * Familiarity with macOS administration, including system internals, MDM protocol behavior, profiles, and security frameworks. * Demonstrated ability to work independently and manage multiple concurrent tasks with minimal oversight. * Excellent written communication skills, with comfort operating asynchronously via Slack and Jira across time zones. Preferred Qualifications * Deep expertise in Jamf Pro: policies, profiles, Smart Groups, Extension Attributes, APIs (Classic + Pro), and package management. * Experience with Google Workspace admin console operations and directory management. * Experience with endpoint visibility platforms such as FleetDM, osquery, or similar tooling. * Familiarity with Zero Trust concepts, Device Trust, or certificate-based authentication workflows. * Comfort with Git-based workflows for script and configuration management, including branching strategies, pull requests, code review practices, and CI/CD workflows. * Background in SaaS-first, remote-first organizations. * Experience supporting developer-heavy environments and familiarity with developer tooling ecosystems. Skills Okta Workflows, JAMF, Bash Top Skills Details Okta Workflows,JAMF,Bash Additional Skills & Qualifications 6 month contract extendable, no promises but it could lead to a FTE role in the future. Looking for candidates sitting on Central Time or East Coast since most of engineering is in that time Zone. 900 end points. 100% Mac. JAMF 200 certified level, 300 would be optimal. Experience Level Intermediate Level Job Type & LocationThis is a Contract position based out of New York, NY. Pay and BenefitsThe pay range for this position is $55.00 - $60.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: * Medical, dental & vision * Critical Illness, Accident, and Hospital * 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available * Life Insurance (Voluntary Life & AD&D for the employee and dependents) * Short and long-term disability * Health Spending Account (HSA) * Transportation benefits * Employee Assistance Program * Time Off/Leave (PTO, Vacation or Sick Leave) Workplace TypeThis is a fully remote position. Application DeadlineThis position is anticipated to close on Jun 16, 2026. About TEKsystems We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, for all positions located in the city and county of San Francisco, we will consider for employment qualified applicants with arrest and conviction records. Massachusetts Lie Detector: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Use of Artificial Intelligence (AI): We may use Artificial Intelligence (AI) to support parts of our hiring process, including sourcing, screening, and evaluating candidates. AI helps assess applications and qualifications, but final decisions are made by our hiring team. By applying, you acknowledge and agree that your application may be reviewed using AI tools.