Senior Microsoft Intune Architect (macOS & Apple Specialist)
Posted 2026-05-06
Remote, USA
Full-time
Immediate Start
- *Senior Microsoft Intune Architect (macOS & Apple Specialist)**
- *Remote (Strictly EST) |**
- *12 Months+ | 40,000+ Devices**
- We are seeking a hands-on
- *Architect**
- to lead the design and implementation of an enterprise-grade Apple management environment within Microsoft Intune. You will own the technical strategy for a massive macOS fleet (alongside iOS and Windows), ensuring seamless integration with Apple Business Manager and modern deployment workflows.
- * Key Responsibilities**
- **Apple-First Architecture:**
- Design and lead the technical architecture for macOS, iOS, and iPadOS within Intune, leveraging
- *Apple Business Manager (ABM)**
- and
- *Automated Device Enrollment (ADE)**
- .
- **Modern Management:**
- Implement
- *Declarative Device Management (DDM)**
- and Platform SSO to modernize the Mac user experience and security posture.
- **Policy & Profile Engineering:**
- Design configuration profiles (system extensions, kernel extensions, TCC) and
- *Shell Scripts**
- to manage complex macOS settings not natively in the Intune UI.
- **Application Lifecycle:**
- Drive the end-to-end strategy for Mac app deployment using
- *PKG, DMG, VPP (Volume Purchase Program),**
- and third-party patching tools.
- **Identity & Security Integration:**
- Integrate Intune with
- *Azure AD (Entra ID)**
- and
- *Conditional Access**
- to enforce compliance-based access for Apple endpoints.
- **Security Posture:**
- Establish endpoint security controls including
- *FileVault encryption**
- , Microsoft Defender for Endpoint (macOS), and Gatekeeper management.
- **Automation & Graph API:**
- Utilize
- *PowerShell, Bash, and Microsoft Graph API**
- to automate device lifecycle tasks, reporting, and custom remediation.
- **Hybrid Fleet Support:**
- Oversee the integration of Windows (Autopilot) and Mobile (Android Enterprise) into a unified, secure, and scalable global tenant.
- **Compliance Governance:**
- Define RBAC, tenant design, and
- *Compliance Policies**
- to ensure all Apple devices meet strict enterprise and manufacturing-sector standards.
- **Technical Leadership:**
- Mentor deployment engineers and collaborate with Networking/Security teams to ensure a seamless "Zero Touch" rollout.
- *Qualifications**
- **Expertise:**
- 5+ years of experience architecting
- *Microsoft Intune**
- specifically for
- *macOS**
- at an enterprise scale (10,000+ nodes).
- **Deep Knowledge:**
- Expert-level understanding of Apple-specific frameworks (APNs, ADE, VPP, and Configuration Profiles).
- **Scripting:**
- Proficient in
- *Bash**
- and
- *Zsh**
- for macOS customization and
- *PowerShell**
- for Intune/Graph API automation.
- **Security:**
- Strong background in Microsoft Defender for Endpoint and Conditional Access.
- **Environment:**
Experience in Manufacturing/Lab environments is a plus.