Manager, Lead Specialist, Mac Service

We're looking for an Enterprise Mac Administrator to own the day-to-day administration and ongoing improvement of our macOS fleet in a large-scale enterprise environment. You will manage device lifecycle operations through Jamf Pro, partner closely with Security and IT teams, and help deliver a reliable, secure, and high-quality Mac user experience., * Administer and scale Jamf Pro for enterprise macOS management (policies, configuration profiles, smart groups, scripts, packages, and scope).

• Own Mac lifecycle management: provisioning (DEP/Automated Device Enrollment), onboarding, software deployment, patching, compliance, and deprovisioning.
• Build and maintain standard macOS builds and baseline configurations aligned to security and operational requirements.
• Develop and maintain automation (e.g., shell scripting) for deployments, self-service workflows, configuration, and remediation.
• Operate and continuously improve patch management (Apple updates and 3rd-party apps), including testing, phased rollouts, and reporting.
• Integrate Jamf Pro with enterprise systems as applicable (e.g., IdP/SSO, certificate services, security tooling, inventory/CMDB, ticketing).
• Partner with Security/Compliance to implement and report on controls (encryption/FileVault, OS version enforcement, local admin controls, endpoint hardening).
• Troubleshoot escalated macOS issues (enrollment, policy failures, profile conflicts, software install issues, network/VPN/cert problems).
• Maintain clear documentation, runbooks, and operational metrics; participate in change management and release planning.
• Provide Tier 2/3 support and guidance to Service Desk and desktop teams; contribute to knowledge articles and training.

• Strong experience managing macOS in an enterprise environment (hundreds/thousands of endpoints).
• Hands-on administration of Jamf Pro (policies, profiles, inventory, scoping, packaging, Self Service).
• Strong macOS troubleshooting skills (profiles, keychain/certs, networking, permissions, launch agents/daemons, logs).
• Scripting/automation experience (e.g., Bash/zsh; ability to read/modify scripts confidently).
• Experience with Apple Business Manager (ABM) and Automated Device Enrollment (DEP), plus VPP/Apps & Books workflows.
• Familiarity with security fundamentals for endpoints (FileVault, OS update strategy, baseline hardening, least privilege).

Preferred:

• Jamf 300/400 (or equivalent real-world expertise), Jamf Protect experience.
• Experience integrating Jamf with Okta/Azure AD/Entra ID, SSO, Conditional Access, or device compliance signals.
• Packaging experience (Composer, munki concepts, PKG workflows) and testing/rollback strategies.
• Experience with macOS security frameworks/baselines (e.g., CIS benchmarks) and audit reporting.
• Familiarity with endpoint security/EDR tools and Mac troubleshooting in regulated environments.
• ITIL-based operations, change control, and service management tooling (ServiceNow, etc.).

Deloitte drives progress. Our firms around the world help our clients become market leaders wherever they compete. Deloitte invests in outstanding people with diverse talents and backgrounds, empowering them to achieve more than they can elsewhere. Our work combines consulting with action and integrity. We believe that when our clients and society are stronger, so are we.