URGENT REQUIREMEMNT:

[Dhananjay]

Need Candidates mother's maiden name 

send full linkedin

Must send date of birth

must send 3 references

Location: Onsite in Downers Grove, IL

Position: Mac Endpoint Engineer (macOS + Intune)

Duration: 6+ Month Contract

Pay: $55 C2C

 NO H1B 

Overview:

Onsite contract role (6+ months, possible extension) for a proactive engineer ready to shape macOS in a Microsoft-centric enterprise. Client is elevating macOS to first-class status and needs a hands-on Mac Endpoint Engineer to build and harden a modern Intune-managed macOS environment. You will deliver zero-touch enrollment, seamless Platform SSO (PSSO) first sign-in, large-scale macOS app packaging, configuration, compliance, automation, and a strong security posture with a goal of achieving 1:1 parity with Windows devices.

 

Key Responsibilities

·  Design/operate zero-touch enrollment with ABM + ADE (PreStage through post-enrollment fixes).

·  Build a consistent first sign-in experience using PSSO + Intune.

·  Improve enrollment flows, bootstrap content, and post-enrollment automations.

·  Lead macOS app packaging for Intune (PKG/DMG + pre/post scripts, detection rules, dependencies, retries, uninstall logic).

·  Create a scalable third-party app deployment model with staged rings, rollback plans, and change control.

·  Collaborate with Packaging/QA on versioning, testing, and release notes.

·  Manage Intune baseline configs & compliance policies; suggest UX/reliability improvements.

·  Enforce CIS macOS benchmark controls (macOS 26+); own configuration/enforcement, partner with InfoSec.

·  Integrate/support: Entra ID, Defender for Endpoint (DLP), CrowdStrike, CyberArk EPM, Qualys, GlobalProtect ZTNA.

·  Automate via scripting (bash/zsh/Python; PowerShell for Graph) – provisioning, remediations, health checks, reporting.

·  Deliver actionable Intune dashboard metrics (enrollment success, sign-in time, compliance drift, packaging SLAs).

·  Write KB articles/how-tos; transfer knowledge to Support; provide occasional Tier 3 guidance (no on-call).

·  Partner with Identity, Security, Networking, and Support to prepare for go-live and scale across US users.

·  Contribute to standards, guardrails, and SOPs for long-term stability.

Environment

MDM: Microsoft Intune only (no Jamf/Kandji).

Minimum: macOS 26 (Tahoe).

Stack: Entra ID, Defender for Endpoint, CrowdStrike, CyberArk EPM, Qualys, GlobalProtect.

Standards: CIS macOS benchmark (InfoSec sets policy; you implement/operate).

Tools: ABM + ADE in place; Intune for compliance & reporting.

 

Required Qualifications

·  3–5+ years enterprise macOS MDM (Intune preferred).

·  Strong Intune macOS packaging expertise (PKG/DMG, scripts, detection, rings, rollback).

·  Hands-on ADE zero-touch + PSSO implementation.

·  Scripting: bash/zsh/Python (PowerShell/Graph as needed).

·  Experience enforcing CIS controls via Intune profiles/policies.

·  Familiarity with Defender, CrowdStrike, CyberArk EPM, Qualys, and GlobalProtect.

·  Excellent documentation & knowledge-transfer skills.

 

Preferred

·  Self-healing remediations / drift correction.

·  iOS/iPadOS in Intune (bonus).

·  Entra ID Conditional Access for macOS.

·  Current Apple management trends (PSSO, macOS security/privacy).

 

Success Looks Like

·  Reliable zero-touch from unbox to desktop.

·  Fast, frictionless PSSO sign-in.

·  Scalable packaging/patching with SLAs, rings, and rollback.

·  Trusted CIS-aligned posture with clear Intune dashboards.

 

 

Regards:

 

Dhananjay Yadav

Technical Recruiter

1 Point System LLC

115 Stone Village Drive,

Suite C, Fort Mill, SC (29708).

Fax :  803-832-7973 | W : www.1pointsys.com

D: +1 704-755-6795   E : dhan...@1pointsys.com