MAC Engineer II with Security Clearance
About the role
Perform Tier II-IV troubleshooting of macOS, device-management, and application issues, independently driving them to resolution before escalating.
Resolve assigned tickets in the ticketing system, documenting steps, root cause, and resolution clearly.
Support common enterprise and third-party macOS applications, including Microsoft 365, Adobe Creative Cloud, browsers, and VPN / remote-access tools.
Execute patching events through the management platform to maintain standard OS and application versions across the fleet.
Engineering & Projects
Package, test, and deploy macOS applications for both Apple silicon (ARM) and Intel devices.
Build and test configuration profiles to support new platform capabilities and security requirements.
Review and remediate vulnerability findings in partnership with cybersecurity, including deep-dive analysis of affected software.
Apply the macOS Security Compliance Project (mSCP) to new macOS releases-tailoring, testing, and validating baselines and compliance reporting.
Deploy approved changes through the established Change Request (CR) process, with testing and validation prior to release.
Configure and maintain supporting automation and end-user-experience tooling for automated packaging, patch automation, provisioning, and custom user messaging, and support modern identity workflows such as Platform Single Sign-On (PSSO) and smart card / PIV authentication.
Produce clear technical documentation, SOPs, and runbooks for repeatable operations and knowledge transfer.
Qualifications
- Independent problem solving, troubleshooting, critical thinking, self-direction, attention to detail, collaboration, communication, documentation, and cybersecurity awareness.
- Current CBP Background Investigation or Top-Secret clearance adjudicated within the last 5 years (preferred); US Citizenship with the ability to obtain a Federal Public Trust clearance (REQUIRED).
- Bachelor's degree in information systems or a related field; in lieu of a degree, 4-6+ years of IT administration and/or engineering experience with direct macOS and enterprise device-management experience.
- Jamf Certified Tech (200) or equivalent enterprise device-management certification preferred; Jamf Certified Admin (300) a plus.
- Demonstrated experience independently administering an enterprise MDM platform (policies, configuration profiles, patching, Self Service) in an environment of 1,000+ devices.
- Hands-on experience beyond basic device management-e.g., endpoint security and identity tooling-and supporting users in a distributed, regulated environment (such as a DHS component) is desired.
- Apple Certified Support Professional (ACSP), ServiceNow, M365 / Active Directory, networking fundamentals (DNS, VPN, VLANs, certificates), and mSCP / DISA STIG / NIST 800-53 experience are a plus.
Specific Knowledge, Skills & Abilities
- Strong, independent troubleshooting-able to research, test, and resolve unfamiliar macOS and device-management issues, exhausting documentation and reasonable troubleshooting before escalating to senior staff.
- Solid working knowledge of enterprise MDM administration (the team currently uses Jamf Pro): inventory, smart/dynamic groups, scoping, policies, configuration profiles, Self Service, and patch management. Team-specific configuration and customizations will be taught on the job.
- Proficiency with macOS application packaging and deployment for Apple silicon (ARM) and Intel hardware.
- Working knowledge of macOS security settings, system hardening, and applying / validating compliance baselines such as mSCP.
- Knowledge of modern macOS identity and authentication, including Platform Single Sign-On (PSSO) and federated authentication; smart card / PIV experience is a nice-to-have.
- Comfort with the macOS command line (Terminal) and scripting in zsh / bash for automation and troubleshooting.
- Ability to gather requirements, build test cases, and validate changes on test devices before fleet deployment; strong documentation skills; and effective collaboration across cross-functional teams (cybersecurity, Windows desktop management, field support, and government / contractor leadership).
Work Environment
A hybrid role performed primarily onsite to support a scheduled walk-up / desk-side rotation, with some remote work as approved.
Occasional travel may be required.
Job ID 2026-24030
Pay Range $90,000 - $95,000
Benefits
Regular - The company offers a comprehensive benefits program, including medical, dental, vision, life insurance, 401(k) and a range of other voluntary benefits. Paid Time Off (PTO) is offered to regular full-time and part-time employees.
Company Description
Cloud Lake Technology, an Akima company, is not just another federal IT contractor. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska. At Cloud Lake, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States. For our shareholders, Cloud Lake provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years. For our government customers, Cloud Lake delivers highly specialized, data-centric services and technology solutions that break down organizational boundaries and transform mission delivery. As a Cloud Lake employee, you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options.