OneMain Financial Jobs

Job Description Summary

As a Staff Endpoint Lifecycle Operations Engineer on the Digital Workplace team, you will play a key role in the ongoing design, build, and implementation of GE Aerospace’s Mac end-user devices.

We are seeking a Mac Services Engineer with strong hands-on expertise in macOS validation and engineering, configuration management, application packaging and deployment, and patching. In this role, you will build, validate, deploy, and maintain macOS-based laptops and desktops at enterprise scale, ensuring stable, secure, and well-supported end-user devices.

You will maintain vital relationships with both internal and external stakeholders to ensure services are deployed compliantly, with a focus on quality and operational excellence. Success in this role requires a deep understanding of service opportunities and constraints within regulated environments, and close partnership with GE Aerospace’s Cyber and Security teams to drive robust policies for macOS. You will also play a key role in defining and maintaining the endpoint service catalog for Mac and ensuring its accurate representation across GE Aerospace’s ITSM toolsets.

You will join a focused team continually evolving this service portfolio, delivering increased value to our global user base of 60,000+ employees and positively impacting every employee across the company.

Job Description

Essential Responsibilities:

Mac Build, Enrollment, and Firmware Configuration

• Configure and manage Mac firmware/security settings (FileVault, Secure Boot, Activation Lock, Startup Security Utility) across supported Apple hardware

• Create, maintain, and optimize standard macOS baselines and configuration profiles (golden baseline via MDM, declarative management where applicable)

• Ensure hardware and macOS version compatibility across supported Mac models and Apple silicon/Intel platforms

OS Validation and Engineering

• Plan and execute validation for new macOS releases, point updates, Rapid Security Responses, and security patches

• Perform compatibility testing for kernel/system extensions, login items, security tools, network agents, and core enterprise apps

• Document known issues, provide mitigations/workarounds, and record validation results and release decisions

Application Packaging and Deployment

• Package, notarize, and validate Mac applications for enterprise deployment (PKG/DMG), including pre/postinstall scripts and configuration profiles

• Maintain and update app packages, dependencies, entitlement considerations, and uninstall/remediation scripts

• Collaborate with stakeholders to define packaging standards, code-signing requirements, and phased deployment schedules

Patching and Vulnerability Remediation

• Plan and implement macOS and application patching cycles using MDM policies, software update deferrals, and smart targeting

• Monitor patch compliance, investigate failures (update deferrals, disk space, power/state issues), and remediate at scale

• Partner with security teams to address CVEs, hardening baselines, and meet compliance targets and SLAs

Incident Resolution and Support

• Serve as an escalation point for complex macOS endpoint incidents (network stack, kernel panics, FileVault, SSO, identity, certificates)

• Perform root cause analysis using system logs, profiles, and telemetry; implement durable fixes and prevention

• Provide technical guidance and runbooks to service desk and field support teams

Documentation and Continuous Improvement

• Create and maintain technical documentation, standard operating procedures, and knowledge base articles specific to macOS

• Identify automation opportunities (policy-as-code, packaging pipelines, remediation scripts) to streamline build, deployment, and patching

• Drive continuous improvement of Mac standards, tools, and service quality; benchmark against industry best practices

Design and Implementation

• Participate in the design, build, and rollout of macOS end-user devices aligned to organizational goals and compliance standards

Stakeholder Collaboration

• Maintain strong relationships with internal teams (e.g., Cyber and Security, Network, Identity) and external vendors to ensure effective, high-quality deployments

Compliance and Regulated Environments

• Collaborate with Cyber and Security to develop and enforce robust macOS policies in regulated environments (e.g., GCC High-adjacent constraints, CMMC-aligned controls)

Service Catalog Management

• Identify, maintain, and optimize the Mac endpoint service catalog; ensure accurate representation across ITSM toolsets

Product Portfolio Development

• Evolve the internal Mac product portfolio to deliver increased value to a global user base of 60,000+ employees

Operational Excellence

• Improve quality, delivery, and cost-effectiveness of macOS endpoint lifecycle operations in line with SQDC priorities

Problem Resolution

• Act as macOS SME to troubleshoot and resolve complex endpoint issues and service interactions (identity, certificates, SSO, VPN, security agents)

Compliance and Security

• Ensure macOS lifecycle operations meet regulatory requirements and GE Aerospace security standards (hardening baselines, encryption, identity posture)

Documentation and Reporting

• Maintain detailed documentation of macOS processes, policies, catalog items; report on operational metrics and performance

Minimum Qualifications:

• Bachelor’s degree from an accredited university or college with a minimum of 4 years of professional experience OR Associate’s degree with a minimum of 7 years OR High School Diploma with a minimum of 9 years

• Minimum 2 years hands-on experience operating in regulated or restricted environments (e.g., GCC High-adjacent requirements) for endpoint devices, including macOS, with policy build and management tooling

• Strong understanding of CMMC-aligned compliance structures and the ability to build/deploy appropriate macOS policies and controls

• Minimum 3 years experience deploying enterprise endpoint management features at global scale (e.g., MDM policy orchestration, compliance, reporting)

• Practical hands-on experience integrating zero trust and security tooling (e.g., secure web gateways, identity, EDR) with macOS endpoints

• Minimum 2 years hands-on experience managing macOS and mobile devices via enterprise MDM

• Experience maintaining endpoint catalog attributes and device compliance/reporting in regulated environments

• Minimum 3 years professional experience in asset and catalog management

• Excellent understanding of end-user device technologies and operating systems (macOS, iOS, Windows, Android), and enterprise applications

• Experience with device management, configuration, and deployment in an enterprise environment

• Note: Military experience is equivalent to professional experience

Eligibility Requirement:

• Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.

Desired Characteristics:

• Proven experience as a Mac Engineer, Desktop Engineer, Endpoint Engineer, or similar role in an enterprise environment

• Strong hands-on experience with:macOS deployment and validation (major/minor releases, Rapid Security Responses, feature updates)Application packaging for macOS (PKG/DMG), code signing, notarization, and deployment via MDMmacOS patching strategies and compliance reporting; software update deferrals and enforcementmacOS security configuration (FileVault, firewall, privacy/PPPC, system/logon items, system/kext/driver transitions)

• Good understanding of:macOS core components, Apple silicon considerations, and hardware/model compatibilityEnterprise endpoint management concepts (device inventory, policy-based configuration, declarative management, automated remediation)Network and identity integration for macOS (802.1X, certificates, SSO, Kerberos/modern auth, VPN)Strong troubleshooting skills and ability to analyze logs, profiles, and performance issues (Console, sysdiagnose, MDM logs)

• Stakeholder Management: Ability to maintain strong relationships with internal teams and external vendors to ensure effective deployments

• Problem-Solving Skills: Expertise in troubleshooting and resolving complex macOS endpoint issues and service interactions

• Operational Excellence: Commitment to improving quality, delivery, and cost-effectiveness in alignment with SQDC

• Innovation and Continuous Improvement: Ability to identify and drive automation and process improvements across the macOS lifecycle

• Documentation and Reporting Skills: Ability to maintain detailed macOS documentation, policies, and service catalogs; provide regular metric reporting

• ITSM Expertise: Experience managing Digital Workplace services within ServiceNow or comparable ITSM platforms

Optional Mac-ecosystem specifics to include based on your tooling:

• Jamf Pro or equivalent MDM: enrollment workflows (ADE/DEP), smart groups, extension attributes, policies, scripts, patch policies, App Installers

• Apple Business Manager: ADE assignments, VPP/Apps and Books, supervision, device lifecycle

• Declarative Device Management: where supported, for efficient state-based policy

• SSO and identity: Platform SSO, Kerberos SSO, certificate-based auth, device compliance signals

• Security stack: EDR integration, PPPC/TCC, System Extensions, network filters, CIS or NIST-aligned baselines

Note :

The base pay range for this position is $112,000 to $165,000 annually. The specific pay offered may be influenced by a variety of factors, including the candidate’s experience, education, and skill set. This position is also eligible for an annual discretionary bonus based on a percentage of your base salary/ commission based on the plan. This posting is expected to close on March 16th, 2026.

GE Aerospace offers comprehensive benefits and programs to support your health and, along with programs like HealthAhead, your physical, emotional, financial and social wellbeing. Healthcare benefits include medical, dental, vision, and prescription drug coverage; access to a Health Coach from GE Aerospace; and the Employee Assistance Program, which provides 24/7 confidential assessment, counseling and referral services. Retirement benefits include the GE Aerospace Retirement Savings Plan, a 401(k) savings plan with company matching contributions and company retirement contributions, as well as access to Fidelity resources and planning consultants. Other benefits include tuition assistance, adoption assistance, paid parental leave, disability insurance, life insurance, and paid time-off for vacation or illness.

GE Aerospace (General Electric Company or the Company) and its affiliates each sponsor certain employee benefit plans or programs (i.e., is a “Sponsor”). Each Sponsor reserves the right to terminate, amend, suspend, replace or modify its benefit plans and programs at any time and for any reason, in its sole discretion. No individual has a vested right to any benefit under a Sponsor’s welfare benefit plan or program. This document does not create a contract of employment with any individual.

To comply with US immigration and other legal requirements, it is necessary to specify the minimum number of years' experience required for any role based within the USA. For roles outside of the USA, to ensure compliance with applicable legislation, the JDs should focus on the substantive level of experience required for the role and a minimum number of years should NOT be used.

This Job Description is intended to provide a high level guide to the role. However, it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.

Additional Information

GE Aerospace offers a great work environment, professional development, challenging careers, and competitive compensation. GE Aerospace is an Equal Opportunity Employer (https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRights_10_20.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE Aerospace will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

#LI-Remote - This is a remote position

GE Aerospace is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.