Who We Are
Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm. Today, 95% of AI pilots fail because AI systems don’t understand the context behind data: what it means, how it’s governed, and how it should be used.
Atlan connects to every part of the modern data and AI stack to unify this context into a single, shared layer that both humans and AI agents can rely on.
With Atlan, teams can discover, understand, and trust their data; build and collaborate on a shared body of knowledge; and activate that context across analytics, operations, and AI workflows.Trusted by global enterprises like Mastercard, Workday, General Motors, Unilever, Ralph Lauren, FOX, Nasdaq, and Medtronic, we’re backed by world-class investors including GIC, Insight Partners, Meritech, Peak XV, and Salesforce Ventures
About The Role
We’re hiring a Senior Systems Engineer to be a cornerstone of our Endpoint Engineering function. This role will own and mature our endpoint management strategy across macOS (Jamf Pro) and Windows (Intune), drive endpoint security and compliance, and contribute as a generalist across cloud infrastructure and network security. They will also help build automated, self-service IT experiences and lay the groundwork for a Zero Trust endpoint architecture.
What You’ll Do? 🤔
Endpoint Management (Jamf & Intune):
Own the end-to-end Jamf Pro environment—enrollment workflows, configuration profiles, patch management, App Catalog, Self Service, and macOS compliance baselines.
Manage and mature Microsoft Intune for the Windows fleet: device enrollment, compliance policies, application deployment, and conditional access integration.
Design and enforce endpoint compliance frameworks (CIS benchmarks, encryption, OS patching) across macOS and Windows.
Lead the evaluation and implementation of Endpoint Detection & Response (EDR) solutions, ensuring seamless integration with MDM.
Build automated onboarding and offboarding workflows for endpoints, integrating with Okta and employee lifecycle tooling.
Endpoint & Network Security:
Drive endpoint security posture: disk encryption enforcement, firewall policies, secure boot configurations, and application allowlisting/blocklisting.
Contribute to Zero Trust network architecture: VPN management and migration strategy, DNS security (DNS filtering, DoH/DoT), and secure remote access.
Hands-on experience with Network Security tools like Palo Alto Prisma, Twingate, Cloudflare, etc.
Collaborate with SRE/Infrastructure teams on network segmentation, firewall rules, and security monitoring.
Cloud Infrastructure & Access Governance:
Assist in cloud infrastructure operations across AWS/GCP, including IAM policy reviews, SSO integrations, and access governance.
Support the design and implementation of Zero Trust access controls for production and customer cloud environments.
Partner with IT and security to ensure MDM-to-IdP integration is robust, enabling device trust as a factor in conditional access policies.
Automation & Self-Service IT:
Automate repetitive IT workflows using scripting (Bash, Python, PowerShell) and low-code/no-code platforms.
Build dashboards and reporting for endpoint health, compliance posture, and SLA metrics.
Strategic & Cross-Functional Leadership:
Serve as the Subject Matter Expert for endpoint engineering within the IT/Systems Engineering function.
Build scalable endpoint architecture aligned with the company’s growth trajectory toward 800–1,000 employees.
Document standards, architectures, runbooks, and processes for internal enablement.
Mentor junior team members as the Systems Engineering function expands.
What makes you a great match for us? 😍
4+ years in IT Systems/Endpoint Engineering with experience across endpoint management, security, cloud infrastructure, and networking.
Deep, hands-on expertise with Jamf Pro (configuration profiles, Smart Groups, patch management, Self Service, PreStage Enrollment). Jamf certification is a strong plus.
Solid experience with Microsoft Intune—device enrollment, compliance policies, conditional access, and application deployment.
Strong understanding of macOS internals, the Apple MDM framework, and Windows endpoint management.
Conceptual and practical understanding of Zero Trust, endpoint compliance frameworks, and CIS benchmarks.
Working knowledge of cloud platforms (AWS or GCP): IAM, networking, security groups, and access governance.
Hands-on experience with network security fundamentals: VPN (WireGuard, IPSec, or ZTNA solutions), DNS security, and firewall management.
Strong scripting skills in at least two of: Bash, Python, PowerShell, or Swift/AppleScript.
Experience integrating MDM with Identity Providers (Okta, Azure AD/Entra ID) for device trust and conditional access.
Exposure to EDR platforms (CrowdStrike, SentinelOne, Microsoft Defender for Endpoint) is a strong plus.
Strong project leadership: runbooks, testing/rollback plans, stakeholder comms, phased rollouts.
Security-first mindset with excellent documentation and cross-functional collaboration skills.
More About Us
Atlan is building the shared context layer that enterprises need so AI can operate on trusted, governed context. The conversation has moved from data leaders asking: “Can we trust the data in our stack?” to businesses asking: “Can we trust AI inside the business?”
We are the missing infrastructure for businesses becoming AI-forward - the connective tissue between their data stack, operational systems, and AI agents.
Recognized as an industry-leading metadata, catalog, and data governance platform, we’ve been named a Leader by both Gartner and Forrester across enterprise data catalogs, metadata management, and governance.
To learn more, visit www.atlan.com and follow us on LinkedIn
Equal Opportunity Employer
Atlan is committed to building an inclusive, diverse, and authentic workplace. We do not discriminate based on race, color, religion, national origin, age, disability, sex, gender identity or expression, sexual orientation, marital status, military or veteran status, or any other legally protected characteristic.
.png)
