[Remote] Mac System Administrator

Note: The job is a remote job and is open to candidates in USA. Nsight Health is transforming healthcare delivery through innovative technology and remote patient monitoring solutions. They are seeking a Mac System Administrator to manage macOS endpoints, oversee identity and access management, and lead technical projects while ensuring compliance and documentation in a fast-growing technology environment.

Responsibilities

• Own the Iru (formerly Kandji) environment from top to bottom including blueprints, configuration profiles, patch management, vulnerability response, and fleet health
• Manage the full macOS lifecycle from imaging and deployment through refresh and retirement
• Triage endpoint detection and response alerts in partnership with the CISO and the MSP
• Operate the identity provider (Okta strongly preferred) day-to-day across groups, applications, SCIM provisioning, lifecycle workflows, and MFA policies
• Own the platform that makes joiner, mover, and leaver workflows effortless for the business
• Maintain access reviews and audit-ready records in partnership with the Security team
• Administer Google Workspace at depth across users, groups, organizational unit design, DLP rules, security center monitoring, Vault retention, and application access policies
• Build and maintain automations using GAM, Apps Script, or equivalent
• Lead technical projects including identity provider rollouts, MDM migrations, integrations, and automation initiatives
• Write scripts and tooling in Bash, Python, AppleScript, the Iru API, Okta Workflows, and GAM that reduce ticket volume and make the environment easier to operate for everyone
• Serve as Tier 3 escalation for the managed service partner, solving what they cannot
• Participate in a light on-call rotation for genuine emergencies and work alongside the Director to set clear expectations, provide accurate documentation, and give the MSP the feedback they need to perform
• Document everything. If it is not in a runbook, it does not exist
• Operate inside an active HIPAA, SOC 2, and HiTrust environment and partner with Security and Engineering to support audit evidence and control attestation

Skills

• 4 or more years of hands-on systems administration experience with at least 2 years in a macOS-first environment
• Strong working knowledge of macOS internals, command line, scripting in Bash and Python, and deep troubleshooting ability
• Production experience with an enterprise MDM; Iru (formerly Kandji) is strongly preferred and comparable depth in another MDM is acceptable
• Deep Google Workspace administration experience across users, groups, DLP, security center, Vault, OU design, and application access policies; surface-level admin is not enough for this role
• Working knowledge of a modern identity provider with Okta strongly preferred; SSO, MFA, SCIM provisioning, and lifecycle workflows should be part of your daily vocabulary
• Working knowledge of endpoint detection and response using SentinelOne or equivalent
• A genuine documentation habit; we will look for evidence of it in the interview
• Direct production experience with Iru (formerly Kandji), Okta Workforce Identity Cloud, and SentinelOne Singularity
• Apple certifications such as ACSP or ACMT
• Experience in healthcare or another regulated environment
• Comfort working in a co-managed model alongside a managed service partner

Benefits

• Performance-Based Bonus: Eligible for an annual bonus based on company and individual performance.
• Accrual-based PTO
• Medical, Dental, Vision, and supplemental insurance options
• 401(k) Plan with 3.5% Company Match
• Company-provided equipment

Company Overview