SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.
IT SYSTEMS ENGINEER (ENDPOINT)
SpaceX is seeking an experienced IT Systems Engineer to join the Endpoint team. This multi-disciplinary role is responsible for designing, implementing, and operating modern endpoint management infrastructure with deep expertise in Jamf, Fleet, Intune, and Entra Conditional Access, while providing strong cross-platform support across Apple macOS, iOS, and Windows 11 / Windows Server environments.
The position requires building secure, compliant, and highly automated solutions at scale. The ideal candidate brings significant experience with enterprise device management platforms, advanced scripting and automation, observability through Splunk, and a forward-looking approach to incorporating AI workflows to improve security, efficiency, and compliance.
Candidates will work in a fast-paced environment supporting mission-critical systems. They should be self-starters who thrive on solving complex problems, driving standards, and enabling other teams through excellent documentation and automation.
RESPONSIBILITIES:
- Architect, implement, and manage Jamf, Fleet, Microsoft Intune, and Entra Conditional Access policies to enforce zero-trust principles and device compliance across the fleet
- Design, deploy, and maintain endpoint configurations, compliance policies, application deployments, and security baselines for Windows 11, Windows Server, macOS, and iOS devices
- Develop and maintain advanced automation using PowerShell, Bash, and AppleScript to handle provisioning, configuration management, patching, remediation, and reporting at enterprise scale
- Integrate telemetry from Intune, Jamf, and other endpoint platforms with Splunk to deliver real-time monitoring, alerting, compliance dashboards, and support for security investigations
- Implement, audit, and maintain endpoint controls aligned with CIS benchmarks while ensuring strict adherence to ITAR and EAR regulatory requirements for devices, configurations, and data handling
- Evaluate, pilot, and operationalize AI-powered workflows and tools (including LLM-assisted scripting, intelligent policy analysis, and automated remediation) to increase efficiency and reduce risk
- Collaborate closely with Security, Compliance, Infrastructure, and business stakeholders to define endpoint standards, drive configuration and patch compliance across endpoint platforms, and support audits involving endpoint platforms and systems
- Create and maintain high-quality documentation, runbooks, and knowledge articles; provide training and tier-3 escalation support to IT and support teams
- Lead or significantly contribute to major endpoint projects such as OS migrations, Entra Conditional Access expansions, new platform integrations, and automation platform improvements
- Continuously improve the team’s automation, monitoring, compliance posture, and operational resilience through scripting, policy refinement, and process optimization
BASIC QUALIFICATIONS:
- Bachelor's Degree in Computer Science, Information Technology, or related technical discipline and 5+ years of hands-on experience designing, implementing, and managing Jamf, Fleet, Intune, and Entra Conditional Access in large enterprise environments; OR 7+ years of hands-on experience designing, implementing, and managing Jamf, Fleet, Intune and Entra Conditional Access in large enterprise environments in lieu of a degree
- Experience with Apple macOS and iOS enterprise management as well as Windows 11 and Windows Server operating systems
- Experience implementing security controls and compliance frameworks in regulated environments
PREFERRED SKILLS AND EXPERIENCE:
- Hands-on experience integrating endpoint platforms with Splunk for SIEM, compliance reporting, and operational visibility
- Direct experience implementing CIS benchmarks and operating in ITAR/EAR-controlled environments
- Familiarity with AI workflows and tools, such as using large language models for script development, policy generation, log analysis, or operational automation
- Significant experience developing and maintaining production-grade scripts in PowerShell, Bash, and AppleScript
- Proficiency with Microsoft Graph API, advanced PowerShell module development, modern automation/CI-CD practices, GitOps, DevOps tooling, and Infrastructure as Code (IaC)
- Relevant Microsoft and Apple certifications (e.g., MS-102 Endpoint Administrator, AZ-900 Microsoft Azure Fundamentals, Jamf-200/300, or security/compliance credentials)
- Experience leading cross-functional endpoint projects and mentoring or training other IT team members
- Excellent written and verbal communication skills, with the ability to explain complex technical topics to technical and non-technical audiences
ADDITIONAL REQUIREMENTS:
- Able and willing to participate in after-hours or weekend support when necessary to resolve unplanned outages or perform maintenance during planned downtime windows
- Must be comfortable working with mission-critical and sensitive systems in a highly regulated environment
ITAR REQUIREMENTS:
- To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.
SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.
Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should reach out to [email protected].
Skills Required
- Bachelor's degree in Computer Science, Information Technology, or related OR 7+ years equivalent experience
- 5+ years hands-on experience designing, implementing, and managing Jamf, Fleet, Intune, and Entra Conditional Access in large enterprise environments
- Experience with Apple macOS and iOS enterprise management as well as Windows 11 and Windows Server operating systems
- Experience implementing security controls and compliance frameworks in regulated environments
- Ability to work after-hours or weekends for outage resolution and maintenance windows
- Comfortable working with mission-critical and sensitive systems in a highly regulated environment
- US person/ITAR eligibility (U.S. citizen, lawful permanent resident, refugee, asylee, or eligible for required Dept. of State authorizations)
- Hands-on experience integrating endpoint platforms with Splunk for SIEM, compliance reporting, and operational visibility
- Direct experience implementing CIS benchmarks and operating in ITAR/EAR-controlled environments
- Familiarity with AI workflows and large language models for scripting, policy generation, log analysis, or automation
- Significant experience developing and maintaining production-grade scripts in PowerShell, Bash, and AppleScript
- Proficiency with Microsoft Graph API, advanced PowerShell module development, CI/CD, GitOps, DevOps tooling, and Infrastructure as Code (IaC)
- Relevant Microsoft and Apple certifications (e.g., MS-102, AZ-900, Jamf-200/300)
- Experience leading cross-functional endpoint projects and mentoring or training other IT team members
- Excellent written and verbal communication skills for technical and non-technical audiences
SpaceX Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about SpaceX and has not been reviewed or approved by SpaceX.
-
Equity Value & Accessibility — Equity grants are a core part of total compensation, with periodic company-run tender offers that create liquidity before any public listing. These mechanisms can make the equity component feel materially valuable in practice.
-
Healthcare Strength — The package includes comprehensive medical, dental, and vision coverage, with on-site clinics and health resources at major sites. This breadth of coverage is presented as a strong element of the offering.
-
Wellbeing & Lifestyle Benefits — Major locations feature on-site amenities such as fitness facilities, food/coffee, clinics, and other conveniences. These lifestyle perks enhance day-to-day value alongside cash and equity.
SpaceX Insights
What We Do
SpaceX designs, manufactures and launches the world’s most advanced rockets and spacecraft. The company was founded in 2002 by Elon Musk to revolutionize space transportation, with the ultimate goal of making life multiplanetary. SpaceX has gained worldwide attention for a series of historic milestones. It is the only private company ever to return a spacecraft from low-Earth orbit, which it first accomplished in December 2010. The company made history again in May 2012 when its Dragon spacecraft attached to the International Space Station, exchanged cargo payloads, and returned safely to Earth — a technically challenging feat previously accomplished only by governments. Since then Dragon has delivered cargo to and from the space station multiple times, providing regular cargo resupply missions for NASA.








