Affirm
Staff Endpoint Engineer (Client Platform Engineering)
Affirm, Dallas, Texas, United States, 75215
Staff Endpoint Engineer (Client Platform Engineering)
at
Affirm Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without hidden fees or compounding interest. IT Engineering teams build and operate the tools, systems, and services that power the employee?facing IT experience. Client Platform Engineering builds the hardware and software at the heart of the employee?facing operations. Responsibilities Administer and scale macOS device management using Jamf?Pro, ensuring endpoints meet company compliance standards (e.g., encryption, OS patching, configuration profiles, application management). Guide architectural decisions to ensure endpoint management can easily scale with the company. Drive key technical initiatives such as permission automation, third?party patching, silent updates, stability improvements, and streamlined device deployment. Build automation and infrastructure?as?code pipelines using tools like Terraform (or similar), Bash/Python scripting, and Jamf/Okta/MDM APIs to minimize manual work and create zero?touch provisioning workflows. Manage enterprise?grade software and package deployment, using tools like AutoPkgr or equivalent for packaging and silent rollout of updates at scale. Implement and refine endpoint change?control processes, with communication, testing, rollback plans, and compliance tracking. Create dashboards and reporting for visibility into compliance, patch levels, and device health. Collaborate closely with Security, Support, Engineering, and IT to enforce policies (e.g. least?privilege), onboard security agents (AV, EDR, disk encryption), and integrate devices with Okta?SSO, Oomnitza, Google Workspace, and other monitoring tools. Serve as the escalation tier for complex endpoint issuestroubleshoot deep macOS, hardware, networking, or software issues and act as a knowledge source for IT Support. Mentor junior engineersshare expertise, set best practices, and help elevate the teams Jamf, scripting, and automation capabilities. Explore and evaluate new endpoint?management and automation technologies, run POCs, and recommend adoption to improve platform efficiency, security, and user experience. Work directly with Developer Productivity to support the unique needs of affirms engineers.
Qualifications
5+ years of hands?on experience managing macOS (and ideally other endpoints) at scale with enterprise MDM tools Jamf?Pro expertise required (Jamf?300+ level). Strong scripting capabilities in Bash, with fluency in a second language like Python; ability to programmatically integrate with RESTful APIs (Jamf?API, Okta?API, etc.). Proven proficiency in automation / infrastructure?as?code tools like Terraform, Ansible, or similar in an IT context. Experience with Windows Intune and Windows Endpoint Management. Deep understanding of enterprise security practices for endpoints, including vulnerability/patch management, enforcing least privilege, encryption, and compliance frameworks. Experience building and managing package/software distribution pipelines, with tools like AutoPkg, Jamf, or others. Exceptional troubleshooting skills and ability to debug complex endpoint issues; capable of representing the IT team in high?severity escalations. Excellent cross?functional communication skills with a collaborative mindsetable to work with Security, Support, and Engineering teams effectively. A positive, growth?oriented attitude, with strong written communication: documentation, runbooks, dashboards, and process guides. Prior experience serving as a technical mentor or functional lead in a high?growth or enterprise environment is strongly preferred. This position requires either equivalent practical experience or a Bachelors degree in a related field.
Compensation
Pay Grade
M Equity Grade
7 Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits. USA base pay range (CA, WA, NY, NJ, CT) per year: $180,000 $230,000 USA base pay range (all other U.S. states) per year: $160,000 $210,000 Remote Work
Affirm is a remote?first company. Most roles can be worked remotely; occasional in?office days may be required. Benefits
Health care coverage employer covers all premiums for you and dependents. Flexible Spending Wallets stipends for technology, food, lifestyle, and family expenses. Time off competitive vacation and holiday schedules. ESPP employee stock purchase plan.
Equal Employment Opportunity
Affirm is proud to provide an inclusive interview experience for all, including people with disabilities, and provides reasonable accommodations for candidates in need. Visa Sponsorship
Please note that visa sponsorship is not available for this position. Application Note
By clicking Submit Application, you acknowledge that you have read the Global Candidate Privacy Notice and give informed consent to collection, processing, use, and storage of your personal information. #J-18808-Ljbffr
at
Affirm Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without hidden fees or compounding interest. IT Engineering teams build and operate the tools, systems, and services that power the employee?facing IT experience. Client Platform Engineering builds the hardware and software at the heart of the employee?facing operations. Responsibilities Administer and scale macOS device management using Jamf?Pro, ensuring endpoints meet company compliance standards (e.g., encryption, OS patching, configuration profiles, application management). Guide architectural decisions to ensure endpoint management can easily scale with the company. Drive key technical initiatives such as permission automation, third?party patching, silent updates, stability improvements, and streamlined device deployment. Build automation and infrastructure?as?code pipelines using tools like Terraform (or similar), Bash/Python scripting, and Jamf/Okta/MDM APIs to minimize manual work and create zero?touch provisioning workflows. Manage enterprise?grade software and package deployment, using tools like AutoPkgr or equivalent for packaging and silent rollout of updates at scale. Implement and refine endpoint change?control processes, with communication, testing, rollback plans, and compliance tracking. Create dashboards and reporting for visibility into compliance, patch levels, and device health. Collaborate closely with Security, Support, Engineering, and IT to enforce policies (e.g. least?privilege), onboard security agents (AV, EDR, disk encryption), and integrate devices with Okta?SSO, Oomnitza, Google Workspace, and other monitoring tools. Serve as the escalation tier for complex endpoint issuestroubleshoot deep macOS, hardware, networking, or software issues and act as a knowledge source for IT Support. Mentor junior engineersshare expertise, set best practices, and help elevate the teams Jamf, scripting, and automation capabilities. Explore and evaluate new endpoint?management and automation technologies, run POCs, and recommend adoption to improve platform efficiency, security, and user experience. Work directly with Developer Productivity to support the unique needs of affirms engineers.
Qualifications
5+ years of hands?on experience managing macOS (and ideally other endpoints) at scale with enterprise MDM tools Jamf?Pro expertise required (Jamf?300+ level). Strong scripting capabilities in Bash, with fluency in a second language like Python; ability to programmatically integrate with RESTful APIs (Jamf?API, Okta?API, etc.). Proven proficiency in automation / infrastructure?as?code tools like Terraform, Ansible, or similar in an IT context. Experience with Windows Intune and Windows Endpoint Management. Deep understanding of enterprise security practices for endpoints, including vulnerability/patch management, enforcing least privilege, encryption, and compliance frameworks. Experience building and managing package/software distribution pipelines, with tools like AutoPkg, Jamf, or others. Exceptional troubleshooting skills and ability to debug complex endpoint issues; capable of representing the IT team in high?severity escalations. Excellent cross?functional communication skills with a collaborative mindsetable to work with Security, Support, and Engineering teams effectively. A positive, growth?oriented attitude, with strong written communication: documentation, runbooks, dashboards, and process guides. Prior experience serving as a technical mentor or functional lead in a high?growth or enterprise environment is strongly preferred. This position requires either equivalent practical experience or a Bachelors degree in a related field.
Compensation
Pay Grade
M Equity Grade
7 Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits. USA base pay range (CA, WA, NY, NJ, CT) per year: $180,000 $230,000 USA base pay range (all other U.S. states) per year: $160,000 $210,000 Remote Work
Affirm is a remote?first company. Most roles can be worked remotely; occasional in?office days may be required. Benefits
Health care coverage employer covers all premiums for you and dependents. Flexible Spending Wallets stipends for technology, food, lifestyle, and family expenses. Time off competitive vacation and holiday schedules. ESPP employee stock purchase plan.
Equal Employment Opportunity
Affirm is proud to provide an inclusive interview experience for all, including people with disabilities, and provides reasonable accommodations for candidates in need. Visa Sponsorship
Please note that visa sponsorship is not available for this position. Application Note
By clicking Submit Application, you acknowledge that you have read the Global Candidate Privacy Notice and give informed consent to collection, processing, use, and storage of your personal information. #J-18808-Ljbffr