NinjaOne is hiring a Support Engineer III

This role is a highly technical position specializing in Mobile Device Management across Apple and Android ecosystems. The engineer diagnoses and resolves advanced MDM issues, collaborates with engineering teams, and provides guidance to junior support staff through mentorship and training.

Responsibilities

• Review escalated MDM support tickets from L1 and L2 teams, evaluate prior troubleshooting steps, and prioritize based on severity and customer impact.
• Diagnose and resolve complex Apple MDM issues including configuration profile errors, APNs and content token lifecycle problems, Apple Business Manager and Automated Device Enrollment workflows, Declarative Device Management behaviors, FileVault escrow, system extensions, PPPC/TCC settings, and macOS OS update interactions via MDM.
• Troubleshoot Android MDM issues such as Android Enterprise provisioning in Work Profile, Fully Managed, and Dedicated/COSU modes, Zero-Touch and QR enrollment failures, Managed Google Play app distribution, OEMConfig implementations, and device management constraints on AOSP and vendor-specific platforms like Samsung Knox and Zebra.
• Reproduce reported issues in lab environments, collect logs using tools like sysdiagnose, Console.app, mdmclient, adb, logcat, dumpsys, and bug reports, and deliver root cause analysis supported by diagnostic data.
• Investigate and resolve certificate and network-related MDM problems including SCEP/PKI workflows, Wi-Fi/EAP and VPN profile configurations, CA trust chains, and diagnostics using OpenSSL.
• Log issues in Jira and collaborate directly with L4 support, engineering, QA, and product management by providing reproducible test cases, structured bug reports, and detailed technical documentation.
• Communicate updates from engineering, QA, and product teams to support staff regarding known bugs, fixes, new releases, and platform changes.
• Manage all on-hold MDM tickets, ensuring timely follow-up and compliance with service-level agreements.
• Develop and deliver MDM-focused training sessions for internal support teams to improve knowledge of Apple and Android fundamentals, enrollment processes, and common troubleshooting methods.
• Share technical insights and resolutions across the support organization by creating knowledge base articles, runbooks, and diagnostic playbooks.
• Partner with Solutions Engineering on escalated customer cases or architecture reviews when necessary.
• Provide structured feedback to Product Management on recurring customer challenges, systemic issues, and missing features identified through support interactions.
• Work a consistent schedule with rotating on-call responsibilities, including one weekend every two months with limited hours and scope.
• Take ownership of support tickets and calls, delivering prompt, accurate, and thorough follow-up.
• Operate effectively with minimal supervision, demonstrating initiative and accountability.

Requirements

• Associate's degree in Computer Science, Information Technology, or a related field, or equivalent practical experience.
• Minimum of three years of hands-on experience in technical support, IT administration, systems engineering, or device management with direct exposure to Apple and/or Android MDM platforms.
• Extensive practical experience managing Apple devices including Apple Business Manager, Automated Device Enrollment, differences between supervised and unsupervised devices, APNs certificate lifecycle, configuration profiles and payload structure (.mobileconfig), Declarative Device Management concepts, Apps & Books (VPP) deployment, and Managed App Configuration.
• Strong working knowledge of Android Enterprise including Work Profile, Fully Managed (Device Owner), and Dedicated device modes; enrollment methods such as Zero-Touch, QR, NFC, and DPC identifier; OEMConfig; and Managed Google Play app lifecycle management.
• Familiarity with OEM-specific behaviors for Samsung, Zebra, Pixel, and understanding of GMS, AOSP, security patch levels, and Android lifecycle management.
• In-depth experience with macOS-specific MDM functions including FileVault enforcement and escrow, system extensions, PPPC/TCC, kernel extensions, OS updates via MDM versus agent-based patching, and login item behaviors after profile changes.
• Proficient in collecting and analyzing device logs using sysdiagnose, Console.app, and mdmclient on macOS; adb, logcat, dumpsys, and bug reports on Android, with ability to interpret logs for root cause identification.
• Understanding of PKI/SCEP fundamentals, certificate profiles for Wi-Fi and VPN, CA trust chains, OpenSSL basics, and TLS troubleshooting.
• Comfortable using command-line tools and writing basic scripts in bash/zsh, Python, or PowerShell for log parsing, diagnostics, and creating reproducible test cases.
• Awareness of limitations on AOSP devices and environments lacking Google Mobile Services.
• Hands-on experience supporting at least one major MDM or UEM platform such as Jamf, Kandji, Addigy, Workspace ONE, Intune, Ivanti, Hexnode, Mosyle, or similar.
• Strong troubleshooting methodology with ability to isolate root causes in complex, multi-variable environments without relying solely on scripts or escalation.
• Excellent written and verbal communication skills, capable of explaining technical details clearly to customers and colleagues at all levels and producing high-quality knowledge base content.
• Demonstrated customer empathy, patience, and ability to de-escalate difficult support interactions.
• Adaptable to evolving technologies, platform updates, and changing processes.
• Strong interpersonal skills with the ability to collaborate effectively in a team environment.
• A good sense of humor.

Nice to Have

• Jamf 100 certification.