NinjaOne is hiring a Support Engineer III for a deeply technical role focused exclusively on Mobile Device Management across Apple and Android ecosystems. You will handle the most complex customer issues, perform root cause analysis, and collaborate closely with engineering and product teams.
What You'll Do
- Review escalated MDM tickets from L1/L2, assess work performed, and prioritize based on customer impact and severity.
- Diagnose and resolve complex issues across Apple platforms: configuration profile failures, APNs certificate and content token lifecycle problems, Apple Business Manager (ABM) and Automated Device Enrollment (ADE) workflows, Declarative Device Management (DDM) behaviors, FileVault escrow, system extensions, PPPC/TCC, and macOS MDM OS update interactions.
- Diagnose and resolve issues across Android platforms: Android Enterprise provisioning (Work Profile, Fully Managed, Dedicated/COSU), Zero-Touch and QR enrollment failures, Managed Google Play app distribution, OEMConfig and vendor-specific behaviors (Samsung Knox, Zebra), and AOSP device management constraints.
- Reproduce customer-reported issues in lab environments, collect device logs (sysdiagnose, Console.app, mdmclient, adb/logcat, dumpsys, bug reports), and produce clear root cause analysis with supporting data.
- Troubleshoot certificate and networking issues related to MDM: SCEP/PKI workflows, Wi-Fi/EAP profiles, VPN configurations, CA trust chains, and OpenSSL-based diagnostics.
- Enter Jira issues and work directly with L4, Engineering, QA, and Product Management on resolutions — provide reproducible test cases, structured bug reports, and clear technical documentation.
- Disseminate information from Engineering, QA, and Product Management to the rest of the support team regarding bugs, fixes, releases, and platform changes.
- Maintain all on-hold MDM tickets and ensure timely follow-up and adherence to service-level targets.
- Create and deliver MDM-focused training to internal support teams — help level up L1 and L2 technicians on Apple and Android platform fundamentals, enrollment workflows, and common troubleshooting patterns.
- Share knowledge of issues and corresponding resolutions or workarounds with the support organization, including the creation of new knowledge base articles, runbooks, and diagnostic playbooks.
- Collaborate with Solutions Engineering on customer escalations or architecture reviews when needed.
- Provide structured feedback to Product Management on recurring customer friction, systemic issues, and feature gaps identified through support interactions.
- Work a set schedule with rotating on-call duties (1 weekend every ~2 months with limited hours/scope).
- Take initiative and provide prompt, accurate follow-up to tickets and support calls.
What We're Looking For
- Associate's degree in Computer Science, Information Technology, or related field, and/or equivalent work experience.
- 3+ years of hands-on experience in a technical support, IT administration, systems engineering, or device management role with direct Apple and/or Android MDM exposure.
- Deep hands-on experience with Apple device management: Apple Business Manager, Automated Device Enrollment (ADE), supervision vs unsupervised feature differences, APNs lifecycle and renewal, configuration profiles and payload structure (.mobileconfig), Declarative Device Management (DDM) concepts, Apps & Books (VPP) deployment, and Managed App Configuration.
- Excellent working knowledge of Android Enterprise: Work Profile, Fully Managed (Device Owner), and Dedicated device modes; enrollment methods including Zero-Touch, QR, NFC, and DPC identifier; OEMConfig; and Managed Google Play app lifecycle.
- Comfortable knowledge of OEM-specific nuances across Samsung, Zebra, Pixel, and a fundamental understanding of GMS, AOSP, security patch levels and Android lifecycle management.
- Experience with macOS-specific MDM behaviors: FileVault enforcement and escrow, system extensions, PPPC/TCC, kernel extensions, macOS MDM OS updates vs agent-based patching, and login item/system prompt behaviors after profile changes.
- Proficiency with device log collection and analysis: sysdiagnose, Console.app, mdmclient logs on macOS; adb, logcat, dumpsys, bug reporting on Android — and the ability to parse and interpret logs to isolate root causes.
- Familiarity with PKI/SCEP fundamentals, certificate profiles for Wi-Fi/VPN, CA trust chains, OpenSSL basics, and TLS troubleshooting.
- Comfortable with command-line tools and basic scripting (bash/zsh, Python, or PowerShell) for log parsing, diagnostics, and producing reproducible test cases.
- Awareness of AOSP device limitations and environments without Google Mobile Services.
- Experience supporting at least one major MDM/UEM platform (Jamf, Kandji, Addigy, Workspace ONE, Intune, Ivanti, Hexnode, Mosyle, or similar).
- Strong troubleshooting methodology — able to isolate root causes in complex, multi-variable environments rather than relying on scripts or escalation.
- Excellent written and verbal communication skills — able to explain complex technical behaviors clearly to customers at varying skill levels and produce high-quality KB documentation.
- Strong customer empathy, patience, and the ability to de-escalate difficult conversations.
- Adaptable to new technologies, platform changes, and evolving processes.
- Strong interpersonal skills so as to be able to work in a team-oriented environment.
- Ability to flourish under limited supervision.
Technical Stack
- Apple device management (macOS, iOS, iPadOS), Android Enterprise, AOSP
- Apple Business Manager (ABM), Automated Device Enrollment (ADE), Declarative Device Management (DDM)
- Configuration profiles (.mobileconfig), APNs, Managed App Configuration
- Android Enterprise provisioning (Work Profile, Fully Managed, Dedicated/COSU), Zero-Touch enrollment, QR enrollment
- Managed Google Play, OEMConfig, Samsung Knox, Zebra
- FileVault, System extensions, PPPC/TCC
- SCEP/PKI, Wi-Fi/EAP profiles, VPN configurations, OpenSSL
- sysdiagnose, Console.app, mdmclient, adb, logcat, dumpsys
- bash/zsh, Python, PowerShell, Jira
Team & Environment
You will work within the support organization, collaborating closely with L4, Engineering, QA, Product Management, and Solutions Engineering. This role involves mentoring L1 and L2 technicians.
Work Mode
This role is based locally in Texas or Florida.
