Affirm
IT Engineering Manager (Endpoint Engineering)
Rol remoto de IT con fit claro de ubicación del candidato.
PublicadoAgregado recientemente
Países elegibles2 países aceptados
Señal de seniorityLead
Modelo de trabajoRemoto
Ubicaciones aceptadas para candidatos
CanadáEstados Unidos
Resumen del rol
IT Engineering Manager (Endpoint Engineering)
Requisitos y responsabilidades
Contenido del rol extraído en secciones para revisar más rápido.
What You'll Do
- Lead, coach, and develop a team of three engineers — setting clear expectations, providing regular candid feedback, and building individual growth plans tailored to each engineer's strengths, gaps, and career goals.
- Establish and maintain healthy team operating rhythms: sprint cadence, backlog grooming, incident retrospectives, and async-first communication practices that work across time zones.
- Build a culture of ownership, craft, and continuous improvement — where reducing toil and improving reliability is celebrated, not just expected.
- Serve as an escalation point for complex technical issues and a knowledge resource for the broader IT Engineering organization.
What You'll Do
- Define and maintain the CPE roadmap in alignment with IT Engineering strategy, company-wide security priorities, and Affirm's FY roadmap cycles.
- Establish a prioritization framework that balances project work, platform health (KTLO), compliance obligations, and stakeholder requests — with enough transparency that tradeoffs are visible and defensible.
- Build and own the KPIs and reporting that give you, your team, and leadership real visibility into endpoint compliance posture, patch currency, deployment reliability, and incident trends.
- Implement structured change control processes: communication, testing gates, rollback plans, and post-deployment review for platform changes that affect a global workforce.
What You'll Do
- Guide the architecture and long-term strategy for Affirm's endpoint platform — macOS-first, with Windows and mobile in scope — including MDM configuration, zero-touch provisioning, and the automation pipelines that keep the fleet healthy at scale.
- Drive key technical initiatives including permission automation, third-party patching, silent update delivery, and device lifecycle improvements.
- Champion infrastructure-as-code and automation-first engineering practices across the team — reducing manual toil and creating durable, repeatable processes.
- Evaluate new tooling and approaches, run POCs, and make clear adoption recommendations grounded in security, reliability, and operational efficiency.
What You'll Do
- Build strong working relationships with Security, Identity/IAM, Developer Productivity, and IT Support — acting as a reliable partner and technical peer, not just a fulfillment queue.
- Partner with Security to onboard and maintain endpoint security agents (EDR, AV, disk encryption) and enforce least-privilege policies at scale.
- Represent CPE in cross-functional planning conversations, bringing clear data and grounded recommendations to tradeoff discussions.
- Work closely with Developer Productivity to understand and support the unique endpoint needs of Affirm's engineering population.
What We Look For
- 5+ years of hands-on experience in endpoint engineering, client platform, or corporate IT engineering at scale — with a strong understanding of macOS device management (Jamf), MDM architecture, and endpoint security practices.
- Exposure to compliance frameworks relevant to endpoint security (SOC 2, CIS Benchmarks, or similar).
- 2+ years of people management or formal technical leadership experience, including setting direction, running 1:1s, and developing individual engineers.
- Demonstrated ability to build and run a program from scratch — establishing operating cadences, KPI frameworks, and prioritization processes where none previously existed.
- Scripting and automation proficiency in Bash and at least one additional language (Python strongly preferred); comfort integrating with RESTful APIs (MDM, Okta, Google Workspace, etc.).
- Strong cross-functional instincts — able to navigate competing priorities, build trust with partner teams, and communicate technical decisions clearly to non-technical stakeholders.
- A track record of shipping improvements reliably and iteratively, with attention to rollback safety, communication, and compliance documentation.
Nice to haves
- Familiarity with package and software distribution pipelines (AutoPkg, Munki, or equivalent).
- Prior experience in a fintech, high-growth, or regulated environment where security and compliance requirements are first-class concerns.
- Experience with infrastructure-as-code or configuration management tooling (Terraform, Ansible, or equivalent) in an IT or corporate engineering context.
- Jamf Pro experience at an enterprise level (Jamf 300 or equivalent depth preferred).
- Experience with Windows endpoint management (Intune, SCCM, or equivalent).
Details
- Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents
- Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
- Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
- ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount
Roles similares
Mantén una lista de respaldo.
Stack
Usa estas tags para comparar roles remotos similares.
Elegibilidad de ubicación
Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.
Tu perfilPaís no definidoInicia sesión para comparar tu país con este rol.
Flujo de contratación
WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.
1Revisa fit del rol, stack y elegibilidad de ubicación en WithMira.
2Abre la página de aplicación de la empresa desde el link rastreado.
3Guarda el rol o suscríbete a oportunidades similares antes de salir.