ST
On the move

/ work

Senior Systems Admin.
Mac & iOS, MDM, AI infrastructure.

Apple-side endpoint engineering at a quantitative hedge fund. Jamf Pro Cloud, Intune, Entra ID, Conditional Access, Defender, Purview DLP. Now also part of the firm's AI Team, deploying MCP servers and structuring the broader AI infrastructure landscape across the org. Before this role, Lead Mac Engineer at Chobani, where I built the Jamf framework enterprise-wide. Independent IT consulting since 2010.

01 · selected work

The projects that mattered.

Migrations, deployments, the buildouts. The ones with real scope and real stakes.

7 projects · 2017 → present

  • AI Infrastructure · MCP Deployments

    The Voleon Group · 2024 → present

    Part of the firm's AI Team at a quantitative hedge fund. Deploying Model Context Protocol (MCP) servers and structuring the broader AI infrastructure landscape. Agent integrations, internal tooling, and the IT controls AI needs to live safely inside a regulated org.

    • MCP
    • AI Infrastructure
    • Agent Integrations
    • AI Governance
    • Quant Hedge Fund

  • Jamf Cloud Migration · 500+ Macs

    The Voleon Group · 2024

    Migrated 500+ Macs from on-prem Jamf Pro to Jamf Cloud with Entra ID + Conditional Access fully wired in. SEC/FINRA-regulated; zero downtime through cutover. Sole owner end-to-end.

    • Jamf Pro Cloud
    • Entra ID
    • Conditional Access
    • SEC/FINRA
    • Zero Downtime

  • Intune MDM/MAM · 450+ Users

    The Voleon Group · 2023

    Sole architect of a three-phase Microsoft Intune rollout covering MDM and MAM across iOS and Android. Hit SEC/FINRA mobile compliance without breaking user workflows. Defender for Endpoint and Conditional Access integrated.

    • Intune MDM/MAM
    • Conditional Access
    • Defender for Endpoint
    • SEC/FINRA

  • Endpoint Stack from Zero · Rational Dynamics AI

    Affiliated entity · 2024

    Built the entire endpoint environment from scratch for the affiliated AI fund. GCP Workforce Identity Federation for SSO, Apple Business Manager + ADE for Zero-Touch Macs, Jamf Pro + Intune for management, Defender for Endpoint + Microsoft Purview for DLP. Day-one ready.

    • GCP Workforce ID
    • ABM / ADE
    • Jamf Pro
    • Intune
    • Defender
    • Purview DLP

  • Mac Fleet Operations

    The Voleon Group · 2020 → present

    Cut Mac provisioning from hours to under 20 minutes with automated Self Service workflows. Annual zero-day macOS upgrades (Monterey through Sequoia), FileVault enforcement, and compliance audits across the fleet. Bash, Python, and Jamf Extension Attributes do most of the heavy lifting.

    • Self Service
    • Zero-Day Upgrades
    • FileVault
    • Compliance
    • Bash / Python

  • Jamf Pro Enterprise Rollout

    Chobani · 2018–2020

    Architected Jamf Pro across the enterprise. Retired legacy Munki, stood up Zero-Touch via ABM/DEP, wrote the runbooks, ran the team training. The framework is still in production.

    • Jamf Pro
    • ABM / DEP
    • Zero Touch
    • Runbooks
    • Training

  • Photography · @ShaqShots

    Independent · ongoing

    Corporate and editorial. The same eye for detail that catches a missed compliance flag catches the missed light.

    • Corporate
    • Editorial
    • Travel

02 · the runbook tool

Ticket in.
Runbook out.

Paste a real ticket, get a runbook in my voice. Built to show the macadmin process, not just the result.

Live · macadmin tool

Ticket → runbook

Paste a messy ticket. Get a clean runbook.

For macadmins. Paste a ticket from Slack, Jira, or wherever — output is a Confluence-style runbook in my house style.

0/2000

03 · the long version

It's all on the resume.

Certifications, stack, every role since 2010. PDF if you want to take it with you.

Updated 2026

View resume → Get in touch