I run the infrastructure that keeps 2,000+ Patagonia employees working — from zero-touch deployments to broadcast-grade live production.
Detailed breakdowns of the problems I've solved, the architecture decisions I've made, and the measurable impact delivered.
Designed a fully automated macOS deployment workflow that eliminated manual imaging and reduced provisioning from hours to under 20 minutes across 2,000+ endpoints.
Implemented macOS Platform SSO with Secure Enclave-backed authentication and Jamf Connect for least-privilege admin access, eliminating legacy password-based auth enterprise-wide.
Architected broadcast-grade live streaming for company-wide town halls, integrating OBS, ProPresenter, and Microsoft Teams for hybrid events reaching thousands of employees.
Built macOS and iOS patch management strategy using Jamf Pro, automating compliance reporting and remediation workflows to maintain security posture across the fleet.
Deployed Apple Content Caching servers across key network segments, dramatically reducing WAN bandwidth consumption and accelerating software delivery company-wide.
Architecture Decision Records — the reasoning behind key infrastructure choices. A window into how I think about trade-offs at enterprise scale.
When Microsoft began expanding Intune's macOS capabilities, we faced a decision: consolidate all endpoint management under Intune (reducing vendor count) or maintain a best-of-breed hybrid with Jamf Pro for macOS and Intune for Windows. The fleet included 1,500+ Macs and 500+ Windows devices, with deep investment in Jamf Pro automation and zero-touch workflows.
Maintained Jamf Pro as the primary macOS MDM with Intune for Windows, integrated through Entra ID for unified identity. Kept platform-specific tooling where it provided measurable advantage rather than forcing consolidation at the expense of capability.
Mac management remains best-in-class with Jamf Pro's Apple-specific feature set (Setup Manager, Patch Management, Platform SSO integration). Windows devices managed through Intune with co-management where needed. Entra ID provides unified identity across both platforms. Ongoing cost of two MDM platforms is offset by reduced IT labor and faster incident resolution on macOS — our primary platform.
Patagonia's macOS fleet relied on traditional password-based authentication synced through Jamf Connect. Password resets were a top IT ticket driver, and shared credentials created security risks. When Apple introduced Platform SSO with Secure Enclave support in macOS Ventura, we saw an opportunity to eliminate passwords entirely for device login.
Adopted Platform SSO with Secure Enclave-backed authentication via Jamf Connect + Entra ID, phased across the fleet. Users authenticate once with biometrics (Touch ID) or local account, and the Secure Enclave handles token exchange with Entra ID — no passwords stored or transmitted.
Password reset tickets dropped significantly. Zero credentials stored on-device outside the Secure Enclave. Users authenticate with Touch ID — faster and more secure. However, the initial rollout required careful change management; users accustomed to password login needed training on the new biometric flow. Platform SSO adoption also required macOS Ventura minimum, creating a short-term OS upgrade push.
Own enterprise endpoint strategy and live production infrastructure supporting a global hybrid workforce. Lead MDM architecture across Jamf Pro and Intune for 2,000+ endpoints. Engineer zero-touch deployment workflows reducing provisioning from hours to under 20 minutes.
Managed hybrid Windows and macOS environment spanning 2,000+ endpoints. Developed automated deployment scripts, configuration profiles, and patch workflows.
Provided end-user support for headquarters and remote employees across North America. Supported rapid pandemic-driven expansion of the hybrid work model.
Delivered technical support for corporate headquarters and 280+ retail locations nationwide. Managed Mac fleet using Jamf Pro.
Tools and platforms I work with daily across endpoint management, identity, automation, and production infrastructure.
Most platform managers come from software engineering. My path runs through the trenches — and that's the advantage.
I started in IT at Guitar Center, managing the Mac fleet across 280+ retail locations. It was pure operations — hands-on support, hardware repair, Jamf Pro administration. I learned that infrastructure isn't abstract: it's the thing that lets a store manager open in the morning.
At Patagonia, I grew from Systems Analyst (end-user support during pandemic-scale hybrid expansion) to System Administrator II (automated deployment scripts, patch workflows, cross-platform management) to Platform Manager — where I now own enterprise endpoint strategy and live production infrastructure.
The through-line is progressive ownership: each role expanded the surface area I was responsible for. Helpdesk taught me empathy for the end user. Systems administration taught me automation as leverage. Platform management taught me architecture as strategy. I approach infrastructure decisions with the perspective of someone who has done every job in the chain — from imaging a single Mac to architecting zero-touch for 2,000+.
I believe in contributing back to the community that shaped my career. Here are some of the ways I share knowledge.
Led internal training sessions for IT staff on the zero-touch deployment workflow, covering Jamf Setup Manager, ABM integration, and troubleshooting common provisioning scenarios.
Mentor early-career IT professionals within Patagonia, helping them navigate the transition from helpdesk to systems administration and beyond.
Active participant in the Jamf Nation community, sharing deployment patterns and troubleshooting insights with fellow Mac administrators.
I'm always open to connecting with fellow infrastructure professionals, recruiters, and anyone interested in enterprise endpoint strategy.