M1 Mac (in DEP) first created user has no Secure Token

I have an M1 Mac that is in DEP (using Jamf). If I wipe the machine (from within Recovery Mode) and reinstall Big Sur 11.1, the first created user does not have a Secure Token, and so I can not enable FileVault. Looking on the web I have found people who had similar issues, but the general solution seems to be "wipe the machine and reinstall macOS, and you're all good", which is exactly what I am doing. See this one as an example: https://discussions.apple.com/thread/8487253 The best description of Secure Tokens (I am including the link because otherwise everyone else will point me there) is here: https://derflounder.wordpress.com/2018/01/20/secure-token-and-filevault-on-apple-file-system/ It looks like a bug in the OS - the initial created user has no Secure Token, and so I can not give any other users a Secure Token. Therefore I guess I am not allowed to use FileVault?