Sr Endpoint Engineer

Job Description:

We are seeking a skilled Sr. Endpoint Management Engineer to help design, implement, and maintain our global endpoint ecosystem. In this role, you will be responsible for the lifecycle management of our end-user devices (Windows, macOS, iOS, Android), ensuring a secure, compliant, and seamless user experience. You will move beyond simple troubleshooting to focus on automation, policy design, and Modern Management strategies.

Key Responsibilities:

• Device Lifecycle Management: Architect and manage the provisioning, configuration, and decommissioning of devices using Microsoft Intune, Autopilot.
• Application Deployment: Package, test, and deploy applications and updates across the enterprise. Manage the software center/company portal to ensure users have self-service access to approved tools.
• Patch Management & Security: Oversee deployment of OS patches, driver updates, and security configurations (BitLocker, Defender, Compliance Policies) to ensure zero-day readiness and fleet security.
• Automation & Scripting: Write and maintain advanced scripts (PowerShell, Bash, Python) to automate routine tasks, remediate vulnerabilities, and gather custom inventory data.
• Image Management: Transition from legacy Golden Images to modern provisioning standards (Autopilot / ABM).
• L3 Escalation Support: Serve as the final escalation point for the Service Desk regarding complex hardware, OS, and software capability issues.
• Infrastructure Maintenance: Maintain and upgrade management infrastructure (e.g., Cloud Cloud Gateway, Distribution Points if using SCCM/MECM alongside Intune).
  
  

Qualifications:

• Experience: 5+ years of experience in Desktop Engineering, Systems Administration, or Endpoint Management in an enterprise environment (500+ endpoints).
• MDM Mastery: Deep technical understanding of Microsoft Endpoint Manager (Intune), including Configuration Profiles, Compliance Policies, and Conditional Access.
• Scripting: Strong proficiency in PowerShell for Windows automation (API interactions are a plus).
• OS Knowledge: Expert-level knowledge of Windows 10/11 architecture (Registry, WMI, Event Logs) and familiarity with macOS/iOS management.
• Identity: Solid understanding of Azure AD (Entra ID), including Hybrid Joins, group management, and user principals.
• Legacy Knowledge: Experience with MECM (SCCM) Co-management environments.
• Security: Experience working with EDR tools (CrowdStrike, SentinelOne) and vulnerability management platforms (Tenable/Nessus).
  
  

Desired Soft Skills:

• Ability to translate technical constraints into plain English for stakeholders.
• A User Experience First mentality.
• Strong documentation habits for knowledge base articles and technical diagrams.