Endpoint Engineer

About The Position

Requirements

• 3+ years of experience in endpoint engineering, systems administration, or a related IT operations role.
• Hands‑on experience with Microsoft Intune or comparable enterprise MDM platforms.
• Strong knowledge of Windows operating systems; Linux experience a plus.
• Proficiency in PowerShell scripting.
• Experience with Zero Touch Provisioning (Windows Autopilot and/or Apple Business Manager / DEP).
• Solid understanding of endpoint security concepts including encryption, EDR/antivirus, application control, and firewall policies.
• Experience supporting users in a professional services or enterprise environment with high availability expectations.

Nice To Haves

• Bachelor’s degree in Information Technology, Computer Science, or a related field is strongly preferred.
• Experience managing iOS, iPadOS, and Android devices at scale.
• Exposure to Microsoft Entra ID (Azure AD) and hybrid‑joined environments.
• Familiarity with endpoint security tools such as CrowdStrike Falcon or similar EDR/XDR platforms.
• Experience with Windows software packaging (Win32, MSIX) and deployment best practices.
• Prior experience supporting a law firm or regulated professional services enivronment.

Responsibilities

• Administer and maintain Microsoft Intune across Windows, iOS, iPadOS, and Android platforms in a multi‑office law firm environment.
• Manage device enrollment, configuration profiles, compliance policies, and application deployment across all managed endpoints.
• Support Zero Touch Provisioning workflows (Windows Autopilot) to streamline onboarding for attorneys and staff.
• Oversee OS upgrades and feature update rollouts while minimizing disruption to legal teams and time‑sensitive workflows.
• Monitor and verify patch deployment status across all platforms; troubleshoot failed installations and ensure timely remediation of critical vulnerabilities.
• Maintain automated patching workflows with manual oversight for high‑priority security fixes impacting firm risk posture.
• Perform daily review of endpoint dashboards and monitoring tools; investigate and remediate devices that are offline, non‑compliant, or degraded.
• Proactively identify performance, hardware, or security issues before they impact attorneys or client deliverables.
• Maintain accurate endpoint asset inventory across MDM platforms.
• Manage full device lifecycle—from procurement and provisioning through refresh, decommissioning, and secure disposal—aligned with firm policies.
• Enforce endpoint security configurations including disk encryption, firewall policies, application controls, and EDR/XDR tooling.
• Conduct daily review of security dashboards and alerts; respond to endpoint‑related security events.
• Ensure endpoints align with firm security baselines, client confidentiality obligations, and regulatory requirements common in legal environments.
• Manage software packaging, deployment, and updates for Windows using Intune and approved third-party tools.
• Develop and maintain automation using PowerShell (and shell scripting where applicable) for reporting, remediation, and configuration enforcement.
• Continuously refine automation to reduce manual effort and improve consistency across the firm.
• Act as a senior escalation point for endpoint‑related issues impacting attorneys and business professionals.
• Partner with the Help Desk, Security, and Infrastructure teams during incident response and major troubleshooting efforts.
• Maintain clear documentation for endpoint standards, procedures, and known issues.
• Provide operational, compliance, and risk‑focused reporting to IT leadership.