Endpoint Engineer

About The Position

Requirements

• 3–5 years of experience in endpoint management and support.
• Strong hands-on experience with Microsoft SCCM/MECM and Microsoft Intune (preferred) for Windows endpoint management.
• Experience with Tanium and JAMF for endpoint administration.
• Proven ability to support Windows devices, Chromebooks, and Apple devices.
• Strong knowledge of Windows OS, macOS/iOS, and Chrome OS.
• In-depth experience with patch management processes, particularly using SCCM and Intune.
• Proficiency in PowerShell (preferred), Python, or Bash for automation.
• Familiarity with Active Directory, Group Policy, Azure AD, and device enrollment programs.
• Strong analytical and troubleshooting skills.
• Excellent written and verbal communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.

Nice To Haves

• Microsoft certifications (e.g., Modern Desktop Administrator Associate, Endpoint Administrator).
• Tanium Certified Operator and/or JAMF Certified Technician.

Responsibilities

• Manage and support endpoint devices, with a primary emphasis on Windows endpoints via SCCM and Microsoft Intune, as well as Chromebooks and Apple devices (via JAMF).
• Troubleshoot and resolve endpoint-related issues to ensure optimal performance and minimal downtime.
• Provide Tier 3 support for endpoint-related incidents and service requests.
• Administer and optimize Microsoft SCCM/MECM and Microsoft Intune and/or Tanium for device provisioning, configuration management, software deployment, and compliance enforcement.
• Administer JAMF to support Apple device management, including policy enforcement, updates, and application deployments.
• Manage Windows endpoint configurations using Group Policy, SCCM, Intune, and related endpoint management tools.
• Develop and execute patching strategies for all endpoint devices, with a strong focus on Windows patching through SCCM/MECM and Intune.
• Coordinate patch testing, deployment, and validation to ensure security compliance while minimizing user impact.
• Monitor patch compliance and remediation status, addressing failures or discrepancies promptly.
• Manage and support Chromebooks, including policy enforcement, system updates, and troubleshooting.
• Collaborate with vendors and internal teams to resolve hardware or software issues.
• Ensure endpoint devices comply with organizational security policies and standards.
• Support vulnerability assessment and remediation activities, particularly for Windows endpoints managed via SCCM/MECM and Intune.
• Partner with cybersecurity teams to address endpoint-related risks and improve overall security posture.
• Identify opportunities to automate and optimize endpoint management processes, especially within SCCM/MECM and Intune workflows.
• Develop scripts and automation using PowerShell, Python, or Bash to streamline deployments, patching, and configuration management.
• Maintain detailed documentation of endpoint configurations, processes, and troubleshooting procedures.
• Generate and deliver reports on endpoint health, patch compliance, and performance metrics, particularly for SCCM and Intune-managed devices.
• Work closely with IT support, cybersecurity, and infrastructure teams to align endpoint strategies with organizational goals.
• Communicate effectively with stakeholders and end users, providing technical guidance and support as needed.

Benefits

• Medical, Dental, and Vision Insurance
• 401(k)
• Paid company holidays
• Paid time off
• Paid parental and caregiver leave