Endpoint Engineering Solutions Architect

KentroRemote,
Remote
Match Resume

About The Position

Kentro is seeking a seasoned Endpoint Engineering Solutions Architect (EESA) to support our government customer under the VA-ESOM (Endpoint Support and Operations Monitoring) contract and serve as a trusted advisor across the customer’s national endpoint ecosystem. In this role, you will translate emerging endpoint technologies into practical roadmaps, lead complex solution engagements, and provide expert guidance across all areas of endpoint engineering. This includes an Enterprise Printing initiative, device lifecycle strategy, UEM platforms, security standards, and cross‑platform architecture. The EESA serves as a strategic technical advisor responsible for aligning enterprise endpoint engineering initiatives with operational priorities, modernization objectives, and long-term architectural direction. This role bridges executive strategy and technical execution by guiding technical sequencing, dependency management, risk assessment, and enterprise decision-making across complex endpoint initiatives. The EESA also provides technical guidance on scripting, automation, and scalable configuration management for a growing and diverse device ecosystem. Working closely with government stakeholders, the EESA evaluates technical feasibility, shapes architectural direction, and ensures best‑practice execution across key workstreams, including PKI enablement, SNMPv3 implementation, queue standardization, and print server improvements. This role also contributes to defining ServiceNow items, maintaining CMDB accuracy, and ensuring integrations comply with enterprise ports, protocols, and security controls. Additionally, this position serves as the primary architectural lead for developing the agency’s baseline and future-state architecture for printing services such as printing transitions into the IT organization. The EESA ensures that printing services align with broader endpoint engineering, security, infrastructure, and operational governance strategies. Responsibilities include advising on secure print design, device hardening, configuration management, and service governance. The ideal candidate understands NIST and DISA STIG guidelines and has deep expertise in secure endpoint management (Windows, macOS, and mobile) and enterprise print technologies. They can translate complex security and infrastructure requirements into practical, scalable solutions that support a stable, long‑term service offering.

Requirements

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related field.
  • 10 years of experience in endpoint engineering, including: Windows, macOS, and mobile endpoint ecosystems
  • Modern UEM platforms, such as Intune, JAMF, and other MDM/EMM tools
  • Federal security frameworks and compliance standards, including NIST 800-53, NIST 800-171, DISA STIGs, and enterprise system hardening requirements.
  • Strong architectural, analytical, and problem-solving capabilities with the ability to translate complex security and engineering requirements into practical, scalable, and actionable solutions
  • Proven ability to lead or support major migrations, baseline deployments, or service modernization initiatives.
  • 5+ years of experience in endpoint engineering, including: Experience designing or supporting secure printing environments leveraging PKI, SNMPv3, standardized queues, and cloud‑based printing architecture.
  • Advanced scripting and automation using PowerShell, Python, Bash, or equivalent to support scalable endpoint and printing management.
  • Working in large, complex enterprise environments with cross‑platform endpoint ecosystems and multiteam engineering dependencies.
  • Effective communicator capable of presenting technical concepts to both technical contributors and non‑technical or executive audiences.
  • Familiarity with ServiceNow CMDB structures, catalogs, workflows, and asset governance concepts.

Nice To Haves

  • Master’s degree preferred but not required.
  • Certifications in Microsoft 365, CompTIA, or vendor‑specific managed printing credentials (e.g., HP, Xerox, Lexmark).
  • Experience with Enterprise Printing or Managed Printing Services (MPS), including cost modeling, service design, and enterprise SLA frameworks.
  • Exposure to sustainability or carbon‑reporting considerations related to endpoint and printing‑fleet management.
  • Experience with “as‑a‑service” financial modeling (e.g., cost‑per‑page structures, OPEX/CAPEX models).
  • Background working within regulated industries such as the public sector, healthcare, or financial services.
  • Familiarity with ITIL concepts and service-delivery best practices.
  • CompTIA Security+ (federal baseline requirement).
  • ITIL Foundation (widely used in federal service management environments).
  • Microsoft certifications: MD‑102, MS‑102, or Intune/Endpoint Administrator (core to federal endpoint modernization).
  • CompTIA Network+ or Cloud+ (common supporting certifications for federal infrastructure roles).
  • GIAC, CISSP, or other advanced security certifications (valuable for NIST/STIG‑aligned work).
  • JAMF certifications for macOS engineering (important for agencies with growing macOS footprints).
  • Vendor‑specific managed printing certifications (e.g., HP, Xerox, Lexmark) for Enterprise Printing and MPS environments.

Responsibilities

  • Partner with the customer and engineering teams to evaluate technical sequencing, enterprise dependencies, operational impacts, and architectural risks associated with endpoint modernization initiatives, including large-scale SCCM to Intune co-management and migration efforts.
  • Serve as a strategic thought leader for endpoint engineering trends, covering configuration standards, security controls, ports and protocols, and cross‑platform engineering considerations.
  • Architect and lead enterprise printing initiatives by aligning printing services with broader endpoint engineering, security, networking, and infrastructure strategies, ensuring scalable integration, operational sustainability, compliance, and long-term architectural consistency across the environment.
  • Design and validate enterprise technical standards, including PKI integration, SNMPv3, secure queue architecture, device onboarding workflows, and modernized printing and endpoint baselines.
  • Ensure alignment with federal security frameworks such as NIST 800‑series guidelines, NIST 800‑53/171, DISA STIGs, and agency‑specific enterprise policies.
  • Architect scalable solutions across Windows, macOS, and mobile ecosystems, providing guidance on UEM platforms, cloud print infrastructure, and zero‑trust endpoint security models.
  • Lead strategic endpoint modernization initiatives focused on Zero Trust integration, Unified Endpoint Management (UEM) adoption, and automation-driven provisioning capabilities to reduce operational inefficiencies, minimize reactive engineering efforts, and support evolving enterprise modernization and federal security mandates.
  • Lead the development of enterprise solution blueprints, reference architectures, technical proposals, and implementation guidance supporting endpoint, printing, and managed service initiatives.
  • Develop, review, and optimize automation and scalability via scripting (PowerShell, Bash, Python, and MDM workflows) to support scalable management of endpoints and printing environments.
  • Assess technical feasibility for baseline workstreams, identify risks, dependencies, and required engineering decisions to support project execution.
  • Collaborate with ServiceNow teams to shape catalog items, workflows, CMDB relationships, asset governance, and request processes supporting endpoint and printing services.
  • Conduct in‑depth fleet capability assessments, identify compliance gaps or vulnerabilities, and define remediation or modernization strategies.
  • Develop thorough technical documentation, configuration guides, and engineering reference materials to promote consistency, repeatability, and audit readiness.
  • Support cutovers, escalations, and troubleshooting by offering real‑time technical expertise during deployment activities and configuration reviews.
  • Monitor emerging endpoint engineering trends, including AI‑driven device management, edge computing, sustainability, and cloud printing, and translate them into strategic recommendations and go‑to‑market insights.
  • Mentor engineering and account teams by sharing best practices, solution positioning guidance, and expertise that bridges technical and business perspectives.
  • Present technical and strategic concepts to audiences ranging from engineers to executive stakeholders, adapting communication for clarity and impact.

Benefits

  • paid time off
  • healthcare benefits
  • supplemental benefits
  • 401k including an employer match
  • discount perks
  • rewards
  • education reimbursement for certifications, degrees, or professional development

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Job Search Resources

Similar Endpoint Engineering Solutions Architect job opportunities

Electrical Engineering Solutions Architect
Agilent Technologies
Agilent Technologies • Washington, DC10d • Remote
Systems Engineering Solutions Architect
Agilent Technologies
Agilent Technologies • Washington, DC10d • Remote
Endpoint Engineering Manager
CACI International
CACI International • Arlington, VA3d • Hybrid
Endpoint Engineering Manager
CACI
CACI • Arlington, VA1d • Remote
Endpoint Engineering Lead
McGraw Hill LLC.
McGraw Hill LLC. • UNAVAILABLE, UNAVAILABLE2d • Remote
Solutions Architect
Landis+Gyr
Landis+Gyr • Milton, GA9d • Onsite

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service