Enterprise Endpoint Architect

About The Position

Requirements

• 10+ years in Endpoint / EUC / Desktop / Mobility / VDI engineering
• 5+ years in architecture or senior engineering role
• Expert knowledge of Intune / MECM / Autopilot
• Expert knowledge of Windows Enterprise
• Expert knowledge of Entra ID / Active Directory
• Expert knowledge of Endpoint security & compliance
• Expert knowledge of VDI / DaaS
• Expert knowledge of Azure / Microsoft 365
• Expert knowledge of Conditional Access / Zero Trust
• Strong automation / scripting experience
• Experience designing enterprise-scale solutions
• Bachelor's or 4 years of work experience above the minimum qualification
• 5 Years of Experience

Nice To Haves

• Healthcare / Fortune-500 / regulated industry experience
• Experience with Citrix
• Experience with VMware Horizon
• Experience with Azure Virtual Desktop
• Experience with Nexthink / ControlUp
• Experience with JAMF / Apple management
• Experience with Mobile device management
• Enterprise Architecture experience
• Experience leading large transformations

Responsibilities

• Define enterprise endpoint architecture across all business units
• Develop multi-year roadmap for digital workplace platforms
• Establish standards for device management, configuration, and security
• Align endpoint strategy with enterprise cloud, identity, and security architecture
• Participate in Enterprise Architecture Review Board (ARB)
• Design and govern architecture for Microsoft Intune / Endpoint Manager, MECM / SCCM (if hybrid), Entra ID / Active Directory, Windows / macOS / iOS / Android, Autopilot / Zero-Touch provisioning, Device compliance / conditional access, Patch & lifecycle management, Endpoint encryption & security baselines
• Architect enterprise VDI / DaaS platforms
• Design Citrix / VMware / Azure Virtual Desktop solutions
• Define remote access architecture
• Support hybrid and cloud workspace models
• Ensure scalability, performance, and resiliency
• Design endpoint integration with Microsoft 365 / Azure
• Define cloud-first endpoint management strategy
• Support modern authentication & Zero Trust
• Enable device-based access controls
• Support SaaS / web-first workspace models
• Define endpoint security architecture
• Align with Cybersecurity & Risk teams
• Support Zero Trust initiatives
• Define hardening baselines
• Support vulnerability management strategy
• Ensure compliance with regulatory standards (HIPAA, PCI, SOX, NIST, CIS benchmarks)
• Align endpoint architecture with identity strategy
• Integrate with Entra ID / AD / MFA / Conditional Access
• Support device trust models
• Support SSO and modern auth
• Define automation strategy for endpoint management
• Promote PowerShell / Graph / API / IaC frameworks
• Enable self-service / zero-touch deployments
• Support AI-driven endpoint analytics
• Define endpoint monitoring architecture
• Support tools such as Nexthink, ControlUp, Endpoint Analytics, Intune reporting
• Improve user experience metrics
• Lead technology selection for endpoint platforms
• Conduct architecture reviews & POCs
• Define technical requirements for RFPs
• Partner with vendors and integrators
• Define endpoint engineering standards
• Approve technical designs
• Enforce architecture compliance
• Provide technical oversight for major projects
• Partner with Enterprise Architecture, Cybersecurity, Cloud Engineering, Identity & Access Management, Network Engineering, Telecom / Collaboration, Desktop Engineering, Mobility Engineering, Field Services, Service Desk
• Achieve success metrics including Endpoint platform stability, Security compliance score, Patch & vulnerability compliance, Device deployment success rate, User experience metrics, Incident reduction, Modernization progress, Cost optimization, Architecture adoption across teams