MDM and Endpoint Management Analyst

ICCU•Chubbuck, ID

11d

About The Position

Secure and drive user experience for both mobile device and endpoint management. Duties and Responsibilities: Own and administer ICCU’s enterprise Mobile Device Management (MDM) platform and assist with Endpoint management. Administer and support endpoint and mobile device management across Windows, macOS, iOS/iPadOS, Android, and (as applicable) Linux using Intune, Jamf Pro, and/or Altiris (or equivalent UEM tools). Manage device enrollment and provisioning workflows, including Windows Autopilot, Apple Automated Device Enrollment (ADE), and Android Enterprise; troubleshoot enrollment failures and improve reliability. Configure and maintain device configuration profiles, security settings, restrictions, and standard build configurations to ensure consistent user experience and policy compliance. Deploy and support applications to endpoints and mobile devices (required apps, optional/self-service catalogs), including packaging, assignment, deployment rings, and rollback procedures. Execute patch and update management for operating systems and key third-party applications; monitor update compliance, remediate failures, and coordinate change windows. Support endpoint/mobile security capabilities such as encryption (BitLocker/FileVault), device posture/compliance checks, and conditional access integrations with identity platforms. Implement and maintain device compliance policies and security baselines (including CIS-aligned settings where applicable), and support reporting for audit or internal security reviews. Troubleshoot and resolve endpoint and mobile issues including policy conflicts, configuration drift, application install failures, VPN/Wi-Fi/certificate issues, and performance problems; escalate to vendors or higher-tier engineering when needed. Monitor the health of endpoint/MDM services and key workflows; use dashboards/logs to identify trends and proactively address recurring issues. Create and maintain documentation and runbooks for standard processes (enrollment, app deployment, remediation steps, device break/fix, replacement workflows). Partner with Service Desk, Security, and Infrastructure teams to coordinate deployments, support incident response activities, and reduce repeat tickets through automation and standardization. Participate in on-call or after-hours maintenance as required and help ensure SLAs are met through timely troubleshooting, clear communication, and structured handoffs. Contribute to continuous improvement by suggesting enhancements to policies, packaging standards, deployment rings, and automation scripts Work with asset management to help manage inventory and EOL of mobile devices.

Requirements

Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or equivalent experience.
5+ years of experience in enterprise endpoint and mobile device management, endpoint security, or systems engineering.
Extensive hands-on experience with MDM/UEM platforms such as Microsoft Intune, JAMF Pro, or Altiris for managing multiple device platforms (Windows, macOS, iOS, Android, Linux).
Proven ability to design, deploy, and support MDM solutions, including device enrollment, configuration, compliance, application management, and device lifecycle.
Strong background in implementing and maintaining endpoint/mobile security controls, security baselines, CIS benchmarks, and policy enforcement.
Experience managing OS and third-party software updates, patching, and remediation for desktops, laptops, and mobile devices.
Expertise in scalable, automated device deployment and zero-touch provisioning methods.
Solid understanding of mobile platform security models, OS limitations, and MDM APIs for iOS and Android.
Must demonstrate an ability to figure out complex problems.
Ability to research, analyze, understand and report on high level system issues.
Attention to detail on many concurrent projects and initiatives.
A demonstrated cooperative and positive attitude toward members and other Credit Union staff.
Ability to work without supervision.
Must be willing to comply with the Bank Secrecy Act and USA Patriot Act as implemented by ICCU.

Responsibilities

Own and administer ICCU’s enterprise Mobile Device Management (MDM) platform and assist with Endpoint management.
Administer and support endpoint and mobile device management across Windows, macOS, iOS/iPadOS, Android, and (as applicable) Linux using Intune, Jamf Pro, and/or Altiris (or equivalent UEM tools).
Manage device enrollment and provisioning workflows, including Windows Autopilot, Apple Automated Device Enrollment (ADE), and Android Enterprise; troubleshoot enrollment failures and improve reliability.
Configure and maintain device configuration profiles, security settings, restrictions, and standard build configurations to ensure consistent user experience and policy compliance.
Deploy and support applications to endpoints and mobile devices (required apps, optional/self-service catalogs), including packaging, assignment, deployment rings, and rollback procedures.
Execute patch and update management for operating systems and key third-party applications; monitor update compliance, remediate failures, and coordinate change windows.
Support endpoint/mobile security capabilities such as encryption (BitLocker/FileVault), device posture/compliance checks, and conditional access integrations with identity platforms.
Implement and maintain device compliance policies and security baselines (including CIS-aligned settings where applicable), and support reporting for audit or internal security reviews.
Troubleshoot and resolve endpoint and mobile issues including policy conflicts, configuration drift, application install failures, VPN/Wi-Fi/certificate issues, and performance problems; escalate to vendors or higher-tier engineering when needed.
Monitor the health of endpoint/MDM services and key workflows; use dashboards/logs to identify trends and proactively address recurring issues.
Create and maintain documentation and runbooks for standard processes (enrollment, app deployment, remediation steps, device break/fix, replacement workflows).
Partner with Service Desk, Security, and Infrastructure teams to coordinate deployments, support incident response activities, and reduce repeat tickets through automation and standardization.
Participate in on-call or after-hours maintenance as required and help ensure SLAs are met through timely troubleshooting, clear communication, and structured handoffs.
Contribute to continuous improvement by suggesting enhancements to policies, packaging standards, deployment rings, and automation scripts Work with asset management to help manage inventory and EOL of mobile devices.