Senior Endpoint Engineer

About The Position

Requirements

• 8+ years of experience in endpoint engineering or systems engineering roles
• Strong hands-on expertise with Microsoft Intune, Windows Autopilot, and MECM
• Experience supporting large-scale Windows 10/11 enterprise environments
• Background in modern endpoint deployment models, zero-touch provisioning, and lifecycle management
• Solid experience with application packaging and automation , including MSIX, WinGet, App-V, PSAppDeployToolkit, and Intune Win32 packaging
• Advanced PowerShell scripting and automation experience; Azure DevOps exposure preferred
• Strong understanding of Microsoft Entra ID , conditional access, zero-trust security models, and Group Policy
• Experience supporting endpoint security tools such as Defender for Endpoint, BitLocker, and EDR platforms
• Proven ability to operate in regulated or professional services environments (legal industry experience a plus)
• Relevant Microsoft certifications (Endpoint Administrator, Azure, Identity & Access, Enterprise Administrator) preferred
• This role requires authorization to work in the U.S. without current or future visa sponsorship.
• All offers are contingent upon the completion of a background check, which may include but is not limited to reference checks, education verification, employment verification, drug testing, criminal records checks, and any required certifications or compliance requirements based on the end client's background check policies and applicable laws.

Responsibilities

• Design, engineer, and support endpoint solutions across Windows, iOS, Android, and VDI platforms
• Create, test, and maintain application packages for deployment via Intune, MECM, and VDI environments
• Develop and maintain standardized endpoint images using Windows Autopilot, Intune, and MDT
• Automate software deployments, patching, and updates using PowerShell, Intune, and Windows Update for Business
• Patch desktops, laptops, and virtual desktops in alignment with security baselines and compliance requirements
• Maintain a centralized application packaging and software library with documentation and version control
• Monitor and report on endpoint health, performance, and compliance using Microsoft Endpoint Analytics and telemetry tools such as ControlUp or Nexthink
• Manage endpoint security configurations, enrollment, and compliance policies
• Support hybrid and remote work environments using conditional access and zero-trust principles
• Serve as a Tier 3 escalation point , performing root cause analysis and driving long-term remediation
• Lead endpoint modernization initiatives, refresh programs, and platform upgrades
• Act as a technical lead on endpoint-related projects, providing engineering guidance
• Interface with vendors and internal IT teams to resolve complex technical issues
• Participate in on-call rotation and support approved maintenance windows; limited after-hours work may be required

Benefits

• health insurance
• 401(k)
• paid time off