Service Desk Engineer (Remote)

A.C. Coy, DC
Remote

About The Position

This role focuses on the engineering and maintenance of standardized workstation images for both Windows and macOS, supporting various access methods including on-site, remote, and VDI. The engineer will be responsible for creating and maintaining endpoint baselines and technical controls to enhance security and reduce risks. A key aspect of the role involves owning the design and lifecycle management of imaging, patching, automation, validation, rollback, and release processes. The position requires maintaining OS and application patching, version control, and deployment workflows using enterprise tools. Additionally, the engineer will develop and maintain logging, telemetry, monitoring, and audit capabilities for endpoint activity and compliance. This includes performing validation testing after imaging or patching cycles, supporting change management processes, and creating comprehensive documentation for various teams. The role also involves supporting engineering escalations related to complex endpoint and device management incidents.

Requirements

  • Bachelor’s degree in IT, Cybersecurity, or related field preferred; equivalent experience acceptable
  • Must possess an active or interim Top Secret security clearance
  • 8+ years of experience in IT, Endpoint Engineering, or Cybersecurity
  • 6+ years of experience performing engineering functions in enterprise environments
  • Experience working under formal change control, audit, and security governance processes
  • Experience building and maintaining Windows and macOS workstation images
  • Experience with image automation, image validation, rollback, and version control
  • Experience integrating workstation images with VDI, EDR, authentication mechanisms, and logging agents
  • Experience maintaining imaging toolchains and automation scripts using Ivanti, KACE, JAMF, or equivalent
  • Experience with formal image-release processes including build, test, signoff, and release
  • Hands-on experience with Ivanti and/or KACE for OS and application patching
  • Experience managing configuration drift, remediation workflows, deployment failures, and rollback
  • Experience validating patches post-deployment and supporting rollback/recovery
  • Experience coordinating Intune/GPO-based patch orchestration for Windows endpoints
  • Experience configuring Windows Event Logs, macOS Unified Logs, application logs, and endpoint logging agents
  • Experience forwarding and validating logs to SIEM/EDR platforms such as Microsoft Sentinel or equivalent
  • Experience implementing monitoring for patch status, enrollment status, image deployment status, and compliance posture
  • Experience supporting forensic collection, artifact preservation, and audit readiness

Responsibilities

  • Design, build, maintain, and secure standardized workstation images for Windows and macOS supporting on-site, remote, and VDI access.
  • Engineer endpoint baselines and technical controls that reduce risk of unauthorized discovery, lateral movement, malicious credential use, persistence, and defense evasion.
  • Own engineering design and lifecycle maintenance for imaging, patching, automation, validation, rollback, and release management.
  • Maintain OS and application patching, version control, and deployment workflows using approved enterprise tools such as Ivanti, KACE, Intune, GPO, JAMF, or equivalent.
  • Engineer and maintain logging, telemetry, monitoring, and audit capabilities to track endpoint activity, enrollment, user authentication, network access, and compliance posture.
  • Develop and execute validation testing after imaging or major patch cycles to confirm endpoint functionality, security agent health, authentication, and VDI connectivity.
  • Support the assessment, recommendation, implementation, validation workflow by producing Findings Reports, Remediation Plans, Validation Reports, and change documentation.
  • Create and maintain runbooks, technical standards, deployment procedures, rollback procedures, and engineering documentation for Service Desk and IRM teams.
  • Support engineering escalations arising from complex Endpoint, image, patching, telemetry, and device-management incidents.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service