System Administrator – Endpoint & Client Technologies

About The Position

Requirements

• 8+ years of experience in system administration, endpoint management, or desktop engineering.
• Demonstrated hands-on experience administering Microsoft Intune / Endpoint Manager in a production environment.
• Strong experience with Windows 10/11 client management, Windows Autopilot, and application packaging/deployment.
• Working knowledge of Microsoft Entra ID (Azure AD), Conditional Access, and Microsoft 365 administration.
• Solid foundation in infrastructure technologies: Active Directory, Group Policy, DNS/DHCP, Windows Server, and core networking concepts.
• Proficiency with PowerShell scripting for automation and reporting.
• Experience with endpoint security tooling (e.g., Microsoft Defender for Endpoint, BitLocker).
• Strong troubleshooting skills and the ability to work independently in a fast-paced environment.
• Familiarity with AI desktop clients — such as Claude (Cowork), ChatGPT Desktop, and Google Gemini — including enterprise-level configuration, deployment, and management of tools, plugins, skills, connectors, and projects/workspaces.
• Excellent communication skills and a service-oriented mindset.

Nice To Haves

• Relevant Microsoft certifications (e.g., MD-102 Endpoint Administrator, MS-102, AZ-104, or SC-300).
• Experience managing macOS and/or iOS devices through Intune.
• Familiarity with Azure infrastructure (virtual machines, networking, storage).
• Experience with the Microsoft Graph API and modern reporting/dashboarding.
• Exposure to enterprise real estate, property management, or corporate environments at scale.
• Bachelor’s degree in Information Technology, Computer Science, or a related field, or equivalent practical experience.

Responsibilities

• Microsoft Intune administration — manage device enrollment, configuration profiles, compliance policies, and Conditional Access integration across Windows, iOS, and macOS.
• Modern provisioning — build and maintain Windows Autopilot deployment, zero-touch provisioning, and standardized device baselines.
• Application packaging & delivery — package, deploy, and update applications via Intune (Win32, MSI, Microsoft Store), and manage app protection policies.
• Patch & update management — operate Windows Update for Business / Autopatch rings, monitor compliance, and remediate failures.
• Endpoint security posture — configure and maintain Microsoft Defender for Endpoint, BitLocker, attack-surface-reduction, and security baselines in partnership with the security team.
• Identity & access — administer Microsoft Entra ID (Azure AD) — users, groups, dynamic groups, device identity, and hybrid join; support SSO and MFA.
• Microsoft 365 — support and administer M365 services (Exchange Online, Teams, SharePoint/OneDrive) as they relate to the client experience.
• Infrastructure support — apply working knowledge of Active Directory, Group Policy, DNS/DHCP, Windows Server, networking fundamentals, and Azure to troubleshoot issues end to end.
• Automation — use PowerShell (and Graph API where applicable) to automate routine administration, reporting, and remediation.
• Enterprise AI client administration — deploy, configure, and manage AI desktop clients such as Claude (Cowork), ChatGPT Desktop, and Google Gemini at an enterprise level, including packaged deployment through Intune.
• Configuration & governance — configure enterprise tenant settings, authentication (SSO/SCIM), data controls, and admin policies to align with company security and AI governance standards.
• Extending the platforms — set up and support tools, plugins, skills, connectors/MCPs, and projects/workspaces that extend AI client capabilities for business teams.
• Enablement & support — act as a technical resource for safe, productive adoption of AI desktop tools, troubleshoot client issues, and document standard configurations and guardrails.
• Escalation support — act as Tier 2/3 escalation for endpoint and client technology issues from the service desk.
• Documentation & standards — maintain runbooks, configuration standards, and knowledge-base articles; contribute to a well-governed, standardized environment.
• Reliability & monitoring — monitor device health, compliance, and reporting; proactively identify and resolve recurring problems.
• Cross-team collaboration — partner with infrastructure, cybersecurity, and enterprise applications teams on projects and rollouts.

Benefits

• Multiple medical, dental, and vision plan options
• Employee Assistance Program
• Competitive salary and incentive packages
• Matching 401(k)
• FSAs and HSA
• Employer-paid life and AD&D insurance
• Paid leave & disability programs
• 19+ days of PTO
• Mental health counseling & resources
• Fertility, surrogacy, and adoption assistance
• Volunteer days and donation matching
• Learning & training programs
• Tuition & certification reimbursement
• Internal advancement opportunities