VP, Desktop Engineering Leader (L12)

About The Position

Requirements

• 10+ years in Desktop Engineering, Modern Endpoint Management, or OS Platform Engineering or 12+ years of experience in lieu of a degree.
• Deep expertise in Windows 10/11 engineering (imaging, driver management, BIOS/firmware, GPO/Intune policy design).
• Strong experience with Intune, Autopilot, compliance policies, conditional access, and Azure AD join models / co-management architecture.
• Proficiency in macOS engineering, including update governance, security controls, hardware baseline validation, and JAMF integration.
• Experience with ChromeOS management (automated enrollment, OU-based policy management, update governance).
• Familiarity with endpoint security tooling and controls (e.g., Defender, ASR, BitLocker).
• Knowledge of audit/control expectations as applied to endpoints (e.g., SOX, PCI, configuration compliance).
• Strong cross-functional collaboration (Operations, Security, Risk, Cloud, Network).
• Excellent documentation and communication skills; ability to lead RCA and corrective action programs.
• Broad hands-on/architectural experience across Windows, macOS, ChromeOS, SCCM, Intune, JAMF, Citrix/VDI.

Nice To Haves

• Experience leading Cloud PC / DaaS programs and VDI modernization/migration initiatives.
• Track record delivering large-scale endpoint lifecycle modernization (e.g., Autopilot adoption, OS lifecycle planning).
• Cloud identity and access experience (Azure AD, Conditional Access, integrations).
• Automation and scripting expertise (PowerShell, Python).

Responsibilities

• Lead engineering design, development, standardization, and lifecycle management for Windows, macOS, and ChromeOS endpoints.
• Engineer and maintain enterprise OS images (Windows/macOS) and govern ChromeOS management and update strategy.
• Define and maintain hardware standards, perform OEM model testing, and manage drivers/BIOS/firmware update processes.
• Develop and optimize configuration baselines, performance settings, and endpoint hardening standards across platforms.
• Design and manage Intune policies for configuration, application deployment, compliance, and security baselines.
• Lead Windows Autopilot workflows including device registration, profile assignment, join models (Hybrid/Azure AD), validation, and reset/reprovisioning processes.
• Support SCCM infrastructure for co-management scenarios, packaging, patching, and deployment pipelines.
• Drive strategy/roadmap across endpoint tooling including Intune, SCCM, Ivanti, Tanium, JAMF, and Google Admin Console.
• Optimize performance, patching, and application compatibility for VDI/DaaS platforms (e.g., Citrix Cloud, AWS WorkSpaces, AppStream, Cloud PC).
• Support specialized VDI requirements (M365 Products & Services on Citrix).
• Act as the Desktop Engineering POC for audit readiness, evidence collection, technical controls validation, and remediation tracking.
• Implement and maintain endpoint security controls (e.g., Defender, ASR rules, BitLocker), and align configurations with relevant regulatory expectations (e.g., SOX/PCI).
• Manage macOS EFI/firmware/device password standards and coordinate JAMF integrations where required.
• Improve endpoint performance and user experience through Nexthink/telemetry insights and targeted remediation.
• Partner with Desktop Operations/ECC teams to transition engineered solutions into scalable production deployment and support.
• Lead root cause analysis for systemic endpoint issues and drive durable corrective actions.
• Evaluate new tools and modernization opportunities (e.g., Autopilot/Intune enhancements, Nexthink, Tanium, updated security baselines).

Benefits

• best-in-class employee benefits and programs that cater to work-life integration and overall well-being
• career advancement and upskilling opportunities
• Enhanced Flexibility