Endpoint Engineering Architect

** Job Description**:
* Architect, deploy, and support endpoint solutions across Windows, Linux, macOS, Thin Clients, and Mobile Devices.
* Design, maintain, and optimize standardized OS images for multiple device types and deployment scenarios.
* Engineer and maintain automated installation workflows including or equivalent to Autopilot, Tanium Provisioning, XAVD provisioning via W365, AVD provisioning, PXE-based imaging, and other automated onboarding methods.
* Maintain and enhance patch management strategies (OS and application level) across platforms ensuring compliance, stability, and security.
* Manage endpoint configurations, policies, and compliance baselines across solutions such as or equivalent to Microsoft Intune, Workspace ONE / Air Watch, SOTI,
* or similar
* MDM/UEM platforms.
* Administer virtual desktop infrastructures, particularly Azure Virtual Desktop (AVD), ensuring performance, scale, security, and user experience meet business needs.
* Experience in developing automation scripts and workflows using methods such as Power Shell, Bash, or JSON/REST APIs, or similar tools to streamline endpoint management processes.
* Integrate endpoint management platforms with cloud services, Azure Storage, Active Directory / Azure AD, certificate services, and identity/security tooling.
* Partner with security teams to implement standards for device compliance, identity, secure configurations, and hardening baselines.
* Engage in continuous improvement of device provisioning, self-healing capabilities, app delivery, and user experience.
* Serve as subject matter expert (SME) for major endpoint technologies, providing guidance to operations, service desk, and cross-functional teams.
* Participate in roadmap planning for endpoint modernization, including cloud-based provisioning, hybrid AD → Azure AD Join transitions, and modernization of group policy landscapes.
* Contribute to vendor evaluations, hardware standards, and lifecycle planning (device recycling, employee buyback programs, etc.).
* Document engineering standards, technical designs, change control procedures, and knowledge-base content.
* Occasional site visits to view and evaluate technology usage on site maybe be requested for new technology/customers.
* ** E
* * ndpoint management, engineering, systems administration,
* or equivalent
* technical role.
* Deep expertise in Windows OS engineering, including imaging, MDM provisioning, GPO/Intune configuration, patching, and troubleshooting.
* Strong experience with Linux endpoint management (Ubuntu, RHEL, or other enterprise distros).
* Hands‑on experience with mobile device management (MDM/UEM) using tools
* or equivalents
* to Workspace ONE / Air Watch, Intune, or SOTI.
* Strong proficiency in automation (Power Shell, etc.) and modern deployment technologies.
* Experience with Azure Virtual Desktop (AVD) engineering, scaling, performance optimization, and image management.
* Strong understanding of endpoint security concepts: compliance baselines, conditional access, identity management, certificate-based authentication, and vulnerability management.
* Solid knowledge of networking, DNS, DHCP, VPN clients, and cloud identity (Azure AD / Entra ).
* Experience in hybrid AD → Azure AD migration models and policy modernizations.
* Experience integrating automation platforms with repositories such as Azure Storage or package management ecosystems (Win Get, or similar tools).
* Understanding of frontline-focused hardware (thin clients, low resource devices).
* Familiarity with large‑scale enterprise hardware lifecycle processes (procurement → deployment → recycling).
* Azure certifications: AZ‑104, AZ‑305, or specialty certifications in virtual desktop or endpoint management
* are a plus.
** Experience with DEX / enterprise monitoring and self-healing tooling (e.g., Tanium, NEXthink, etc.)
- * preferred*.
* Strong analytical, troubleshooting, and problem-solving abilities.
* Excellent communication with both technical and non‑technical stakeholders.
* Ability to work independently, manage multiple priorities, and influence engineering decisions.
* Provide technical leadership and assist fellow engineers on the…