Endpoint Security Engineer

Summary

The Endpoint Security Engineer holds a vital position within the IT security and operations team, tasked with the implementation, administration, and enhancement of endpoint security solutions, primarily leveraging Microsoft Intune. This role demands advanced technical proficiency in Microsoft Intune for Mobile Device Management (MDM) and Mobile Application Management (MAM), with experience in Jamf for Apple environments considered advantageous and must be prepared to respond to security incidents outside of regular business hours.

The incumbent is instrumental in ensuring robust protection, regulatory compliance, and efficient user experience across a wide array of device platforms.

• Endpoint Security Architecture & Strategy
  • Design, deploy, and manage Microsoft Intune environment to support both corporate-owned and BYOD scenarios.
  • Develop solutions for device enrollment, authentication, and lifecycle management, leveraging Intune and, where applicable, Jamf for Apple devices.
• Administration and Operations – Mobile Device & Application Management (Intune Focus)
  • Configure and optimize Microsoft Intune settings for MDM and MAM across Windows, Android, and iOS devices.
  • Establish policies for device compliance, security baselines, encryption, and remote wipe capabilities.
  • Manage application deployment, app protection policies, and conditional access requirements.
  • Monitor and analyze Intune performance, logs, and user feedback to ensure optimal functionality and user experience.
  • Manage device inventory, patch management, and security controls for macOS/iOS endpoints.
  • Lead and support large‑scale device migrations, OS upgrades, and enterprise mobility transformation projects while ensuring minimal disruption and continuity of services.
• Monitor, Incident Response & Threat Mitigation
  • Monitor endpoint threats, vulnerabilities, and anomalies using security analytics and reporting tools.
  • Investigate and remediate security incidents related to endpoints.
  • Collaborate with the SOC and IT support teams for escalation and rapid response.
• Compliance, Governance & Reporting
  • Ensure endpoint security solutions meet regulatory standards and internal governance policies.
  • Generate regular reports on device compliance, application usage, and security events.
  • Produce and maintain comprehensive documentation for security audits, configurations, procedures, and standards, and audit device compliance for stakeholders and regulatory bodies.
• User Training & Support
  • Develop training materials and conduct workshops for end‑users and helpdesk staff regarding device enrollment and security practices.
  • Provide Tier 2/3 support for endpoint‑related issues.
  • Collaborate with cross‑functional IT teams to implement robust endpoint security measures, including conditional access, device compliance, and threat detection.
• Continuous Improvement & Research
  • Stay updated on the latest security trends, technologies, and best practices in endpoint management.
  • Recommend and implement improvements to existing security processes and tools.

3–5 years of experience in Microsoft Intune and Office 365.

• Bachelor’s degree in Computer Science, Information Security, or related field; advanced degrees or relevant certifications are a plus.
• Strong proficiency in Microsoft Intune, Microsoft Endpoint Manager, and Azure Active Directory.
• Proven experience in designing, implementing, and supporting Intune MDM/MAM solutions for enterprise environments.
• Strong understanding of endpoint security concepts, including antivirus, EDR, device encryption, and secure access controls.
• Experience with compliance frameworks (e.g., HIPAA, GDPR, SOC 2) and associated audit processes.
• Familiarity with automation tools (Power Shell, Bash), group policy management, and mobile application deployment.
• Excellent analytical, organizational, and problem‑solving skills; ability to manage multiple projects simultaneously.
• Knowledge of Group Policy Objects (GPO), Active Directory, and remote support tools.
• Strong interpersonal skills and ability to work collaboratively in a team environment or independently with minimal supervision.
• Preferred hands‑on expertise in Jamf administration for macOS and iOS device management, including policy configuration.

• Required:
  
  Microsoft Certifications, Jamf Certificate.
• Helpful: CISSP (Certified Information Systems Security Professional).
• Preferred: —

• Required:
  
  Bachelor’s – Computer Science or related field.

• Seniority Level: Mid‑Senior level
• Employment Type:
  
  Full‑time
• Job Function:
  Information Technology
• Industry: Hospitals and Health Care
• Location:
  
  Lenexa, KS

Referrals increase your chances of interviewing at NKC Health by 2x.