The Endpoint Engineering Lead provides senior technical leadership for the design, deployment, and lifecycle management of enterprise endpoints, with a primary focus on reducing laptop rollout issues, improving deployment predictability, and strengthening endpoint stability. This is a hybrid position requiring on-site presence at least twice a week. The role leads engineering across Intune, SCCM/MECM, Autopilot, Dell hardware platforms, and MDM/MAM technologies, ensuring secure, compliant, and reliable operations in a Federal environment. This position requires advanced troubleshooting expertise, strong project leadership, and the ability to coordinate complex, multi-layer releases.

• Lead engineering, architecture, and optimization of Intune, SCCM/MECM, Autopilot, and MDM/MAM platforms.
• Oversee provisioning, imaging, application packaging, deployment workflows, patching, updates, and Dell hardware/firmware optimization.
• Reduce "out-the-door" issues through improved configuration, validation, and streamlined deployment pipelines.
• Coordinate and sequence OS updates, monthly patches, Office updates, drivers, and configuration releases to avoid collisions and improve troubleshooting clarity.
• Develop and enforce device compliance policies, security baselines, and configuration standards.
• Implement structured QA, pilot testing, and post-deployment validation processes.
• Provide advanced troubleshooting across hardware, OS, identity, network, and application layers.
• Collaborate with cybersecurity teams to ensure alignment with Federal standards (NIST, CIS, STIGs, FedRAMP) and Zero Trust principles.
• Maintain operational documentation, SOPs, architecture diagrams, and deployment runbooks.
• Provide technical leadership and mentorship across endpoint engineering functions; support cross-team alignment and operational excellence.
• Evaluate and recommend new endpoint technologies, automation opportunities, and modernization improvements.

Minimum Qualifications

• Bachelor's Degree in Information Technology, Computer Science, other relevant field, or equivalent relevant experience; Master's Degree preferred.
• Security+ certification required (or ability to obtain within 90 days).
• 8-15 years of experience in Systems Engineering/Analysis.
• Onsite expectation 2 days per week

Other Job Specific Skills

• Extensive hands-on experience with Intune, SCCM/MECM, Autopilot, and enterprise MDM/MAM.
• Strong background in Windows endpoint engineering, including Dell laptops/tablets and driver/firmware ecosystems.
• Proven ability to design deployment pipelines and coordinate multi-layer releases.
• Advanced troubleshooting and scripting/automation (PowerShell preferred).
• Experience supporting endpoints in Federal or highly regulated environments strongly preferred.
• Strong communication and project leadership skills.

Preferred Qualifications

• Microsoft certifications (MD-102, SC-300, AZ-140, or equivalent).
• Experience with Entra ID, Defender for Endpoint, Zero Trust, and conditional access.
• Familiarity with enterprise mobility, BYOD policy design, and identity-centric security models.
• Knowledge of virtualization (AVD, VMware Horizon), packaging tools, and enterprise software distribution.

Compensation Ranges

Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

Disclaimer

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.