Overview

The Endpoint Systems Engineer II is responsible for designing, managing, securing, and supporting the organization’s modern endpoint environment across Windows, macOS, Cloud PCs, and related end-user computing platforms. This role owns the configuration, deployment, policy management, automation, and lifecycle support of corporate desktops and devices using technologies such as Microsoft Intune, Mosyle, Microsoft Entra ID, Windows 365 Cloud PCs, Group Policy, mobile device management, and related identity, security, and endpoint management tools. This position partners closely with IT operations, service desk, security, infrastructure, and business teams to ensure endpoints are secure, compliant, reliable, and easy for employees to use.

Responsibilities

Supervisory Responsibilities

• No supervisory responsibilities

Duties/Responsibilities

• Manage Windows endpoints using Microsoft Intune, Group Policy, configuration profiles, compliance policies, application deployment, update rings, and endpoint security baselines.
• Manage macOS endpoints using Mosyle, including device enrollment, configuration profiles, software deployment, security controls, and compliance enforcement.
• Administer and support Windows 365 Cloud PCs, including provisioning, assignment, policy configuration, troubleshooting, and lifecycle management.
• Design and maintain endpoint management standards for Windows, macOS, mobile devices, and virtual or cloud desktop environments.
• Configure and maintain Microsoft Entra ID device join, hybrid join, conditional access, device compliance, and identity-based access policies.
• Package, deploy, and update applications across managed endpoints using Intune, Mosyle, scripting, and automation tools.
• Develop and maintain endpoint security policies, including encryption, antivirus or EDR integration, firewall settings, patching, local admin controls, and device compliance.
• Create, review, and maintain Group Policy Objects, MDM policies, configuration profiles, and security baselines.
• Troubleshoot complex endpoint issues involving operating systems, user profiles, authentication, networking, device enrollment, application deployment, and policy conflicts.
• Automate endpoint administration tasks using PowerShell, shell scripting, Microsoft Graph, or other relevant tools.
• Maintain documentation for endpoint standards, configuration policies, troubleshooting procedures, and operational processes.
• Collaborate with security teams to support audit requirements, vulnerability remediation, endpoint hardening, and compliance initiatives.
• Evaluate new endpoint technologies and recommend improvements to increase security, reliability, automation, and user experience.

Qualifications

Required Skills/Abilities

• Strong understanding of MDM concepts, device compliance, configuration profiles, application deployment, and endpoint security.
• Working knowledge of Microsoft Entra ID, Conditional Access, device registration, SSO, and identity-based policy enforcement.
• Familiarity with endpoint security concepts including encryption, EDR/AV tools, patching, least privilege, local admin management, and security baselines.
• Ability to troubleshoot complex endpoint, identity, policy, and application deployment issues.
• Strong documentation, oral/written communication, and cross-team collaboration skills.

Education and Experience

• Bachelor’s degree in Information Technology, Computer Science, or a related field (or equivalent work experience).
• 3–5 years of experience in endpoint engineering, systems administration, or a related IT role.
• Experience managing Windows endpoints with Microsoft Intune, Group Policy, and Microsoft Entra ID.
• Experience managing macOS devices with Mosyle or a similar Apple MDM platform.
• Experience with Windows 365 Cloud PCs, Azure Virtual Desktop, or similar virtual desktop or cloud PC technologies.

 

Healthy work-life balance.

 

We are committed to supporting a healthy work-life balance and fostering an environment of productivity and collaboration. This position follows a hybrid schedule for team members working in our corporate offices, combining on-site presence with remote flexibility. Our hybrid model is designed to promote teamwork and engagement while also providing the adaptability professionals need to manage their responsibilities effectively.

 

Benefits

 

• 401k Company Match
• Annual Charitable Matching Gift Program
• Commuter Benefits
• Company Holidays
• Credit Union Membership
• Dental Insurance
• Dependent Care Plan
• Disability Insurance
• Employee Assistance Program
• Life Insurance
• Medical Insurance
• Paid Time Off Plan
• Vision Insurance
• Weekly Non-Management Dinner Benefit