The Principal Endpoint Architect is responsible for the design, deployment, configuration, and ongoing health of MACOM's global endpoint estate, including physical workstations, shared devices, virtual desktops, servers and other devices. This role sits within the End User Support team and owns the full lifecycle of endpoint management tooling - Microsoft Intune, SCCM, Azure Virtual Desktop (AVD), PDQ, Group Policy, ServiceNow, etc.- ensuring devices are secure, compliant, patched, and performing well for the global user base.
Key Responsibilities- Own global endpoint controls for encryption, local admin strategy, device control, conditional access readiness, and compliance reporting.
- Establish device build standards, hardening baselines, and lifecycle policies.
- Design, implement, and manage Intune configuration profiles and compliance policies across physical and virtual endpoints.
- Administer the enterprise application catalog, including AppLocker and WDAC policy enforcement.
- Lead cloud endpoint transformation initiatives, including Autopilot rollout and SCCM co-management.
- Partner with Security on endpoint policy enforcement and compliance.
- Support remediation of vulnerabilities identified via enterprise scanning tools.
- Contribute to overall endpoint security posture and Zero Trust initiatives.
Additional Capabilities- Strong troubleshooting across Windows endpoint ecosystem.
- Experience operating in co-managed (SCCM + Intune) environment.
- Ability to work cross-functionally with Infrastructure, Security, and Service Desk teams.
Success Profile- Proven ability to modernize endpoint management.
- Brings a continuous improvement mindset, simplifying legacy processes and reducing operational friction.
- Anticipates downstream operational and security impacts when introducing new tools, policies, or platform changes.
- Strong ownership mindset over endpoint lifecycle and platform health.
- Maintains high standards for execution, documentation, change control, and operational resilience.
- Comfortable operating in regulated, security-conscious environments (CMMC, NIST, etc.)
- Balances user experience, security, and supportability when making endpoint architecture decisions.
- Capable of balancing operational stability with transformation initiatives.
RSU Eligible This position is eligible to receive restricted stock unit (RSU) awards and cash bonuses, solely at MACOM's discretion, subject to individual and company performance.
Salary Range The Salary Range for this position is $138,000 - $209,000. Actual salary offered to candidate will depend on several factors, including but not limited to, work location, relevant candidates' experience, education, and specific knowledge, skills, and abilities.
Benefits: This position offers a comprehensive benefits package including but not limited to:
- Health, dental, and vision insurance.
- Employer-sponsored 401(k) plan.
- Professional development opportunities.
