Manager, Endpoint Engineering

Description

• Oversee the configuration, performance, and security of Windows 365 and Azure Virtual Desktop infrastructure in coordination with cloud and infrastructure teams.
• Plan and lead Windows and macOS lifecycle management, including OS versioning, feature updates, patch cycles, and end-of-life planning.
• Ensure endpoint support strategies align with ITSM processes and digital workplace initiatives.
• Collaborate with cross-functional teams (Security, Infrastructure, Service Desk, etc.) to align endpoint initiatives with broader IT and business objectives.
• Monitor device fleet health, compliance, and performance metrics; generate executive reports.
• Maintain documentation, SOPs, and knowledge base articles for endpoint processes and standards.
• Collaborate with security teams on endpoint protection and zero-trust strategies (EDR, compliance policies, Conditional Access).
• Collaborate with Security and Compliance teams to ensure all endpoint software meets organizational risk and regulatory standards.
• Develop and maintain endpoint roadmaps aligned with business needs, technology trends, and cybersecurity requirements.
• Define and enforce policies for patching, encryption, device compliance, and OS hardening.
• Maintain an accurate endpoint software and hardware inventory, working with the IT Asset Manager and Legal to manage licensing agreements and renewals for endpoint applications.
• Establish policies and processes to ensure all endpoint hardware and software is approved, compliant, and cost optimized.
• Provide regular reporting on software usage, license compliance, and cost savings opportunities to IT leadership.
• Track and report on key performance indicators (KPIs) and service level agreements (SLAs) related to endpoint management.
• Own the lifecycle management of all endpoint-related software and hardware, including procurement, deployment, licensing, compliance, and decommissioning.
• Architect, implement, and maintain endpoint management platforms such as Microsoft Intune, SCCM, JAMF, Workspace One, and Autopilot.
• Automate device provisioning, application deployments, and policy enforcement across platforms.
• Lead a team of endpoint engineers supporting Windows, macOS, iOS, Android, Linux, Windows 365, Azure Virtual Desktop (AVD), and Windows 365.
• Lead the development and execution of hardware lifecycle reporting and budgeting processes, ensuring accurate forecasting, cost optimization, and alignment with organizational IT asset management strategies.
• Mentor and develop a team of Endpoint Engineers, fostering a culture of innovation, accountability, and continuous improvement.
• Manage vendor relationships related to endpoint hardware and management tools.
• Ensure timely resolution of escalated endpoint issues and provide guidance on complex technical problems.
• Define and execute the endpoint strategy aligned with organizational goals, including device lifecycle management, security posture, and user experience.
• Maintain endpoint-related documentation, standards, and knowledge articles.
• Partner with IT Service Desk and End-User Support Services to drive automation, self-service capabilities, and operational efficiencies.

Requirements

• Hands-on experience with software asset management processes and tools, preferably in an enterprise environment.
• Ability to influence and drive alignment across IT, Security, Legal teams.
• ITIL Foundation or higher certification.
• 7+ years of experience in IT endpoint management, with at least 3 years in a managerial role.
• Exposure to Agile or DevOps methodologies.
• Hands-on expertise with Windows 365 and Azure Virtual Desktop and image lifecycle management
• Bachelor’s degree in Information Technology, Computer Science, or related field (or equivalent experience).
• Demonstrated expertise in enterprise endpoint platforms (Windows, macOS) and modern management tools (Intune, SCCM, JAMF, etc.).
• Strong understanding of software licensing models (perpetual, subscription, SaaS) and compliance best practices.
• Proven track record of implementing automation and process improvements to optimize endpoint operations and software usage.
• Experience managing BYOD and hybrid workforce environments.
• Virtualization: Azure Virtual Desktop (AVD), Windows 365, FSLogix, host pool, and image management.
• Application Deployment: Application Manager, Chocolatey, Winget, Intune Win32 apps, packaging, and testing.
• Automation: PowerShell, Azure Automation, proactive remediations, and scripting frameworks.
• Familiarity with information security frameworks and endpoint security best practices.
• Experience in a mid-sized to large enterprise environment with hybrid cloud and on-premise infrastructure.
• Detail-oriented with strong analytical and reporting skills.
• Certification in software asset management (CSAM, ITAM).
• Strategic thinker with the ability to balance operational execution and long-term planning.
• Device Management: Microsoft Intune, Autopilot, SCCM, JAMF Pro, CyberArk, Nerdio.
• Excellent leadership, communication, and cross-functional collaboration skills.
• Security: Microsoft Defender for Endpoint, BitLocker, Conditional Access, MDM/MAM policies.
• Client OS Platforms: Windows 10/11, macOS (latest), iOS, Android.

Benefits

Training + Development

Interview process

Visa Sponsorship

Security clearance