Sr. Endpoint Engineer

Senior Endpoint Engineer (Intune / MECM)

Contract position through end of the year

Locations: Rockville, MD, Fairfax, VA, Chicago, IL, Margate, FL or Houston, TX

Position Summary

The Senior Endpoint Engineer is responsible for hands-on ownership of enterprise endpoint management platforms, including Microsoft Intune, Microsoft Endpoint Configuration Manager (MECM/SCCM), and a Jamf environment.

This role focuses on building, stabilizing, and optimizing endpoint management across more than 4,000 Windows devices. The ideal candidate brings deep expertise in imaging and task sequences, software deployment and packaging, Autopilot, Intune co-management, patching automation, kiosk configurations, and advanced troubleshooting through detailed log analysis.

This is a highly technical, engineering‑focused role requiring independence, end‑to‑end project execution, and continuous improvement of endpoint delivery. The position also includes mentoring team members on standard maintenance and deployment tasks.

Current Priorities

• Rebuild and standardize imaging task sequences
• Stabilize and optimize MECM/Intune environments
• Expand and improve Intune co-management
• Implement Windows Autopilot
• Automate patching and software deployments
• Develop proactive hardware and software lifecycle processes
• Improve end-user device reliability and experience
• Train additional team members on endpoint operations

This role serves as the senior technical expert for endpoint management.

Hybrid schedule: 2 days per week in-office.

Key Responsibilities

Endpoint Engineering

• Serve as the primary technical owner for MECM/SCCM and Intune across 4,000+ endpoints
• Manage a Jamf environment supporting ~100 Mac devices/iPads
• Design, build, and maintain Windows imaging processes and task sequences
• Implement and optimize Windows Autopilot deployments
• Configure and manage kiosk-mode devices
• Build, test, and deploy enterprise software packages
• Drive modernization through increased Intune adoption and co-management
• Develop proactive hardware and software lifecycle management processes

Patching & Compliance

• Design and maintain Windows patch management processes using MECM and Intune
• Improve compliance reporting and remediation workflows
• Ensure endpoints meet security and regulatory requirements (HIPAA, SOX, etc.)
• Maintain macOS patching and compliance via Jamf

Automation & Optimization

• Identify manual or inefficient processes and automate them using PowerShell and modern management tooling
• Improve deployment consistency and reliability
• Reduce task sequence failures and patching exceptions

Advanced Troubleshooting

• Troubleshoot complex endpoint issues across MECM, Intune, and Group Policy
• Perform detailed log analysis (client logs, task sequence logs, event logs, etc.)
• Resolve co-management conflicts and deployment failures
• Serve as an escalation point for advanced endpoint-related issues

Documentation & Knowledge Sharing

• Document build standards, configurations, and operational processes
• Provide guidance to team members on endpoint procedures
• Train staff to perform standard deployment and maintenance tasks

Required Experience & Technical Expertise

• 5+ years of enterprise endpoint management experience
• 5+ years building and maintaining Windows imaging task sequences
• Strong hands-on expertise with:
• Microsoft Endpoint Configuration Manager (MECM/SCCM)
• Microsoft Intune
• Co-management configuration and troubleshooting
• Windows Autopilot
• Active Directory Group Policy (GPO)
• Strong PowerShell scripting and automation skills
• Experience designing and maintaining automated patch management processes
• Proven ability to troubleshoot using logs and drive root-cause analysis
• Experience supporting endpoints in regulated environments
• Ability to independently manage and execute technical projects
• Ability to lift 30+ lbs

Preferred / Bonus Skills

• Experience with Jamf
• Experience migrating workloads from MECM to Intune
• Experience with Conditional Access and compliance policies
• Experience developing reporting and compliance metrics

What Success Looks Like in the First 6 Months

• Stable and reliable imaging processes
• Autopilot implemented and actively in use
• Improved patch compliance with reduced manual intervention
• Increased effective use of Intune within a co-managed environment
• Noticeable improvement in endpoint deployment reliability