Responsibilities:
- Group Policy Management: Lead the assessment of our current Windows endpoint Group Policy settings and architect a robust and efficient Group Policy baseline for Windows 10 and Windows 11, aligning with security best practices and organizational needs.
- Operating System Deployment & Imaging: Design, develop, and implement SCCM task sequences, encompassing both bare-metal provisioning and in-place upgrades for Windows 10 and Windows 11. Develop Autopilot Deployment Profiles in Intune for streamlined device provisioning.
- Boot Image & Driver Management: Create, manage, and optimize Windows Preinstallation Environment (WinPE) boot images and effectively manage hardware drivers within the endpoint management infrastructure.
- Patch Management & Compliance: Establish and maintain automated patch deployment strategies utilizing SCCM Automatic Deployment Rules and Intune update rings. Proactively monitor patch compliance, troubleshoot deployment failures, and ensure endpoints are up-to-date and secure.
- Vulnerability Remediation: Utilize your strong SCCM and PowerShell scripting skills to develop and implement automated solutions for identifying, remediating, and reporting on Windows endpoint vulnerabilities, enhancing our overall security posture.
- Automation & Efficiency: Leverage your PowerShell expertise to create and maintain scripts that automate routine endpoint management tasks, improve efficiency, and reduce manual intervention.
- Software Deployment & Management: Design, package, and deploy applications effectively using the SCCM Application model and the PowerShell Application Deployment Toolkit (PSADT), ensuring seamless and reliable software delivery to end-users.
- User Acceptance Testing (UAT) Collaboration: Partner closely with the Service Desk and end-users to facilitate comprehensive user acceptance testing for new deployments and changes, including the preparation of test devices, validation processes, and obtaining user sign-off.
- Endpoint Security & Compliance: Contribute to the overall security and compliance of our endpoint environment by implementing and adhering to security policies and best practices within the endpoint management framework.
- Documentation & Knowledge Sharing: Create and maintain comprehensive documentation for all endpoint management processes, configurations, and solutions. Share knowledge and best practices with the wider IT team.
- Continuous Improvement: Stay abreast of the latest trends and technologies in endpoint management and proactively identify opportunities for process improvement and optimization.
Qualifications:
Minimum:
- 5+ years of engineering experience in enterprise-level endpoint management.
- Demonstrated expertise in Microsoft Endpoint Configuration Manager (SCCM), including infrastructure management, application deployment, patch management, and OS deployment.
- Proven experience with Microsoft Intune and Autopilot for modern device management and deployment.
- Strong PowerShell scripting skills for automation and task management.
- Solid understanding of Windows operating systems (Windows 10 and Windows 11), Active Directory, and Group Policy.
- Excellent analytical, problem-solving, and troubleshooting skills.
- Strong communication and collaboration skills with the ability to work effectively with technical and non-technical stakeholders.
- Valid driver’s license.
Preferred:
- Microsoft certifications related to Endpoint Management (e.g., Microsoft 365 Certified: Modern Desktop Administrator Associate – MD-102).
- Familiarity with vulnerability management processes and tools (e.g., Qualys)
- Familiarity with the Microsoft Graph API
Featured benefits
Vision insurance, Dental insurance, 401(k)