Enterprise Endpoint Engineer

Position Summary

The Enterprise Endpoint Engineer is responsible for the enterprise-wide architecture, strategy, and technical governance of all endpoint computing platforms including desktops, laptops, mobile devices, virtual desktops, and endpoint management systems.

This role defines the future-state architecture, standards, and roadmap for the organization’s digital workplace and ensures alignment with security, cloud, identity, and enterprise platform strategies.

The Enterprise Endpoint Engineer serves as the highest-level technical authority for endpoint technologies and provides architectural leadership across Desktop Engineering, Mobility, VDI, Identity, Security, and Cloud teams.

Key Responsibilities

Enterprise Architecture & Strategy

• Define enterprise endpoint architecture across all business units
• Develop multi-year roadmap for digital workplace platforms
• Establish standards for device management, configuration, and security
• Align endpoint strategy with enterprise cloud, identity, and security architecture
• Participate in Enterprise Architecture Review Board (ARB)

Endpoint Platform Architecture

Design and govern architecture for:

• Microsoft Intune / Endpoint Manager
• MECM / SCCM (if hybrid)
• Entra ID / Active Directory
• Windows / macOS / iOS / Android
• Autopilot / Zero-Touch provisioning
• Device compliance / conditional access
• Patch & lifecycle management
• Endpoint encryption & security baselines

Virtual Workspace & Remote Access Architecture (awareness)

• Architect enterprise VDI / DaaS platforms
• Design Citrix / VMware / Azure Virtual Desktop solutions
• Define remote access architecture
• Support hybrid and cloud workspace models
• Ensure scalability, performance, and resiliency

Cloud & Modern Workplace Architecture (awareness)

• Design endpoint integration with Microsoft 365 / Azure
• Define cloud-first endpoint management strategy
• Support modern authentication & Zero Trust
• Enable device-based access controls
• Support SaaS / web-first workspace models

Security & Zero Trust Architecture (partner with Security)

• Define endpoint security architecture
• Align with Cybersecurity & Risk teams
• Support Zero Trust initiatives
• Define hardening baselines
• Support vulnerability management strategy
• Ensure compliance with regulatory standards

Examples:

• HIPAA
• PCI
• SOX
• NIST
• CIS benchmarks

Identity & Access Integration

• Align endpoint architecture with identity strategy
• Integrate with Entra ID / AD / MFA / Conditional Access
• Support device trust models
• Support SSO and modern auth

Automation & Engineering Standards

• Define automation strategy for endpoint management
• Promote PowerShell / Graph / API / IaC frameworks
• Enable self-service / zero-touch deployments
• Support AI-driven endpoint analytics

Monitoring & Digital Experience

• Define endpoint monitoring architecture
• Support tools such as:
  • Nexthink
  • ControlUp
  • Endpoint Analytics
  • Intune reporting
• Improve user experience metrics

Vendor & Technology Evaluation

• Lead technology selection for endpoint platforms
• Conduct architecture reviews & POCs
• Define technical requirements for RFPs
• Partner with vendors and integrators

Governance & Standards

• Define endpoint engineering standards
• Approve technical designs
• Enforce architecture compliance

• Provide technical oversight for major projects

   

Cross-Team Leadership

Partner with:

• Enterprise Architecture
• Cybersecurity
• Cloud Engineering
• Identity & Access Management
• Network Engineering
• Telecom / Collaboration
• Desktop Engineering
• Mobility Engineering
• Field Services
• Service Desk

Success Metrics

• Endpoint platform stability
• Security compliance score
• Patch & vulnerability compliance
• Device deployment success rate
• User experience metrics
• Incident reduction
• Modernization progress
• Cost optimization
• Architecture adoption across teams

Scope of Role

• Enterprise-wide responsibility
• Influences multiple engineering teams
• Defines standards used across organization
• Leads large transformation initiatives
• Highest technical authority for endpoint platforms
• Typical Career Level
• Senior Architect / Principal Architect
• Enterprise Architect track
• Director track feeder role

Ideal Candidates Will Have:

• 10+ years in Endpoint / EUC / Desktop / Mobility / VDI engineering
• 5+ years in architecture or senior engineering role
• Expert knowledge of:
  • Intune / MECM / Autopilot
  • Windows Enterprise
  • Entra ID / Active Directory
  • Endpoint security & compliance
  • VDI / DaaS
  • Azure / Microsoft 365
  • Conditional Access / Zero Trust
• Strong automation / scripting experience
• Experience designing enterprise-scale solutions

Preferred Qualifications

• Healthcare / Fortune-500 / regulated industry experience
• Experience with:
  • Citrix
  • VMware Horizon
  • Azure Virtual Desktop
  • Nexthink / ControlUp
  • JAMF / Apple management
  • Mobile device management
• Enterprise Architecture experience
• Experience leading large transformations

Minimum Qualifications

• Bachelor's or 4 years of work experience above the minimum qualification
• 10 Years of Experience