Endpoint Engineering Lead

The Endpoint Engineering Lead provides senior technical leadership for the design, deployment, and lifecycle management of enterprise endpoints, with a primary focus on reducing laptop rollout issues, improving deployment predictability, and strengthening endpoint stability. This is a hybrid position requiring on-site presence at least twice a week. The role leads engineering across Intune, SCCM/MECM, Autopilot, Dell hardware platforms, and MDM/MAM technologies, ensuring secure, compliant, and reliable operations in a Federal environment. This position requires advanced troubleshooting expertise, strong project leadership, and the ability to coordinate complex, multi‑layer releases.

• Lead engineering, architecture, and optimization of Intune, SCCM/MECM, Autopilot, and MDM/MAM platforms.
• Oversee provisioning, imaging, application packaging, deployment workflows, patching, updates, and Dell hardware/firmware optimization.
• Reduce “out‑the‑door” issues through improved configuration, validation, and streamlined deployment pipelines.
• Coordinate and sequence OS updates, monthly patches, Office updates, drivers, and configuration releases to avoid collisions and improve troubleshooting clarity.
• Develop and enforce device compliance policies, security baselines, and configuration standards.
• Implement structured QA, pilot testing, and post‑deployment validation processes.
• Provide advanced troubleshooting across hardware, OS, identity, network, and application layers.
• Collaborate with cybersecurity teams to ensure alignment with Federal standards (NIST, CIS, STIGs, FedRAMP) and Zero Trust principles.
• Maintain operational documentation, SOPs, architecture diagrams, and deployment runbooks.
• Provide technical leadership and mentorship across endpoint engineering functions; support cross‑team alignment and operational excellence.
• Evaluate and recommend new endpoint technologies, automation opportunities, and modernization improvements.

 

Minimum Qualifications

• Bachelor's Degree in Information Technology, Computer Science, other relevant field, or equivalent relevant experience; Master's Degree preferred.
• Security+ certification required (or ability to obtain within 90 days).
• 8-15 years of experience in Systems Engineering/Analysis.
• Onsite expectation 2 days per week

 

Other Job Specific Skills

• Extensive hands‑on experience with Intune, SCCM/MECM, Autopilot, and enterprise MDM/MAM.
• Strong background in Windows endpoint engineering, including Dell laptops/tablets and driver/firmware ecosystems.
• Proven ability to design deployment pipelines and coordinate multi‑layer releases.
• Advanced troubleshooting and scripting/automation (PowerShell preferred).
• Experience supporting endpoints in Federal or highly regulated environments strongly preferred.
• Strong communication and project leadership skills.

 

Preferred Qualifications

• Microsoft certifications (MD‑102, SC‑300, AZ‑140, or equivalent).
• Experience with Entra ID, Defender for Endpoint, Zero Trust, and conditional access.
• Familiarity with enterprise mobility, BYOD policy design, and identity‑centric security models.
• Knowledge of virtualization (AVD, VMware Horizon), packaging tools, and enterprise software distribution.