Endpoint Engineer

Washington, United States Posted on 07 / 05 / 2024

Are you the right candidate for this opportunity Make sure to read the full description below.

Job Location : Available to work On-Site, Washington, DC.

Short Description : OCTO is seeking an engaging leader to serve as Endpoint Engineering Manager who will assist with implementing and operating Endpoint Security infrastructure to protect the DCGOV IT infrastructure.

Job Description :

The Endpoint Engineering Manager will be intimately familiar with next generation Endpoint management / protection platforms including but not limited to Microsoft Intune, Tanium provisioning and patching management, Jamf macOS device management, and CrowdStrike security.

The engineer must have mastery level skill with Endpoint Device and patch Management. Hands-on experience with implementing and managing technologies like Device Provisioning, Windows Autopilot, Creation and Configuration of device policies, Software Packaging & distribution, Windows OS and software patching, reporting in Intune using Graph explorer and API is required.

To be successful in this position, the candidate will be responsible for managing the endpoint devices within our organization, ensuring that they are secure, up to date, and functioning at peak performance.

As an Endpoint Engineering Manager, the candidate will also be responsible for providing support to end users, troubleshooting issues, and identifying areas for improvement.

Must display excellent teamwork skills, technical, written, and oral communication skills, and the ability to learn and adapt in a fast-paced environment.

The candidate must have in-depth knowledge of the aforementioned products and can formulate Security policy and manage Security configuration.

Specific Tasks :

• Manage day-to-day administration of our MDM environment, including Configuration of Intune and Autopilot.
• Maintain the development, test, and production environments.
• Manage various device policies and desktop applications in Microsoft Intune and Jamf within the organization.
• Deploy software updates, Windows OS patches, and updates to endpoints using automated tools.
• Develop and maintain endpoint operating system infrastructure and perform day-to-day tune-up and maintenance as required by policies and procedures.
• Manage various components of Azure AD, Intune, Tanium, and Jamf.
• Troubleshoot endpoint issues and provide support to end users.
• Create and update endpoint agent policies as per requirements.
• Provide assistance and validation of implementation timelines and delivery management.
• Communicate clearly to executive management / end users and manage the reporting process.
• Coordinate and drive Endpoint solutions and direction to achieve measurable increases in OS deployment, end user knowledge, and operations.
• Application Packaging / scripting for deployment of apps on Windows and macOS.
• Provide up-to-date information on SW updates and alerts.
• Support team in the design and implementation of highly available, scalable, and secure modern mobility solutions using industry best practices on Microsoft Intune and Azure AD + other third-party technologies.
• Create and maintain technical documentation as well as assist with training and related materials as needed.

Provides guidance and development of District IT security policies and procedures, and monitors adherence to ensure information systems reliability and accessibility, and to prevent and defend against unauthorized access to systems, networks, and data.

Conducts agency IT security risk and vulnerability assessments for planned and installed information systems.

Develops information systems security contingency plans, business continuity plans, and disaster recovery procedures and monitors agencies in their implementation and observance.

Develops and implements programs to ensure that systems, networks, and data users are aware of, understand, and adhere to IT security policies and procedures.

Develops and administers District-wide information security awareness and education program.

Ensures that system hardware, operating systems, software systems, and related procedures adhere to district policies, standards, and guidelines.

Manages endpoint engineering and provisioning, operations and support, maintenance, and research and development to ensure continual innovation.

Participate in technical research and development to enable continuing innovation within the infrastructure.

Responsibilities :

• The Endpoint Engineer is responsible for effective Device provisioning, Software and policy installation / configuration, operations, and maintenance of device management infrastructure.
• Participates in technical research and development to enable continuing innovation within the infrastructure.
• Ensures that system hardware, operating systems, software systems, and related procedures adhere to District policies, standards, and guidelines.
• Endpoint engineering and provisioning, operations and support, maintenance, and research and development to ensure continual innovation.
• Device provisioning for new and existing devices using Windows Autopilot, configuration of device-based policies, applications, services, settings in accordance with standards and project / operational requirements.
• Performs daily system monitoring, verifying the systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups.
• Performs regular security monitoring to identify any possible intrusions.
• Deploy Operating system images, software packages, device configuration policies, patches, and updates to endpoints using automated tools like Intune, Tanium, and Jamf.
• Provides Tier III support per request from various agencies.
• Investigates and troubleshoots issues.
• Diagnoses and recovers from software failures.
• Coordinates and communicates with impacted agencies.
• Applies operating system (OS) patches and upgrades on a regular basis and upgrades administrative tools and utilities.
• Upgrades and configures system software that supports infrastructure applications or Asset Management applications per project or operational needs.
• Expertise in implementing, administrating, and operating information security technologies such as firewalls, IDS / IPS, SIEM, Antivirus, network traffic analyzers, and malware analysis tools.
• Utilizes advanced experience with scripting and tool automation such as Perl, PowerShell, Regex.
• Develops, leads, and executes information security incident response plans.
• Develops standard and complex IT solutions & services, driven by business requirements and industry standards.
• May also leverage dynamic and static code assessment tools to measure vulnerability of applications throughout the SDLC.

Minimum Qualifications :

• Experience in managing Azure AD, Intune, Tanium (Jamf would be a plus).
• BS in computer science / IT / SW or related field.
• Data security and networking experience required.

Background check and credit check will be required.

Requirements

Skills

Experience

Demonstrated experience in Device Management

Required

8+ Years

Total progressive IT experience

Required

6+ Years

Software Packaging & Distribution

Required

6+ Years

Device policies, settings, and registry

Required

6+ Years

Operating system (OS deployment, patches, and upgrades)

Required

6+ Years

Experience with device management platforms such as Microsoft Intune, Tanium, and / or Jamf.

Required

5+ Years

Demonstrated experience with Microsoft Intune

Required

5+ Years

Demonstrated experience with PowerShell and Shell scripting

Required

5+ Years

Demonstrated experience with Endpoint Security management solutions

Required

5+ Years

Demonstrated experience using Device Provisioning

Required

4+ Years

Required

4+ Years

Required

3+ Years

Troubleshooting complex experience in endpoint engineering with PowerShell, VBScript, and batch scripting. Strong focus on Windows and macOS devices.

Required

3+ Years

Strong understanding of network technologies, such as DNS, DHCP, TCP / IP, VPN, and other related technologies.

Required

2+ Years

Cloud based platforms such as Azure AD and Intune, integration with endpoint management solutions.

Required

2+ Years

Analytical and problem-solving skills.

Required

Excellent communication and interpersonal skills.

Required

Ability to work independently and as part of a team in a fast-paced environment.

Required

BS Degree in IT, Cybersecurity, or Engineering, or equivalent experience.

J-18808-Ljbffr