Senior Endpoint Engineer

Summary:

We are seeking a highly skilled and experiencedSenior Endpoint Engineer to join our team. This role is primarily focused onActive Directory, Group Policy Management, and Intune policies as they relate to endpoints and users. The ideal candidate will have a proven track record of designing, implementing, and optimizing endpoint engineering solutions in large-scale environments while ensuring seamless integration with organizational goals and user productivity. This position requires a proactive, self-motivated individual who thrives in a fast-paced, global environment, managing multiple responsibilities, projects, and demands across various time zones with minimal oversight.

Key Responsibilities:

• Active Directory, Group Policy Management, and Intune Policy Engineering.

• Design, implement, and manageActive DirectoryandGroup Policiesto support endpoint and user requirements across a global organization.

• Develop, implement, and optimize Intune policiestailored to endpoint and user management, ensuring alignment with organizational objectives and compliance standards.

• Lead the transition of on-premises policies to cloud-based solutions, includingMicrosoft Intune, preparing for future migration toMicrosoft Entra.

• Harmonize business requirements from application owners with endpoint policies to balance usability and security while maintaining operational excellence.

• Ensure endpoint policies are scalable and adaptable to meet the needs of a large, global organization with tens of thousands of users and endpoints.

Endpoint Engineering and Platform Management:

• Manage and optimize management platforms, including but not limited to: Microsoft Endpoint Configuration Manager (MECM), Microsoft Intune, Jamf(macOS management), NinjaOne(remote monitoring and management)

• LeverageMicrosoft cloud-native technologies, includingMicrosoft Graph API, to streamline and automate endpoint management tasks.

• Troubleshoot and resolve complex endpoint engineering issues across multiple platforms and operating systems, including Windows, macOS, and mobile devices.

• Stay current with emerging technologies and trends in endpoint engineering to continuously improve the organization's endpoint strategy.

Collaboration and Cross-Functional Support:

• Collaborate with infrastructure teams, application owners, and business stakeholders to implement endpoint solutions that meet organizational needs.

• Represent the user experience in cross-domain discussions, advocating for end-user productivity and minimizing disruption during policy changes.

• Work closely with security teams to address ad-hoc requests, ensuring endpoint solutions align with security goals while prioritizing usability.

• Act as a liaison between infrastructure and security teams, ensuring clear communication and alignment on endpoint-related initiatives.

Security and Hardening Support:

• Field security-related requests and collaborate with security teams to ensure endpoint policies adhere to CIS (Center for Internet Security) Levels 1 & 2 benchmarks.

• Provide guidance on endpoint hardening practices, ensuring systems are secure, resilient, and compliant while prioritizing the user experience.

• Participate in security meetings as needed, offering technical expertise and insights into endpoint engineering strategies.

Leadership and Communication:

• Act as a subject matter expert (SME) inActive Directory,Group Policy, andIntune policies, providing mentorship and guidance to junior engineers.

• Translate technical concepts into actionable insights for non-technical stakeholders, ensuring alignment across various levels of the organization.

• Drive strategic initiatives related to endpoint management, ensuring alignment with organizational goals and priorities.

Required Qualifications:

• 10 or more years of experience in endpoint engineering, with a primary focus onActive Directory,Group Policy Management, andIntune policiesas they relate to endpoints and users.

• Proven expertise in managing endpoint platforms such as MECM, Intune, Jamf, NinjaOne, and other similar tools.

• Demonstrated ability to transition on-premises policies to cloud-based solutions, particularly Intune, and prepare for Microsoft Entra migrations.

• Experience withMicrosoft cloud-native technologies, includingMicrosoft Graph API,Azure Active Directory, and related tools for endpoint management and automation.

• Exceptional troubleshooting skills across endpoint engineering platforms, operating systems, and user domains.

• Experience navigating large global organizations with tens of thousands of users and endpoints, including integrated and non-integrated entities.

• Self-starter with a proactive mindset, capable of managing multiple responsibilities, projects, and demands in a highly dynamic global environment across multiple time zones.

• Ability to work independently with minimal oversight, driving initiatives forward while maintaining accountability and focus.

• Strong collaboration skills to engage effectively across domains and organizational levels, ensuring alignment between infrastructure, security, and business teams.

Preferred Qualifications:

• Experience working in enterprise-scale environments with complex endpoint requirements.

• Certifications such as Microsoft Certified: Endpoint Administrator Associate, Azure Solutions Architect, or similar.

• Strong familiarity with Microsoft Entra and its integration into endpoint and identity management strategies.

Key Competencies:

• Technical Expertise: Deep understanding ofActive Directory,Group Policy,Intune policies, and endpoint engineering platforms.

• Self-Motivation and Independence: Ability to work autonomously, managing competing priorities and navigating complex global environments with confidence and efficiency.

• User-Centric Approach: Ability to prioritize user experience and productivity in policy design and implementation.

• Problem-Solving: Proficiency in identifying and resolving complex endpoint engineering issues.

• Collaboration: Strong ability to work across teams and domains, fostering partnerships between infrastructure, security, and business units.

• Communication: Ability to clearly articulate technical concepts and advocate for user experience in cross-functional discussions.

We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencora

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned