Client Platform Engineer

Our client, the leader in the SaaS Identity space has an outstanding Client Platform Engineer opportunity to join their dynamic team. This is a fully remote contract role.

You will be an integral part of the core team responsible for maintaining redundant, scalable, and secure client infrastructure. This position entails taking ownership of the Enterprise client services used at the client and contributing to the development of backend systems that will support the company's growth. You should possess the ability to drive projects from inception to completion, including identifying areas for improvement, researching optimal solutions, effectively communicating your chosen approach to others, and implementing the solution. You are a proactive individual who combines analytical thinking with hands-on execution. You have ambitious goals and possess the drive to turn them into reality. Automation should be your passion, as we seek individuals who strive to work smarter, not harder.

The ideal candidate will have hands-on experience in EntraID, Intune or other Windows MDM, and heavy PowerShell scripting. You should feel confident in deploying policies, working with GPOs and Registry keys, configurations, applications, working with Microsoft Graph, and updates across the entire Windows fleet.

Contract Duration: 6-Months

Required Skills & Experience

• Senior-level Windows MDM expertise (e.g., SCCM, Intune, AirWatch, Workspace One).
• VDI experience with industry-standard solutions (AWS Workspaces, Azure Virtual Desktop, Windows 365).
• Expert level proficiency in PowerShell scripting and automation, including experience with automation tools like Packer, Jenkins, Chef, Chocolatey, Winget, PSADT, client Workflows, SSM.
• GitOps knowledge, Merge requests, commits, peer reviews should all be familiar territory
• Knowledge of AWS, including Workspaces, Systems Manager, and Directory Services.
• Understanding of endpoint hardening best practices, CIS Benchmarks, and experience with SAML authentication and federation workflows.
• Strong communication skills with the ability to produce technical documentation, generate reports, and define metrics.
• Proven experience in administering and supporting internal and external applications and systems, including SSO solutions, Active Directory, Slack, antivirus, WUfB, etc.

Desired Skills & Experience

• Proficient in bash, Python, Go, or other scripting languages
• Experience integrating Windows or Windows management systems with the client platform
• Experience managing other endpoints; macOS, iOS, Android, Linux
• Relevant IT industry certifications (ITIL, GPCE, MCSA, MCITP, or MCTS) are a plus
• Experience with Federal requirements and FedRAMP compliance
• A can-do attitude, bringing solutions to the table.

What You Will Be Doing
Daily Responsibilities

• Manage the client's global fleet of Windows PCs using Microsoft Intune, MS Graph, and AWS Workspaces for VDI.
• Ensure Windows endpoints comply with regulatory requirements (e.g., FedRAMP, NIST, STIG) and maintain client configuration and security compliance standards.
• Deploy and update applications, configurations, settings, and scripts to all Windows endpoints, addressing vulnerabilities as they arise.
• Collaborate with BT teams to automate provisioning, deprovisioning, integrations, and support processes for Windows endpoints.
• Design, build, document, and support ongoing automation in endpoint deployment and management, iterating on deployment solutions across Windows.
• Serve as an escalation point for the global IT support team and work closely with the security team to enforce endpoint security models and best practices, including logical integrations into cloud-based directories, IdPs, and identity masters.