Senior Client Platform Engineer W2 role

First 1 week need to work from IOWA office ...after that fully remote....

W2 role

No agency or C2C will NOT be considered and Visa sponsorship is not available nor provided.

• Looking for a True consultant-
• Device management as code
• Fleet management or learn fleet management
• Participate in implementation on site in CR for first week of role
• Experience with code management and git hub, (GitOps)
• Zero touch device deployment-push that..

Consultant aspect

• will get their engineers comfortable and been there done it before.
• Provide thought leadership
• Work with engineers to implement and make sure we use best practice when pushing out device management.
• Help with integrations from fleet to ticket management.

Position Overview

We are seeking a highly skilled Client Platform Engineer to design, build, and maintain a secure, scalable, and automated end?user computing environment. This role emphasizes zero touch provisioning, enterprise fleet management, and a modern GitOps approach to managing configurations, policies, and automation workflows.

The ideal candidate is passionate about automation, streamlined device lifecycle management, and developing reliable, repeatable processes through version controlled infrastructure.

Key Responsibilities

Platform Engineering & Automation

• Architect, implement, and support zero touch device provisioning workflows (Autopilot, ABM/DEP, Android ZeroTouch, etc.).
• Build and enhance automation pipelines using GitOps principles treating device configurations, compliance policies, and scripts as version controlled artifacts.
• Develop configuration as code, policies, and automations within Gitbased workflows (branching strategies, pull requests, reviews, CI/CD).
• Implement scalable solutions using Intune, Jamf, Workspace ONE, SCCM, Kandji, or equivalent platforms.

Fleet Management

• Manage the full lifecycle of a global multiOS device fleet (Windows, macOS, iOS, Android).
• Standardize configurations, security baselines, compliance policies, and app deployments.
• Monitor fleet health, compliance posture, patch status, and drive continual process improvements.

Security & Compliance

• Enforce endpoint protection standards, encryption, identity security (Entra ID), and conditional access.
• Ensure adherence to compliance frameworks such as CMMC, NIST, ISO, or internal standards.
• Respond to device-related incidents and automate remediations using GitOps and platform-native tooling.

Collaboration & Support

• Partner closely with IT, Cybersecurity, Engineering, and business stakeholders.
• Serve as an escalation point for complex endpoint engineering issues.
• Maintain clear, version-controlled documentation of all platform processes and architecture.

Required Qualifications

• 3 7+ years in Client Platform Engineering, Endpoint Management, or similar discipline.
• Strong experience with Microsoft Intune, Jamf Pro, SCCM, Workspace ONE, Kandji, or similar.
• Expertise in zero touch provisioning (Windows Autopilot, Apple ADE, Android Zero-Touch).
• Hands-on experience applying GitOps practices:
• Managing device configurations via Git
• Using pull requests for change control
• Integrating CI/CD for automated testing, validation, or deployment of policies/scripts
• Proficiency in scripting languages (PowerShell, Bash, Python, Shell).
• Strong understanding of identity management (Azure AD / Entra ID), conditional access, and device compliance.