Senior Endpoint Engineer

Arraya Solutions, a leading technology consulting firm, is looking for an IT Senior Endpoint Engineer to join our customer''s team!

We are a culture that embraces change, values family and are actively involved with the community. Our team consists of people with positive attitudes who are interested in growing their knowledge around technology and leaders that are heavily involved in day-to-day activities.

As an IT Senior Endpoint Engineer , you will help lead the implementation, support, and continual improvement of the organization''s endpoint infrastructure, including desktops, laptops, mobile devices and peripheral equipment. You will play a key role in delivering high-quality endpoint solutions—ensuring security, performance, and user satisfaction. This role serves as a bridge between technical teams and end users, with a focus on lifecycle planning, issue resolution, capacity management, and consultation.

You will work at the intersection of device lifecycle management, security compliance, and user support—ensuring endpoints remain productive, secure, and aligned with firm standards and regulatory obligations.

This is a hands‑on, technically demanding position for an engineer who thrives on automation, takes ownership of their environment, and can operate effectively in a fast‑paced, service-oriented organization.

Endpoint & MDM Management

• Administer and maintain Microsoft Intune across Windows, iOS, iPadOS, and Android platforms in a multi‑site environment.
• Manage device enrollment, configuration profiles, compliance policies, and application deployment across all managed endpoints.
• Support Zero Touch Provisioning workflows (Windows Autopilot) to streamline onboarding for staff.
• Oversee OS upgrades and feature update rollouts while minimizing disruption to teams and time‑sensitive workflows.

Patch & Update Management

• Monitor and verify patch deployment status across all platforms; troubleshoot failed installations and ensure timely remediation of critical vulnerabilities.
• Maintain automated patching workflows with manual oversight for high‑priority security fixes impacting firm risk posture.

Device Health Monitoring

• Perform daily review of endpoint dashboards and monitoring tools; investigate and remediate devices that are offline, non‑compliant, or degraded.
• Proactively identify performance, hardware, or security issues before they impactcclient deliverables.

Asset Inventory & Lifecycle Management

• Maintain accurate endpoint asset inventory across MDM platforms.
• Manage full device lifecycle—from procurement and provisioning through refresh, decommissioning, and secure disposal—aligned with firm policies.

Security & Compliance

• Enforce endpoint security configurations including disk encryption, firewall policies, application controls, and EDR/XDR tooling.
• Conduct daily review of security dashboards and alerts; respond to endpoint‑related security events.
• Ensure endpoints align with firm security baselines, client confidentiality obligations, and regulatory requirements common in environments.

Package Management

• Manage software packaging, deployment, and updates for Windows using Intune and approved third‑party tools.

Scripting & Automation

• Develop and maintain automation using PowerShell (and shell scripting where applicable) for reporting, remediation, and configuration enforcement.
• Continuously refine automation to reduce manual effort and improve consistency across the firm.

User Support & Incident Response

• Act as a senior escalation point for endpoint‑related issues impacting attorneys and business professionals.
• Partner with the Help Desk, Security, and Infrastructure teams during incident response and major troubleshooting efforts.

Documentation & Reporting

• Maintain clear documentation for endpoint standards, procedures, and known issues.
• Provide operational, compliance, and risk‑focused reporting to IT leadership.

Required Qualifications

• 3+ years of experience in endpoint engineering, systems administration, or a related IT operations role.
• Hands‑on experience with Microsoft Intune or comparable enterprise MDM platforms.
• Strong knowledge of Windows operating systems; Linux experience a plus.
• Proficiency in PowerShell scripting.
• Experience with Zero Touch Provisioning (Windows Autopilot and/or Apple Business Manager / DEP).
• Solid understanding of endpoint security concepts including encryption, EDR/antivirus, application control, and firewall policies.
• Experience supporting users in a professional services or enterprise environment with high availability expectations.

Preferred Qualifications

• Bachelor’s degree in Information Technology, Computer Science, or a related field is strongly preferred.
• Experience managing iOS, iPadOS, and Android devices at scale.
• Exposure to Microsoft Entra ID (Azure AD) and hybrid‑joined environments.
• Familiarity with endpoint security tools such as CrowdStrike Falcon or similar EDR/XDR platforms.
• Experience with Windows software packaging (Win32, MSIX) and deployment best practices.
• Prior experience supporting regulated professional services environment.