Endpoint Architect
*US Citizens or GC Holders
On-site daily- Foxboro, MA
The Endpoint Architect will own endpoint strategic planning & architecture development, systems engineering, script development, application and OS deployment, operations & maintenance of user endpoints, remediating endpoint vulnerabilities, and developing a modern application management approach. This role plays a critical role in modernizing and securing the organization’s endpoint environment which consists of approximately 2,000 endpoints. This position will also be part of the Systems Administration team that supports infrastructure servers, Active Directory, and O365, as well as the associated applications and tool sets.
DUTIES AND RESPONSIBILITIES - Deployment Modernization
- Rearchitect and modernize Application Deployment and Operating System Deployment processes.
- Modernize Enterprise policy development & deployment methodologies, leveraging industry standard endpoint management technologies and methodologies including inTune, Microsoft Configuration Manager, Windows Autopilot, and PatchMyPC.
- Develop scripts for solution deployments and vulnerability remediations.
- Ensure that only approved applications are installed on endpoints.
- Package, test, deploy, and support new applications, updates, and operating systems in compliance with company technology standards, ensuring compatibility with existing services.
- Design and implement policies in Intune and Group Policy to harden endpoints and streamline management.
- Endpoint Management & Operations
- Develop and execute security enhancements for endpoint management platforms like SCCM, Intune, and PatchMyPC, focusing on reducing technical debt.
- Provide situational awareness on the threat landscape and take a leadership role in defining and implementing the techniques, tactics, and procedures associated with those threats. Analyze platform (SCCM, Intune, and PatchMyPC) errors and warnings and design/implement remediations. Develop goals related to endpoint vulnerability management and compliance.
- Serve as a core Vulnerability Management Committee member and trusted subject matter expert, collaborating on decisions and actions related to remediating vulnerabilities.
- Independently research, test, and implement Automatic Deployment Rules (ADRs) for browsers, Adobe, and other third-party tools.
- Migration and Consolidation
- Plan and execute the integration of Intune with existing SCCM infrastructure.
- Evaluate legacy GPO and Intune policies for effectiveness and efficiency. Develop new policies and/or revisions to address policy gaps as appropriate.
- Escalation and Troubleshooting
- Identify and escalate concerns to Sr. Management regarding endpoint security deficiencies or enhancements that need to be addressed.
- Partner with teammates and IT teams to test and resolve deployment or policy-related issues with an emphasis on creating a stable, secure and optimized endpoint environment for the organization.
- Provide advanced technical support to resolve complex issues related to operating systems, endpoint applications, and images.
- Utilize scripting and deployment expertise to address widespread endpoint issues
- Other Duties Special projects and assignments as business dictates including but not limited to
- Plan, implement, and ensure regular systems maintenance tasks such as endpoint patching and server reboot schedules
- Active Directory management and administration for users, groups, and other objects in AD.
- Support of Okta, single sign on/multi-factor solution/remote access solutions.
- Ticket queue management and problem resolution.
- Required to participate in on-call (after-hours) support rotation and to participate in onsite stadium event support rotation (concerts, football games, soccer games, etc.)
- Responsible for the creation, maintenance and control of all personally identifiable information or any other information protected by Confidentiality and Privacy Standards (see Mass Regulations on Personal Identity Regulations and HIPAA).
SKILLS AND QUALIFICATIONS - Bachelor’s degree in information technology or relevant experience
- 7+ years of experience managing enterprise endpoints on a large scale (1000+ clients).
- Strong experience with inTune, Microsoft Configuration Manager, Windows Autopilot, Windows Server, Active Directory, and GPO.
- Experience migrating Operating System versions and updating Windows 10/11 desktop Images.
- Well versed in windows scripting (PowerShell, VBS, etc)
- Experience with patch management software (PatchMyPC, SolarWinds, etc)
- Experience with Exchange Online, Office365, MS Teams, Azure AD and various cloud technologies
- Experience creating deploying, and managing policies and software packages using products such as Intune and SCCM
- Experience with VMWare, O365, and Okta
- Strong oral, written, and interpersonal communication skills.
- Strong documentation skills.
S
Stone Search
STONE SEARCH is a boutique Technical and Executive Search firm specializing in the placement of seasoned professionals within the internetworking/intranetworking fields of technology. We focus on leading edge technology, from Financial Trading Systems to Multi-Site WAN Networking, from Identity and Access Management to Attack &Penetration Services.
Stone Search was founded in November, 2001 and is led by Michael Stone, formerly of The Gardner Group. After being in the technical recruitment business for eight years, Michael decided to take his extensive knowledge and contacts under his own "roof." The Stone Search team includes four recruiters experienced in the technology industry. Our collective experience ranges from former hardware engineers to sales and marketing and human resource trained professionals. We all share similar methods of recruiting and strong ethics. The team feels that there is nothing more important than representing each company like a trusted employee and each candidate like a colleague that we deal with everyday.
Specific technologies we have worked on include Router/Switch Networks, Operating Systems, Database, Data & Network Security, Identity Management, Business Continuity / Disaster Recovery, CRM, ERP, Data Warehousing, market data and Web technologies.
We do extensive Management and Executive Management search as well. In addition, we have expertise recruiting for the "Big 4" professional services firms as well as many similar organizations. We are able to locate road warriors willing to do 100% travel for these types of organizations.
1 to 9 employees
http://www.stone-search.com/