Job Summary
The Workplace Endpoint Engineer (L3) is responsible for the design, engineering, deployment, security, and lifecycle management of the enterprise endpoint environment. This role provides technical leadership for Windows endpoints, Microsoft Intune, Microsoft Configuration Manager (SCCM), Endpoint Security, Application Packaging, Device Compliance, and Modern Workplace technologies.
The engineer will drive workplace transformation initiatives, automation, endpoint security hardening, and user experience improvements while ensuring a reliable, scalable, and secure digital workplace environment globally.
Key Responsibilities
Endpoint Engineering & Management
- Design, implement, and maintain enterprise endpoint solutions.
- Manage Windows 10/11 lifecycle, deployment, upgrades, and feature updates.
- Engineer and maintain endpoint configurations using:
- Microsoft Intune
- SCCM
- Autopilot
- Co-Management
- Group Policy
- Microsoft Endpoint Manager
- Develop standards for endpoint configuration and governance.
- Ensure endpoint platforms meet performance, stability, and compliance requirements.
Modern Workplace Technologies
- Lead implementation of modern device management solutions.
- Manage Windows Autopilot provisioning and deployment.
- Support Azure AD / Entra ID device integration.
- Drive cloud-first endpoint management initiatives.
- Develop reusable automation and provisioning workflows.
Application Packaging & Deployment
- Package and deploy enterprise applications.
- Create and maintain application deployment packages and task sequences.
- Conduct application compatibility testing and UAT coordination.
- Manage application lifecycle and release governance.
- Troubleshoot application deployment issues and perform root cause analysis.
Endpoint Security Engineering
- Implement and maintain endpoint security controls.
- Manage Microsoft Defender for Endpoint policies and compliance.
- Support security baselines and hardening guidelines.
- Drive Secure Score improvement initiatives.
- Collaborate with Cyber Security teams on vulnerability remediation.
- Support ThreatLocker, BitLocker, Credential Guard, Application Control, Device Control, and endpoint protection solutions.
Patch & Vulnerability Management
- Manage Windows and third-party patching strategies.
- Coordinate global patch deployment schedules.
- Monitor compliance and remediation activities.
- Lead operating system feature update programs.
- Develop dashboards and reporting for compliance metrics.
Image & Device Lifecycle Management
- Build and maintain enterprise operating system images.
- Develop deployment task sequences.
- Maintain driver and hardware compatibility standards.
- Support endpoint onboarding, refresh, migration, and retirement activities.
Automation & Continuous Improvement
- Develop scripts and automation solutions using:
- PowerShell
- Graph API
- Azure Automation
- Endpoint Automation Platforms
- Eliminate manual processes through automation.
- Standardize operational procedures and engineering documentation.
Technical Leadership
- Provide L3 engineering support for major incidents.
- Act as technical SME for endpoint technologies.
- Mentor L1/L2 support engineers.
- Participate in architecture reviews and strategic roadmap planning.
- Engage vendors and managed service providers on escalations and solution improvements.
Required Technical Skills
Endpoint Management
- Microsoft Intune
- Microsoft Endpoint Manager
- SCCM
- Windows Autopilot
- Co-Management
Microsoft Cloud Technologies
- Microsoft 365
- Azure AD / Entra ID
- Microsoft Defender for Endpoint
- Conditional Access
Operating Systems
- Windows 10 / Windows 11
- Mobile Device Management (iOS & Android)
Security Solutions
- BitLocker
- Microsoft Defender
- ThreatLocker
- Endpoint Security Controls
- Device Compliance Policies
Scripting & Automation
- PowerShell
- Microsoft Graph API
- JSON
- Automation Frameworks
Application Management
- MSI Packaging
- Win32 Packaging
- Application Deployment
- Software Distribution
Experience & Qualifications
Education
- Bachelor's Degree in Computer Science, Information Technology, Computer Engineering, or related discipline.
Experience
- 7–10 years of IT experience.
- Minimum 5 years in Endpoint Engineering or EUC Engineering.
- Experience managing global endpoint environments exceeding 5,000+ devices.
- Strong experience with cloud-managed workplace environments.
Certifications (Preferred)
- Microsoft Certified: Endpoint Administrator Associate
- Microsoft 365 Certified: Modern Desktop Administrator
- Microsoft Certified: Security Administrator Associate
- ITIL Foundation Certification
- Azure Administrator Associate
Key Competencies
- Endpoint Architecture & Engineering
- Technical Leadership
- Problem Solving & Root Cause Analysis
- Stakeholder Management
- Project Delivery
- Security Mindset
- Vendor Management
- Communication & Documentation
- Continuous Improvement
Success Measures (KPIs)
- Endpoint Compliance > 95%
- Patch Compliance > 95%
- Endpoint Security Score Improvement
- OS Upgrade Success Rate > 98%
- Major Incident Reduction
- Automation Adoption Growth
- End User Experience Improvement
- SLA Achievement for Endpoint Services
Pay: ₹900,000.00 - ₹1,500,000.00 per year
Benefits:
- Health insurance
- Paid sick time
- Work from home
Application Question(s):
- How many years of experience do you have managing Microsoft Intune in an enterprise environment?
- How many endpoints/devices have you managed in your current or recent environment?
- Do you have hands-on experience with both Microsoft Intune and SCCM/MECM?
- Have you implemented and managed Windows Autopilot deployments?
- How many years of experience do you have with Endpoint Security technologies such as Microsoft Defender for Endpoint, BitLocker, or ThreatLocker?
- Do you have experience managing Windows 10/11 feature updates and enterprise patching programs?
- How would you rate your PowerShell scripting skills?
- Are you comfortable with PowerShell scripting and automation?
Work Location: Remote
