Summary/Objective: Under the supervision of the Sr. Director IT & Security, the Endpoint Engineer III is responsible for building, standardizing, and securing the organization's endpoint
environment across a multi-site healthcare system. This role combines hands-on engineering with platform ownership, with a strong focus on modern device management, Zero Trust
principles, and endpoint security.
This position plays a key role in transitioning from outsourced IT services to an internal operating model by designing and implementing scalable, cloud-native endpoint standards utilizing Microsoft technologies including Intune, Entra ID, Autopilot, and Defender. The organization is adopting a cloud-first, Zero Trust approach to endpoint management, emphasizing device compliance, identity-driven access, and modern provisioning methods.
The ideal candidate will design endpoint controls that ensure only compliant, secure devices can access organizational resources. This position will require full-time onsite presence in our Glendale, WI office.
Essential Functions
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Design, implement, and support endpoint configurations, compliance policies, and lifecycle management processes using Microsoft Intune.
Develop and enforce device compliance policies and Conditional Access integrations to support Zero Trust security principles.
Implement, maintain, and optimize endpoint protection and security controls utilizing Microsoft Defender for Endpoint.
Standardize endpoint provisioning and deployment processes using Windows Autopilot and modern device management methodologies.
Identify, evaluate, and modernize legacy endpoint management configurations, including migration from traditional Group Policy-based administration.
Develop automation and remediation solutions using PowerShell and other scripting technologies to improve consistency, reduce manual effort, and increase operational efficiency.
Design and maintain endpoint standards, governance controls, and device management practices that support organizational security and compliance requirements.
Support the transition from managed service provider (MSP) support models to internal endpoint management operations.
Provide advanced technical support and escalation assistance to Help Desk and Infrastructure teams for complex endpoint-related issues.
Collaborate with Infrastructure, Security, and Operations teams to ensure endpoint solutions align with organizational architecture, security, and compliance standards.
Maintain documentation, standards, and operational procedures related to endpoint management and security.
Stay current with emerging endpoint management, security, and Zero Trust technologies and contribute to evolving the best internal practices.
Resident Rights:
Knows Resident Rights
Help the residents/patients exercise and/or protect their rights
Reports resident/patient complaints to management
Maintains confidentiality of resident/patient information
HIPAA:
Follows and adheres to Facilitys policies and procedures implementing HIPAA requirements for the privacy and security of protected health information
Uses and/or discloses only minimum amount of Protected Health Information necessary to complete assigned tasks
Reports all suspected of violation of companys HIPAA policies or procedures to Facility leadership
Work Environment & Physical Demands
The responsibilities of this position involve typical office-related physical activities, including standing, walking, sitting, and lifting up to 10 pounds unassisted. This role may require occasional travel between organizational locations, handling of technology equipment, and participation in an on-call support rotation. While performing the duties of this job, the employee is regularly required to communicate effectively and hear.
Required Education and Experience
Bachelors degree in information technology, Computer Science, or a related field, or equivalent practical experience.
58 years of experience in endpoint engineering, endpoint management, systems administration, or related information technology disciplines.
Extensive hands-on experience with:
o Microsoft Intune (configuration, compliance, and device management)
o Windows Autopilot and zero-touch provisioning technologies
o Microsoft Defender for Endpoint, including endpoint detection and response (EDR), security baselines, and device risk management
o Microsoft Entra ID and device identity management concepts
o Conditional Access and Zero Trust security principles
Experience implementing endpoint security controls, device hardening, and compliance frameworks.
Strong PowerShell scripting and automation experience.
Experience supporting enterprise or multi-site technology environments.
Demonstrated ability to establish, standardize, and improve endpoint management processes within evolving organizations.
Knowledge of endpoint governance, device lifecycle management, and modern cloud-based endpoint administration.
Preferred Education and Experience
Experience with Power BI or operational reporting tools.
Exposure to Azure services (Logic Apps, Functions).
Familiarity with healthcare or other regulated environments.
Demonstrated interest in automation, AI-assisted capabilities, and process improvement.
Other Duties
Microsoft certifications related to Intune, Endpoint Management, Security, or Microsoft 365 technologies.
Security certifications such as Security+ or equivalent.
Experience transitioning organizations from Group Policy-based management to modern endpoint management platforms.
Familiarity with Conditional Access and Zero Trust implementation models.
Experience in healthcare or other regulated environments.
Experience working within managed service provider (MSP) environments or supporting transitions from outsourced to internal IT operations.
