Endpoint Management Engineer

At Epiq, your work contributes to complex, global legal outcomes. You’ll join a values‑driven community where integrity guides decisions, relentless service sets the bar, and we thrive on big challenges together. We invest in your growth with enterprise‑wide learning and mobility. We celebrate who you are, and we respect life beyond work with flexibility that’s recognized externally. Enabled by modern platforms and AI, you’ll do the most meaningful work of your career and see your impact at scale.

Job Description:

Job Description

We are seeking a skilled Endpoint Management Engineer to design, implement, and support enterprise endpoint management solutions using Microsoft Intune within the broader Microsoft Endpoint Manager ecosystem along with other endpoint management solutions.

This role is suited for an experienced engineer with strong hands-on expertise in modern, cloud-based device and endpoint management who can independently lead implementations, enhance security posture, and support enterprise-scale environments.

The ideal candidate has deep knowledge of device compliance, conditional access, automation, and modern workplace technologies, and can effectively collaborate with device build teams, security teams, and other stakeholders to deliver secure, scalable, and well-managed solutions.

Key Responsibilities

Endpoint Management & Configuration

• Design, deploy, and maintain device management solutions using Microsoft Intune, Tanium and other endpoint management solutions
• Configure and manage, but not limited to:
  • Windows, macOS, iOS/iPadOS, and Android devices
  • Configuration profiles and compliance policies
  • App protection policies and MDM/MAM solutions
• Support co-management scenarios with on-premises infrastructure where applicable

Security & Compliance

• Implement device compliance policies aligned with security standards
• Configure Conditional Access in partnership with identity teams
• Manage and maintain the patch management lifecycle across enterprise endpoints, with regular monthly reporting on patch posture, compliance, and risk
• Integrate Intune with, but not limited to:
  • Microsoft Entra ID
  • Microsoft Defender for Endpoint
  • Tanium
  • Axonius
• Assist in security posture improvements and remediation efforts

Automation & Optimization

• Develop and maintain PowerShell scripts for automation and device remediation
• Improve deployment efficiency and reduce manual processes
• Support packaging and deployment of applications
• Optimize policy configurations for performance and user experience

Operations & Support

• Serve as an escalation point for complex endpoint management issues, providing advanced troubleshooting and root cause analysis.
• Troubleshoot and resolve device enrollment, compliance, configuration, Conditional Access, security policy, performance, and application deployment issues across Windows, macOS, iOS, and Android platforms.
• Collaborate with cross-functional teams to resolve high-impact incidents and broader endpoint, mobility, and security-related issues.
• Document endpoint configurations, architecture designs, technical standards, runbooks, and operational procedures.
• Participate in change management processes, including risk and impact assessments, release planning, deployment scheduling, testing, validation, and post-implementation reviews.

Collaboration & Continuous Improvement

• Work closely with infrastructure, security, and cloud teams
• Contribute to roadmap planning and platform improvements
• Stay current with Microsoft roadmap updates and emerging best practices
• Support pilot programs and phased rollouts of new features

Required Qualifications

• 3–6 years of experience in endpoint management or modern device management
• 2+ years of hands-on experience with Microsoft Intune
• Strong understanding of:
  • MDM/MAM concepts
  • Conditional Access
  • Device compliance frameworks
  • Endpoint security controls
• Experience integrating Intune with Entra ID and Defender
• Proficiency in PowerShell scripting
• Strong troubleshooting and analytical skills

Preferred Qualifications

• Experience with co-management (ConfigMgr + Intune)
• Experience with Tamium
• Experience with Jamf
• Familiarity with Zero Trust architecture principles
• Experience with enterprise-scale (1,000+ device) environments
• Knowledge of mobile application management strategies
• Microsoft certifications such as:
  • Endpoint Administrator Associate
  • Security Administrator Associate

Key Competencies

• Strong problem-solving and root cause analysis skills
• Ability to work independently while collaborating cross-functionally
• Clear technical documentation and communication skills
• Continuous learning mindset
• Process-oriented with strong attention to security and compliance

What Success Looks Like in This Role

• Stable and secure endpoint management environment
• High device compliance rates
• Reduced manual effort through automation
• Improved end-user experience during provisioning and updates
• Proactive identification and remediation of security gaps

It is Epiq’s policy to comply with all applicable equal employment opportunity laws by making all employment decisions without unlawful regard or consideration of any individual’s race, religion, ethnicity, color, sex, sexual orientation, gender identity or expressions, transgender status, sexual and other reproductive health decisions, marital status, age, national origin, genetic information, ancestry, citizenship, physical or mental disability, veteran or family status or any other basis protected by applicable national, federal, state, provincial or local law. Epiq’s policy prohibits unlawful discrimination based on any of these impermissible bases, as well as any bases or grounds protected by applicable law in each jurisdiction. In addition Epiq will take affirmative action for minorities, women, covered veterans and individuals with disabilities. If you need assistance or an accommodation during the application process because of a disability, it is available upon request. Epiq is pleased to provide such assistance and no applicant will be penalized as a result of such a request.  Pursuant to relevant law, where applicable, Epiq will consider for employment qualified applicants with arrest and conviction records.