Senior Endpoint Platform Engineer

Group 1001 is a consumer-centric, technology-driven family of insurance companies on a mission to deliver outstanding value and operational performance by combining financial strength and stability with deep insurance expertise and a can-do culture. Group1001’s culture emphasizes the importance of collaboration, communication, core business focus, risk management, and striving for outcomes. This goal extends to how we hire and onboard our most valuable assets – our employees.

Group 1001, and its affiliated companies, is strongly committed to providing a supportive work environment where employee differences are valued. Diversity is an essential ingredient in making Group 1001 a welcoming place to work and is fundamental in building a high-performance team. Diversity embodies all the differences that make us unique individuals.  All employees share the responsibility for maintaining a workplace culture of dignity, respect, understanding and appreciation of individual and group differences.

Summary:

This role suits someone with advanced experience in endpoint management, automation, and security compliance, ensuring that devices and users can operate efficiently and securely within the enterprise.

As a Senior Endpoint Engineer, he/she will play a critical role in managing and securing the organization’s endpoint devices, including desktops, laptops, mobile devices, and virtual desktops (DaaS). They will lead efforts to develop, implement, and maintain endpoint management solutions to ensure device performance, compliance, and security across the enterprise.

Working closely with IT security, support teams, and other technology groups, he/she will help to streamline operations and optimize endpoint systems for a smooth end-user experience.

Principal Responsibilities

• Develop and maintain a strategic vision for end-user computing within the organization. This includes understanding business needs, user requirements, and industry trends.
• Create comprehensive solution designs that address user experience, security, scalability, and performance in collaboration with other architects and stakeholders to ensure alignment with overall IT architecture.
• Implement and support endpoint management solutions, such as configuration profiles, group policies, device compliance, and mobile device management (MDM).
• Define standards for managing end-user physical and virtual devices
• Continuously monitor and optimize device performance, ensuring seamless user experience
• Collaborate with security teams to ensure endpoint devices meet security requirements, including zero-trust architecture.
• Participate in the evaluation and definition of the User Experience, specifying standards for how applications and desktops should perform.
• Anticipating user interaction with upgrades and patch management, optimizing user interfaces, and ensuring intuitive, elegant system design and optimal supportability.
• Demonstrate expert-level proficiency with key technologies to be supported, including willingness and ability to develop expertise in new technologies as needed.
• Stay up to date with industry trends and new technologies, making recommendations for continuous improvement of endpoint services.
• Evaluate the impact of relevant emerging technology and business trends.
• Document procedures, policies, and configurations to ensure repeatable and secure management of endpoints.
• Provide technical and operational governance across the firm's end-user computing environment.
• Perform advanced troubleshooting, root cause analysis, and resolution for endpoint-related issues and escalations.
• Drive the endpoint computing space to simplify endpoint management, strengthen security posture and reduce overall costs.
• Lead automation initiatives to streamline endpoint management, using scripting languages such as PowerShell or Bash.

Qualifications:

• Bachelor’s degree required or equivalent professional experience.
• 10+ years of direct, technical experience required.
• Expert experience with Windows or Mac (or combination of both)
• 3+ years of engineering experience with Windows 10, Azure, Intune, and M365
• Extensive knowledge of scripting for automation within Intune (e.g., PowerShell, Python, Bash, Terraform).
• Strong working knowledge of automation and scripting in the endpoint computing space
• In-depth understanding of endpoint security, including encryption, antivirus, and patch management.
• Experience and understanding of hybrid Azure AD Join and co-managed endpoint environments.
• Excellent communication skills and ability to effectively communicate technical concepts to non-technical people.
• Strong problem-solving skills and the ability to troubleshoot complex endpoint issues.
• Customer service attitude and ability to work well with other groups.
• Excellent analytical and problem-solving skills with a history of hands-on, detail orientation
• Experience working in highly regulated environments, ensuring compliance with industry standards (e.g., CIS benchmarks LI & L2, NIST, ISO 27001).
• Certifications such as Microsoft Certified: Modern Desktop Administrator, Microsoft Certified: Security, Compliance, and Identity Fundamentals, or similar.
• Experience with cloud-based endpoint management and integration (e.g., Azure Virtual Desktop, Windows 365).
• Familiarity with Zero Trust security frameworks and secure access service edge (SASE).
• Experience working with ITIL or other IT service management frameworks.

Compensation:  

Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay for this position ranges from $101,600/year in our lowest geographic market up to $225,000/year in our highest geographic market.  Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. 

Benefits Highlights:  

Employees who meet benefit eligibility guidelines and work 30 hours or more weekly, have the ability to enroll in Group 1001’s benefits package. Employees (and their families) are eligible to participate in the Company’s comprehensive health, dental, and vision insurance plan options.  Employees are also eligible for Basic and Supplemental Life Insurance, Short and Long-Term Disability, and to enroll in the Company’s Employee Assistance Program and other wellness initiatives.  Employees may also participate in the Company’s 401K plan, with matching contributions by the Company.