IT Engineer, Endpoints

Responsibilities

• Own the full device lifecycle of every endpoint at Headway — from procurement and provisioning through retirement — across macOS, Windows, and ChromeOS.
• Build the foundation for device trust and BYOD programs in a HIPAA-regulated environment, partnering closely with Security to ensure the right person on the right device is accessing the right thing.
• Connect endpoint management with identity by automating the onboarding/offboarding flow end-to-end so that device, access, and entitlements move together as one motion.
• Replace toil with automation — using AI, scripting, and iPaaS tools to eliminate the manual work that keeps endpoint teams reactive instead of proactive.
• Develop a clear point of view on choice programs, standard equipment, refresh cadence, and the financial discipline that comes with managing devices at scale.
• Be the SME other teams come to for anything endpoint or device-related, while staying connected to users through a light, predictable on-call rotation.

Requirements

• At least 3 years as a Client Platform / Endpoint / IT Systems Engineer, with deep hands-on experience managing macOS, Windows, and ChromeOS fleets at scale (ChromeOS is a plus).
• Fluent in JAMF Pro, Microsoft Intune, and Google Chrome Enterprise Management.
• Solid knowledge of IAM; built and maintained workflows, configured groups and policies, and understand how identity, access, and devices intersect.
• Scripted and automated repetitive work – comfortable with Bash, Python, or an iPaaS tool like Tray.io, Tines.
• Lean AI-forward, actively experimenting with how AI can level up endpoint operations, from triage to remediation to documentation.
• Stakeholder-savvy and partnered cross-functionally to ship high-impact endpoint changes such as OS patches or large-scale endpoint software deployments.
• Built or operated BYOD programs, and endpoint security and compliance controls in a regulated environment — HIPAA, SOC 2, HITRUST, or similar — and can speak to device trust, attestation, and posture management.
• Excellent project manager, organized, methodical, comfortable owning a roadmap and reporting on impact with data.
• Team player with no ego who welcomes feedback and is adept at managing up and across.

Tools

• Identity and Access Management: Okta, Lumos
• Email and Messaging: Gmail and Slack
• Document Creation and Collaboration: Google Workspace, Confluence
• Credential Management: 1Password
• Ticketing: Jira Service Desk, ZenDesk, Jira Projects
• Project Planning: Jira
• Endpoint Management: JAMF, Intune, ChromeOS