Endpoint Engineer

Endpoint Engineer

Its an 3days a week onsite for these location

California: Palo Alto
Texas: Austin
Virginia: Reston
New York: New York City
North Carolina: Morrisville
Washington: Seattle
Kansas: Lawrence

Role Summary

The Endpoint Engineer is responsible for the design implementation and ongoing

management of the organizations device ecosystem. This role focuses on automating the

lifecycle of hardware and virtual desktops to ensure a seamless secure and zero-touch

experience for our global workforce. You will serve as the subject matter expert for Apple and

Windows management and our cloud desktop infrastructure.

Technical Environment

Apple (macOS & iOS): Jamf Pro

Windows & Android: Microsoft Intune / Endpoint Manager

Virtual Desktop: Amazon WorkSpaces (AWS)

Scripting: PowerShell Bash Python

Key Responsibilities

1. Unified Endpoint Management (UEM)

Daily Operations: Perform daily upkeep system maintenance and regular patch

management for all managed endpoints to ensure security and stability.

Service Desk Escalation: Serve as the final point of contact and subject matter expert

for service desk escalations related to complex endpoint issues.

Apple Fleet: Architect and maintain the Jamf Pro environment for all macOS and iOS

devices. Manage configuration profiles policies and patch management.

Windows & Android: Lead the administration of Microsoft Intune ensuring robust

policy application security baselines and application delivery.

Provisioning: Manage Apple Business Manager (ABM) and Windows Autopilot to

deliver a true zero-touch deployment experience.

2. Virtual Desktop Infrastructure (VDI)

Administer and optimize Amazon WorkSpaces.

Manage WorkSpaces directories custom bundles and image creation/maintenance.

Troubleshoot connectivity and performance issues within the AWS ecosystem.

3. Automation & Engineering

Develop and maintain sophisticated scripts in PowerShell and Bash to automate

manual tasks and integrate system APIs.

Build and maintain a library of packaged software (dmg pkg msi) for silent deployment.

Implement automated reporting for hardware inventory license compliance and security

auditing.

4. Security & Compliance

Enforce endpoint security standards including FileVault/BitLocker encryption and EDR

agent health.

Partner with Security teams to remediate vulnerabilities across the endpoint fleet.

Required Qualifications

Experience: Minimum 3 5 years in an Endpoint Engineering or MDM-focused role.

Jamf Mastery: Proven experience managing both macOS and iOS at scale via Jamf

Pro.

Intune Proficiency: Experience managing Windows environments through Microsoft

Endpoint Manager.

VDI Expertise: Hands-on experience with Amazon WorkSpaces administration.

BYOD Deployment: Experience deploying and managing a Bring Your Own Device

(BYOD) program for personal mobile phones (iOS/Android).

Advanced Scripting: Ability to write and debug Bash and PowerShell scripts from

scratch.

Identity: Understanding of Okta or Azure AD (Entra ID) as it relates to device enrollment

and SSO.

Education & Certifications

Bachelors degree in Computer Science IT or equivalent professional experience.

Relevant certifications (e.g. Jamf 200/300 Microsoft MD-102 or AWS Certified Cloud

Practitioner) are a plus.

Bonus: AI Tool Deployment Experience

As Rubrik continues to expand its AI-powered workforce tooling experience deploying and

managing enterprise AI tools is a strong differentiator for this role. Candidates with hands-on

experience rolling out any of the following will stand out:

Enterprise AI Search & Knowledge Tools

Experience deploying Glean or similar AI-powered enterprise search platforms including

connector configuration SSO integration (Okta/Azure AD) and end-user onboarding at

scale.

Agentic AI Coding Tools

Familiarity with deploying Claude Code or GitHub Copilot to engineering teams - including

managing licensing IDE plugin distribution via MDM (Jamf/Intune) and API key or

credential management through secure vaulting solutions.

AI Productivity & Workflow Automation Tools

Experience rolling out AI desktop or productivity agents such as Claude Cowork including

packaging and silent deployment managing update cadences and coordinating with IT

Security to ensure compliance with data handling policies.

General AI Deployment Best Practices

Understanding of the endpoint and identity considerations unique to AI tools: network

allowlisting for LLM API endpoints DLP policy tuning for AI-generated content user

provisioning workflows and communicating rollout plans across IT Security and end-user

teams.