OT Endpoint Device Management Engineer - #187851

About The Role:

As a CBRE OT Endpoint Device Management Engineer, you will be responsible for the design, implementation, management, and support of our organization's OT endpoint infrastructure. This includes desktops, laptops, mobile devices, Virtual Machines, and potentially other endpoint devices. This role requires a deep understanding of operating systems, endpoint management tools, security best practices, remote Monitoring and Management (RMM) platforms, and scripting/automation. The Engineer will be a technical leader, mentor junior team members, and drive continuous improvement in our endpoint environment. They will collaborate with other IT teams to ensure a secure, reliable, and efficient endpoint experience for all users.

What You'll Do:

Endpoint Management and Deployment:
* Design, implement, and maintain endpoint management solutions (e.g., Microsoft Intune, Jamf, VMware Workspace ONE, etc.). This is the core responsibility.
* Develop and maintain operating system images (Windows, macOS, Linux, iOS, Android) for standardized deployments.
* Manage the application packaging, deployment, and patching process for endpoints
* Experience with RMM platforms (e.g., ConnectWise Automate, Datto RMM, NinjaOne, Kaseya VSA, Atera, SolarWinds N-central, ManageEngine Desktop Central) is required.
* Oversee the rollout of new hardware and software to endpoint devices.
* Manage Group Policy Objects (GPOs) or equivalent configuration profiles to enforce security and configuration standards.
* Develop and maintain Mobile Device Management (MDM) and Mobile Application Management (MAM) policies.
* Manage Virtual Desktop Infrastructure (VDI) solutions (e.g., VMware Horizon, Citrix Virtual Apps and Desktops, Microsoft Azure Virtual Desktop) if applicable.

Security and Compliance:
* Implement and maintain endpoint security solutions (e.g., antivirus, EDR, DLP, encryption).
* Ensure endpoints comply with relevant security policies, and industry best practices.
* Perform vulnerability assessments and remediate identified security issues.
* Collaborate with the security team on incident response and investigations related to endpoints.
* Develop and maintain security baselines for all endpoint types.

Automation and Scripting:
* Develop and maintain scripts (e.g., PowerShell, Python) to automate endpoint management tasks, deployments, and reporting.
* Automate software deployments, patching, and configuration changes.
* Integrate endpoint management tools with other IT systems (e.g., ticketing systems, asset management databases).

Troubleshooting and Support:
* Provide Tier 3/4 support for complex endpoint issues, acting as an escalation point for the help desk and junior engineers.
* Be available on call or after-hours support
* Troubleshoot operating system, application, and hardware problems.
* Analyze performance issues and optimize endpoint configurations.
* Document troubleshooting procedures and solutions.

Monitoring and Reporting:
* Monitor endpoint health, performance, and security posture using appropriate tools.
* Generate reports on endpoint compliance, software inventory, and other key metrics.
* Proactively identify and address potential issues before they impact users, leveraging RM capabilities for proactive alerting and remediation.
* Configure and maintain RMM agents and policies for optimal endpoint monitoring and management.
* Implement and manage automated patch management and software deployment through the RMM platform.
* Use RMM tools for remote access, diagnostics, and troubleshooting of endpoint issues.
* Use RMM tools to perform asset and inventory management.

Strategy and Planning:
* Research and evaluate new endpoint technologies and solutions.
* Contribute to the development of the endpoint strategy and roadmap.
* Stay up to date on industry trends and standard processes.
* Capacity planning for endpoint infrastructure.