Business Services & Consulting • all cities, PA 39
Endpoint Engineer (39)
all cities, PA 39On-sitePosted 1 day ago
Business Services & Consulting
About the Role
Endpoint Engineer
End Client: Congressional Budget Office (CBO) Duration: 5 Years Location: Washington, DC 20515 (Remote Preferred; Onsite as Needed) Position Type: Contract Hours Per Week: 40 Scope of Project: The Service Desk Engineer is responsible for providing advanced engineering support for escalated service desk issues, focusing on endpoint security, system imaging, patching, and device lifecycle management. This role designs and implements secure configurations across Windows and macOS environments while ensuring compliance with CBO security standards.
Job Description
Service Desk Engineer (Tier 3 / Endpoint Engineering) to support an advanced federal cybersecurity and endpoint engineering program. This role focuses on engineering solutions for escalated issues, not routine help desk support.
Responsibilities
Endpoint Security & System Hardening:
Design and maintain secure workstation images (Windows/macOS) to prevent lateral movement, credential misuse, and system compromise
Implement controls for secure authentication (passwordless, hardware keys)
Endpoint Configuration & Lifecycle Management:
Engineer and maintain endpoint baselines, compliance policies, and configuration standards
Manage full lifecycle including provisioning, maintenance, and decommissioning
Imaging, Patching & Automation:
Build and maintain imaging pipelines using Ivanti/KACE/JAMF
Automate patching, deployment, rollback, and validation processes
Device Enrollment & Asset Management:
Support Intune, Autopilot, and JAMF for secure device onboarding
Maintain asset inventory, tracking, and ownership mapping
Monitoring & Telemetry Engineering:
Implement endpoint logging (Windows/macOS), telemetry, and integration with SIEM/EDR
Ensure audit-ready logging and monitoring capabilities
Document findings, remediation plans, and validation reports
Documentation & Knowledge Transfer:
Develop SOPs, runbooks, and training materials for Service Desk and operations
Required/Preferred Skills
8+ years of IT experience, with 6+ years in endpoint engineering (not help desk)
Strong experience with:
Intune, Autopilot, Ivanti/KACE
Windows & macOS imaging/patching
Scripting (PowerShell, Bash)
Experience working under formal change control, security, and audit frameworks
Endpoint Engineer
End Client: Congressional Budget Office (CBO) Duration: 5 Years Location: Washington, DC 20515 (Remote Preferred; Onsite as Needed) Position Type: Contract Hours Per Week: 40 Scope of Project: The Service Desk Engineer is responsible for providing advanced engineering support for escalated service desk issues, focusing on endpoint security, system imaging, patching, and device lifecycle management. This role designs and implements secure configurations across Windows and macOS environments while ensuring compliance with CBO security standards.
Job Description
Service Desk Engineer (Tier 3 / Endpoint Engineering) to support an advanced federal cybersecurity and endpoint engineering program. This role focuses on engineering solutions for escalated issues, not routine help desk support.
Responsibilities
Endpoint Security & System Hardening:
Design and maintain secure workstation images (Windows/macOS) to prevent lateral movement, credential misuse, and system compromise
Implement controls for secure authentication (passwordless, hardware keys)
Endpoint Configuration & Lifecycle Management:
Engineer and maintain endpoint baselines, compliance policies, and configuration standards
Manage full lifecycle including provisioning, maintenance, and decommissioning
Imaging, Patching & Automation:
Build and maintain imaging pipelines using Ivanti/KACE/JAMF
Automate patching, deployment, rollback, and validation processes
Device Enrollment & Asset Management:
Support Intune, Autopilot, and JAMF for secure device onboarding
Maintain asset inventory, tracking, and ownership mapping
Monitoring & Telemetry Engineering:
Implement endpoint logging (Windows/macOS), telemetry, and integration with SIEM/EDR
Ensure audit-ready logging and monitoring capabilities
