Key skills
AWSAzureCitrixCloudJamfMacOSAzure ADLeadershipCommunicationCollaboration
About this role
Role Overview
- own and modernize Synchrony’s global endpoint ecosystem across physical and virtual platforms
- partner closely with Risk & Compliance to support audits, ensure configuration compliance, and remediate vulnerabilities
- collaborate with Desktop Operations/ECC teams to enable scalable, reliable day-to-day delivery and support
- Lead engineering design, development, standardization, and lifecycle management for Windows, macOS, and ChromeOS endpoints
- Engineer and maintain enterprise OS images (Windows/macOS) and govern ChromeOS management and update strategy
- Define and maintain hardware standards, perform OEM model testing, and manage drivers/BIOS/firmware update processes
- Develop and optimize configuration baselines, performance settings, and endpoint hardening standards across platforms
- Design and manage Intune policies for configuration, application deployment, compliance, and security baselines
- Lead Windows Autopilot workflows including device registration, profile assignment, join models (Hybrid/Azure AD), validation, and reset/reprovisioning processes
- Support SCCM infrastructure for co-management scenarios, packaging, patching, and deployment pipelines
- Drive strategy/roadmap across endpoint tooling including Intune, SCCM, Ivanti, Tanium, JAMF, and Google Admin Console
- Optimize performance, patching, and application compatibility for VDI/DaaS platforms (e.g., Citrix Cloud, AWS WorkSpaces, AppStream, Cloud PC)
- Act as the Desktop Engineering POC for audit readiness, evidence collection, technical controls validation, and remediation tracking
- Implement and maintain endpoint security controls (e.g., Defender, ASR rules, BitLocker), and align configurations with relevant regulatory expectations (e.g., SOX/PCI)
- Manage macOS EFI/firmware/device password standards and coordinate JAMF integrations where required
- Improve endpoint performance and user experience through Nexthink/telemetry insights and targeted remediation
- Partner with Desktop Operations/ECC teams to transition engineered solutions into scalable production deployment and support
- Lead root cause analysis for systemic endpoint issues and drive durable corrective actions
- Evaluate new tools and modernization opportunities (e.g., Autopilot/Intune enhancements, Nexthink, Tanium, updated security baselines
Requirements
- 10 + years in Desktop Engineering, Modern Endpoint Management, or OS Platform Engineering or 12+ years of experience in lieu of a degree
- Deep expertise in Windows 10/11 engineering (imaging, driver management, BIOS/firmware, GPO/Intune policy design)
- Strong experience with Intune, Autopilot, compliance policies, conditional access, and Azure AD join models / co-management architecture
- Proficiency in macOS engineering, including update governance, security controls, hardware baseline validation, and JAMF integration
- Experience with ChromeOS management (automated enrollment, OU-based policy management, update governance)
- Familiarity with endpoint security tooling and controls (e.g., Defender, ASR, BitLocker)
- Knowledge of audit/control expectations as applied to endpoints (e.g., SOX, PCI, configuration compliance)
- Strong cross-functional collaboration (Operations, Security, Risk, Cloud, Network)
- Excellent documentation and communication skills; ability to lead RCA and corrective action programs
- Broad hands-on/architectural experience across Windows, macOS, ChromeOS, SCCM, Intune, JAMF, Citrix/VDI
Tech Stack
- AWS
- Azure
- Citrix
- Cloud
- Jamf
- MacOS
Benefits
- best-in-class employee benefits and programs that cater to work-life integration and overall well-being
- career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles