The role at a glance:

NBBJ is currently seeking a Senior Endpoint Engineer to join the London office. The Endpoint Engineer will be responsible for establishing and maintaining the gold standard for endpoint devices across NBBJ’s global operations. This includes designing secure, high-performing device configurations, implementing robust management practices with tools such as SCCM, JAMF, Intune, and Purview, while driving innovation through the strategic use of AI. Beyond core device and baseline management, this role supports and integrates a range of cloud based, user-facing platforms to ensure seamless, secure, and intuitive daily workflows.

This role works hands-on to ensure every device meets rigorous readiness criteria, proactively resolve technical challenges, and collaborate with teams to support new technologies and platforms. The ideal candidate understands how to balance security, user experience, and operational efficiency, communicates technical concepts clearly, and is instrumental in enabling seamless, secure, and innovative digital experiences for all users.

In your new role, you will: 

Gold Device Standards

• Define and maintain device specifications by persona/studio use case (performance targets, firmware/driver standards)
• Coordinate with Asset & Licensing Specialist (ALS) for hardware alignment and lifecycle management
• Supporting and informing initiatives related to engineering the end‑user experience, ensuring that devices, cloud services, and security controls work together without friction

Secure Baselines & Readiness Gate

• Author and version GPO/MDM baselines (BitLocker, Defender, firewall, device control, local rights, browser/Office hardening, Wi-Fi/EAP, certificate chain)
• Define readiness gate criteria and automated acceptance checks for device handoff
• Managing and supporting firmwide cloud collaboration and storage tools such as Box, ShareFile, and other end user SaaS platforms

Endpoint Integrations

• Engineer and maintain Autopilot/OOBE flows, enrollment status pages, update ring strategy, health/compliance connectors, and telemetry models for operations reporting
• Utilize AI tools to automate and enhance endpoint management, validation, and security workflows
• Map baselines to END controls, package CAB requests with risk notes, test plans, rollback/communication steps, and capture promotion evidence for audits
• Partnering with Collaboration, UX, and Security teams to design cohesive, user‑centered experiences across devices, applications, and services
  

Incident & Problem Management

• Lead root cause analysis (RCA) for policy/baseline defects, update standards/readiness tests, and partner with Senior Desktop Engineer for safe redeployment
• Troubleshooting and optimizing workflows that span multiple cloud systems, ensuring reliability, access integrity, and user productivity
• Provide reference artifacts, publish diagrams/runbooks, and brief stakeholders on changes impacting device experience or training
• Own and version secure baselines and readiness gates mapped to END controls; route changes via CAB; monitor control health and coauthor control adoptions/exceptions with Cybersecurity
  

What you will need to succeed:

• Bachelor’s degree in Computer Science, Information Technology, or related field, or equivalent experience
• 5+ years in End User Computing or Endpoint Configuration Engineering
• Certifications: MD-102, SC-200, SC-400 or equivalents preferred
• Hands-on experience with JAMF, Intune, and Purview (required)
• Experience with GPO, Autopilot/OOBE, update rings, compliance policies, certificate/802.1X/Wi-Fi profiles
• Demonstrated ability to use AI tools to automate, validate, and improve endpoint workflows and security
• Excellent problem-solving and communication skills
• Familiarity with automation tools and scripting (PowerShell, Python)
• Proven ability to manage projects and support cross-functional initiatives
  

Additional attributes to help you succeed:

• Experience with architecture/design firm environments
• Experience with MacOS, Microsoft Teams Rooms, Meta 3 VR headsets and other Android based devices in an enterprise environment
• Citrix (Virtual Apps/Desktops, Workspace) experience is a strong plus, especially in environments blending physical endpoints with virtualized workloads
• Security-by-design: builds secure defaults and proves them with telemetry
• Systems thinking: simplifies policy portfolios; designs for resilience & rollback
• Change stewardship: meticulous with CAB artifacts, evidence, and communications
• Partnership mindset: enables teams and stakeholders to run faster via clear, testable standards
  

Why choose NBBJ?

We believe that all NBBJ employees should love their work. This means not only loving what you do but having pride in your workplace. We strive to be that irresistible place to work by enhancing your employee experience with customized programs and comprehensive benefits. In addition to 100% covered employee healthcare costs and 401k contributions, we offer unique professional development opportunities, volunteer opportunities and access to leading technology and resources to further help you love your work and advance your career.

• NBBJ has been named three times by Fast Company as one of the most innovative architecture firms.
• Founded in 1943, our first office opened over 75 years ago in Seattle, Washington. We now have over 10 office locations around the globe.
• We are a transdisciplinary, cross-practice focused firm with a deep portfolio of Civic & Cultural, Commercial, Corporate, Healthcare, Higher Education, Science and Technology, Sports, and Urban Environment projects. We also have several areas of service expertise including: Architecture, Environmental Graphic Design, Interior Design, Lighting Design, Workplace Consulting and more.
• In the past decade, NBBJ has received more than 300 awards from leading global, national and regional award programs across the business, real estate and design communities.
• We work with 5 of the top global high-tech companies, 14 of the U.S. News and World Report Top Hospitals, and 4 of the top 10 highest-ranked learning institutions.
• Our clients include institutional leaders such as Cambridge University, Google, Samsung, Cleveland Clinic, Tencent, and Stanford University.