Endpoint Engineer
Description
Company Overview:
When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.TM
Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.
Position Overview:
Term: 6-9 month contract with potential for FTE conversion
Location: Plano, TX 75093
Pay: up to $80/hr
Hours: M-F 8:30-5pm - Hybrid role/one day on site
We are seeking a mid–senior level Endpoint Engineer with strong expertise in Microsoft Intune, Windows Autopilot, and Azure AD (Entra ID) to support a secure, modern, cloud-first endpoint environment. This role operates within a regulated banking environment and focuses on zero-touch device provisioning, secure configuration, and application deployment using Microsoft’s modern endpoint stack.
What you will do as the Endpoint Engineer:
The requirements below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This job description is not intended to be a comprehensive list of the duties and responsibilities of the position, and the duties and responsibilities may change without notice.
Windows Autopilot & Device Provisioning (Core Focus)
- Design, implement, and support Windows Autopilot for secure, zero-touch device provisioning
- Manage Autopilot profiles, deployment modes (User-Driven, Pre-Provisioning/White Glove), and device targeting
- Support Azure AD (Entra ID) join and hybrid join scenarios where applicable
- Troubleshoot Autopilot enrollment failures, ESP issues, and profile assignments
- Coordinate with hardware vendors to ensure devices are Autopilot registered
- Maintain auditable provisioning workflows aligned to security standards
Endpoint & Device Management
- Design and manage Microsoft Intune-based endpoint management for Windows 10/11 devices
- Configure device configuration profiles, compliance policies, and security baselines
- Enforce endpoint hardening standards including BitLocker and Microsoft Defender
- Manage full device lifecycle: build, deploy, maintain, and retire
Application Deployment & Engineering
- Package, deploy, and maintain applications using Intune Win32, MSI, MSIX, and Microsoft Store models
- Develop detection rules, requirement logic, dependencies, and supersedence
- Deploy security-critical applications including VPN, encryption, and banking tools
- Troubleshoot complex application deployment and update failures
Security, Compliance & Risk
- Ensure endpoint configurations meet internal risk, audit, and regulatory requirements
- Support Conditional Access and device compliance enforcement
- Provide documentation and evidence during audits and reviews
- Follow formal change management procedures
Operations & Support
- Serve as Tier 3 escalation for endpoint, Autopilot, and Intune issues
- Troubleshoot identity, policy, and OS-level problems
- Create and maintain runbooks, SOPs, and technical documentation
What you will bring to the team:
- 5–8+ years of experience in Endpoint Engineering or Modern Workplace roles
- Hands-on Windows Autopilot experience in enterprise environments
- Strong expertise with Microsoft Intune / Endpoint Manager
- Experience with Azure AD (Entra ID) and Conditional Access
- Strong application packaging and deployment background
- Windows 10/11 administration experience
- Experience in regulated environments such as banking or financial services
- SCCM / MECM co-management experience
- PowerShell scripting for automation
- Azure Virtual Desktop or Windows 365 experience
- Microsoft certifications (MD-102, AZ-104, Security-focused certs)
Zones offers a comprehensive Benefits package
While we’re committed to providing top-tier solutions, we’re just as committed to supporting our own team. As a valued team member, you will be eligible for a comprehensive benefits package that includes medical coverage, as well as state-mandated sick leave, along with other benefits designed to support your well-being and work-life balance. And as a Minority Business Enterprise, a Corporate Plus member of the Northwest Minority Supplier Development Council, and an Equal Employment Opportunity Employer, our community is just as diverse.
At Zones, work is more than a job –with exciting careers with a global team who are client centric, have a passion for tech, who embrace change and lifelong learning in a collaborative culture. If you’re interested in working on the cutting edge of IT innovation, sales, engineering, operations, administration, and more, Zones is the place for you!
While we’re committed to providing top-tier solutions, we’re just as committed to supporting our own team. As a valued team member, you will be eligible for a comprehensive benefits package that includes medical coverage, as well as state-mandated sick leave, along with other benefits designed to support your well-being and work-life balance. And as a Minority Business Enterprise, a Corporate Plus member of the Northwest Minority Supplier Development Council, and an Equal Employment Opportunity Employer, our community is just as diverse.
At Zones, work is more than a job –with exciting careers with a global team who are client centric, have a passion for tech, who embrace change and lifelong learning in a collaborative culture. If you’re interested in working on the cutting edge of IT innovation, sales, engineering, operations, administration, and more, Zones is the place for you!
All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, age, genetic information, or pregnancy.
Zones participates in E-Verify. E-Verify is a system that compares information from a team member’s Form I-9 to federal records to confirm their eligibility to work in the United States.