Senior End User Computing (EUC) Engineer

About Eleven Recruiting

We are a specialized technology staffing agency supporting professional and financial services companies. Why do we stand out in technology staffing? We listen and act as advisors for our candidates on how they can best add value, find interesting projects, and pave a path for career advancement. We advocate for the best pay, diversity in tech, and the best job fit for every candidate we place.

Our client, an investment firm, is seeking a Senior End User Computing (EUC) Engineer to join their team in Menlo Park, CA!

The ideal candidate will be responsible for architecting, securing, and optimizing the enterprise endpoint environment. This role owns the strategy, design, and engineering of workstation platforms, provisioning processes, mobile device management, compliance frameworks, and endpoint automation. The ideal candidate is a highly technical engineer with deep experience in Intune, modern device management, patching, vulnerability remediation, and automation at scale.

Responsibilities:

EUC Architecture & Strategy

• Define and drive the enterprise EUC architecture, ensuring scalability, security, and a seamless end-user experience across Windows, macOS, iOS, and Android devices.
• Develop standards, reference architectures, and engineering roadmaps for endpoint technologies and mobile platforms.
• Lead modernization initiatives such as Zero Trust endpoint adoption, Autopilot transformations, and cloud-native device management.

Modern Device Provisioning & Lifecycle Engineering

• Architect and maintain a fully automated desktop provisioning and lifecycle management process, including Autopilot/DEP, application deployment, and device health validation.
• Develop and maintain OS baselines, configuration packages, and modular build pipelines.
• Ensure provisioning experiences are efficient, secure, consistent, and scalable.

iOS & Android Mobile Device Management

• Engineer and maintain mobile device management (MDM) solutions for iOS and Android using Intune or related enterprise platforms.
• Create and manage enrollment workflows, device configuration profiles, application deployment, compliance policies, and conditional access rules for mobile endpoints.
• Implement mobile-specific security baselines, including encryption enforcement, application protection policies (APP/MAM), OS version controls, and device posture validation.
• Ensure security to ensure mobile devices meet corporate security and data protection requirements.
• Monitor mobile fleet health, compliance trends, and usage analytics, providing senior-level insights and recommendations.

Endpoint Compliance & Policy Engineering (Intune)

• Engineer enterprise-level Intune compliance policies, security baselines, and conditional access integrations for Windows, macOS, iOS, and Android.
• Establish automated drift detection and continuous monitoring of compliance posture across device platforms.
• Serve as SME for endpoint governance, policy design, and integration with Azure AD and security tooling.

Vulnerability Management & Endpoint Hardening

• Lead vulnerability scanning and remediation for workstations and mobile platforms where applicable.
• Architect endpoint hardening strategies, attack surface reduction policies, encryption, identity protection, and device health requirements.
• Build workflows and automation to remediate vulnerabilities and configuration drift at scale.

Patch Engineering, Compliance, & Reporting

• Own the architecture and automation of patch management for Windows and macOS endpoints.
• Implement structured update rings, phased rollouts, stability checks, and rollback procedures.
• Develop comprehensive reporting dashboards for patch compliance, vulnerability closure rates, and endpoint health KPIs.

Leadership, Collaboration & Continuous Improvement

• Provide technical leadership and mentoring to junior engineers and IT support teams.
• Serve as escalation point for complex endpoint, mobile device, Intune, and security issues.
• Evaluate emerging EUC and MDM technologies, lead POCs, and drive strategic enhancements to the EUC ecosystem.
• Contribute to technology governance, compliance frameworks, and long-term IT strategy.

Qualifications:

• 5–8 years of experience in EUC engineering, desktop engineering, or enterprise device management.
• Expert-level experience with Microsoft Intune, Azure AD, device compliance, security baselines, and configuration profiles for Windows, macOS, iOS, and Android.
• Strong background in mobile device management (MDM/MAM) for iOS and Android.
• Expertise in PowerShell, automation, and API-driven engineering.
• Deep understanding of endpoint security, patching, vulnerability management, and Zero Trust endpoint concepts.
• Excellent communication, documentation, and cross-functional collaboration skills.

Preferred Skills:

• Experience with macOS management platforms such as Jamf or Kandji.
• Experience with mobile application protection policies (APP/MAM) and Zero Trust architecture.
• Knowledge of SIEM/SOAR integrations for endpoint events.
• Exposure to virtual desktop platforms (AVD, Citrix, VMware).
• ITIL Foundations or similar process knowledge.

Salary: $200,000 - $250,000