Endpoint Management Engineer

Audax Group is a leading alternative investment manager with offices in Boston, New York, San Francisco, and London. Since its founding in 1999, the firm has raised over $40 billion in capital across its Private Equity and Private Debt businesses. With more than 400 employees and approximately 180 investment professionals, the firm is a leading capital partner for North American middle market companies. For more information, visit the Audax Group website www.audaxgroup.com.

POSITION SUMMARY:

Endpoint Management Engineer is responsible for designing, implementing, and maintaining a secure, scalable, and efficient modern endpoint environment. This position leads the management of endpoint imaging, application packaging, deployment, configuration, patching, and compliance across all platforms including Windows, macOS, and iOS. The role is critical to ensuring a modern, secure, and user-centric computing environment that aligns with the firm’s operational goals and security standards.

This position also serves as a senior escalation point for endpoint-related issues and collaborates closely with Infrastructure, Security, and Operations teams.

RESPONSIBILITIES:

Endpoint Systems Management

• Lead the development, maintenance, and enhancement of Windows 11 images, workstation deployment tools, and automated configuration workflows.
• Administer and maintain Intune, including configuration profiles and compliance policies.
• Manage and improve device provisioning and lifecycle processes using Windows Autopilot, Apple Business Manager, and Intune.
• Assist with client technology asset tracking and lifecycle for desktops, laptops, printers, mobile devices, and peripherals across Windows, macOS, and iOS.

Application and Patch Management

• Package, test, and deploy applications using Win32, MSI, MSIX, Microsoft Store, and all other applicable formats.
• Enable application self-service delivery through Company Portal or other tools.
• Manage and oversee patching for Microsoft and third-party applications using tools such as Kaseya, Windows Update for Business, Intune update rings, or other tools.
• Monitor application usage, enforce software metering, and ensure compliance with update and licensing policies.

Security and Compliance

• Enforce security policies using Microsoft Defender for Endpoint, BitLocker, compliance baselines, and configuration profiles.
• Manage MDM/MAM policies to protect sensitive corporate data across all devices.
• Partner with the Information Security team to address endpoint vulnerabilities and align with CIS, NIST, and Zero Trust standards.
• Implement and manage application control solutions, including application allowlisting, to ensure endpoint security and compliance with organizational standards.
• Continuously monitor device posture and threat intelligence through compliance dashboards and analytics tools.

Remote Monitoring and Automation

• Implement, configure, and manage RMM (Remote Monitoring and Management) platforms to support proactive endpoint management.
• Automate endpoint tasks, software deployments, and health checks through scripting and integrated RMM toolsets.
• Integrate Intune or RMM tools with asset management, alerting, and ITSM/ticketing systems to streamline operations.

Reporting and Knowledge Management

• Build and maintain reports and dashboards using Intune, Entra ID, and RMM data to drive operational visibility and executive insights.
• Contribute to the IT knowledge base by documenting troubleshooting procedures, how-to guides, and support documentation.
• Promote team development through informal knowledge sharing, training participation, and engagement in professional communities.

Support and Service Excellence

• Act as a senior escalation point for advanced endpoint and client application issues, providing diagnostics and remediation support.
• Ensure high-quality customer service by adhering to service standards, creating user-facing documentation, and driving continuous improvement in endpoint support processes.

COMPETENCIES:

Must have advanced skills in:

• Windows 11, macOS, and iOS
• Hardware and Software installation/deployment
• Remote Endpoint Management (Kaseya a plus)
• MS Office 365 / Entra ID Administration
• Entra ID Conditional Access
• On-prem Active Directory & Group Policy
• Mobile Device Management (Intune)
• Mobile Application Management (Intune)
• Apple Business Manager / Intune DEP Enrollment
• AutoPilot / PC Imaging (Smart Deploy a plus)
• Windows 365 Cloud PC Deployment and Management
• PowerShell & Scripting

Must have intermediate skills in:

• ITSM/Ticketing Systems (Fresh Service a plus)
• Print Management (PrinterCloud a plus)
• TCP/IP networking (DHCP, DNS, Routing)
• Azure AD Single Sign-On/MFA
• MS SharePoint and OneDrive

REQUIREMENTS/QUALIFICATIONS:

• Bachelor’s Degree in information systems or related field.
• 7+ years of experience in IT customer service or related area.
• Strong written and verbal communication skills, analytical skills, and the ability to interact effectively with people at all levels of the organization.
• Self-motivated, multi-tasking, ability to prioritize and perform a variety of concurrent tasks with limited direction.
• Proven track record of personal and professional growth and development.

Preferred Certifications:

• • MD-102: Microsoft Certified Endpoint Administrator Associate
  • SC-900: Microsoft Security, Compliance, and Identity Fundamentals

TRAVEL:

Some domestic travel may be required.

OTHER DUTIES:  

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned at any time with or without notice.

 This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned at any time with or without notice. 

Audax Management Co. is an equal opportunity employer.

Please note that Audax Group and its affiliated entities do not accept unsolicited resumes from a third-party recruiting agency not currently under a signed agreement. Any unsolicited resume that is sent to directly to Audax Group or one of its affiliated entities, or its employees, including those submitted to hiring managers by a third-party recruiting agency not currently under a signed agreement, will be considered property of Audax Group. If a third-party recruiting agency submits a resume without an agreement, Audax Group or its affiliated entities explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the third-party recruiting agency. Any third-party recruiting agency should contact either a member of the Talent Acquisition or Human Resource team at Audax Group, in conjunction with a valid, fully executed contract for service based upon a specific job opening.