Responsibilities
- Deployment, configuration, security, and proactive management of end-user computing devices including: desktops, laptops, mobile devices, and peripherals.
- Ensure endpoints are secure, compliant, reliable, and optimized to support business operations.
- Proactively manage, maintain, and provide exceptional and timely technical support for ACLU-issued and Bring-Your-Own-Device (BYOD) endpoint devices across the organization.
- Deploy and manage endpoint management solutions, e.g., Microsoft Intune for Mobile Device Management (MDM) and Mobile Application Management (MAM), Ninja One, JAMF.
- Working with the Infrastructure team, appropriately size, deploy, proactively manage and monitor virtual desktop (VDs), cloud PCs, i.e., Microsoft Azure VD and Microsoft 365.
- Manage endpoint security tools (MAM, EDR, antivirus, disk encryption, DLP).
- Configure device policies, profiles, compliance rules, and application deployments.
- Monitor endpoint health, performance, and security posture.
- Implement OS imaging, provisioning, patching, and update strategies.
- Troubleshoot endpoint-related issues escalated from the Service Desk.
- Maintain inventory of devices, software, and licenses
- Support endpoint lifecycle management (onboarding / enrollment, offboarding, refresh, and secure disposal).
- Collaborate with Information Security, Infrastructure, Network Operations, and Service Desk teams to ensure operational best practices, coordinated technical service delivery, issue resolutions, and remediation strategies deployment.
- Develop and maintain documentation, standards, and procedures.
- Assist with audits and ensure compliance with company and regulatory requirements.
- Be committed to advancing the mission of the ACLU.
- Center and embed the principles of equity, inclusion and belonging in their work by demonstrating commitment to diversity with an approach that respects and values multiple perspectives.
- Be committed to work collaboratively and respectfully toward resolving obstacles and conflicts.
Requirements
- Extensive experience in endpoint administration or desktop engineering.
- Expert knowledge of Windows and MacOS operating platforms including Microsoft Windows 11 and Office 365, MacOS, and Mobile technologies.
- Adept at problem-solving, troubleshooting desktop, cloud PC, and mobile device issues, effectively assisting onsite and remote users to resolve issues, involving other members of technical staff as necessary.
- Excellent and adaptable communication and documentation skills for technical and non-technical audiences.
- Experience sizing, deploying, managing, monitoring Azure Virtual Desktop (AVD) and Microsoft 365.
- Solid understanding and experience with endpoint security principles and best practices.
- Strong knowledge of and experience with Azure AD, Entra ID, identity and access management (IAM) leveraging least privilege principles.
- Demonstrated ability to work independently and as part of a team.
- Must have strong, reliable home internet service when working remotely.
- Must be able to transport moderately heavy objects, e.g., computers and peripherals.
Nice to Have
- Experience with Zero Trust and modern device management strategies.
- Knowledge of and experience with networking fundamentals (DNS, DHCP, VPN).
- Experience supporting remote and hybrid workforces.
- Have attained or currently enrolled in training towards obtaining professional industry certifications within six (6) months of employment: Microsoft Endpoint Administrator Associate, JAMF Certified Admin, CompTIA A+, Network+, Security+.
Work Arrangement
Hybrid
Team
Team size: more than 600-person National staff. Structure: Information Technology (IT) department
Additional Information
- Must have strong, reliable home internet service when working remotely.
- Must be able to transport moderately heavy objects, e.g., computers and peripherals.
