Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
POSITION TITLE
Service Desk Engineering SME (Endpoint Engineering)
CLEARANCE REQUIREMENT
Must hold an active Top Secret (TS) Security clearance.
POSITION OVERVIEW
IMRI is seeking a highly experienced Service Desk Engineering Subject Matter Expert (SME) to support a federal customer in strengthening endpoint security, device lifecycle management, and advanced engineering capabilities within the service desk ecosystem. This role is focused on engineering, automation, and security—not Tier 1 support . The SME will design, implement, and maintain secure endpoint solutions that reduce enterprise risk associated with unauthorized access, credential misuse, lateral movement, and system persistence techniques. The ideal candidate will bring deep expertise in endpoint engineering, modern device management, and security-focused infrastructure, helping drive improved visibility, resilience, and operational efficiency across the environment.
KEY RESPONSIBILITIES
Endpoint Security Engineering Design and implement controls to mitigate risks related to unauthorized access, credential misuse, lateral movement, and persistence techniques Strengthen endpoint security through hardened configurations, secure authentication, and baseline enforcement Align endpoint engineering efforts with enterprise threat detection and mitigation strategies Workstation Imaging & Secure Build Engineering Design, build, and maintain standardized workstation images for Windows and macOS environments Ensure images support both on-site and remote users , including VDI integration Manage image lifecycle processes, including testing, validation, release, versioning, and rollback Validate endpoint functionality post-imaging, including authentication, connectivity, and application compatibility Endpoint Configuration & Lifecycle Management Engineer and maintain secure configuration baselines to support compliance and operational consistency Manage OS and application lifecycle, including patching, upgrades, version control, and deployment Utilize enterprise tools such as Microsoft Intune, Ivanti, KACE, and Windows Autopilot Identify and remediate configuration drift to ensure alignment with approved standards Patching, Automation & Process Engineering Design and manage patching strategies for operating systems and applications Implement automation for deployment, patching, validation, and rollback processes to improve efficiency Develop scripts and workflows to reduce manual intervention and improve operational performance Maintain detailed runbooks and procedures for imaging, patching, and recovery Device Enrollment & Asset Management Implement and maintain secure device enrollment workflows across Intune, Autopilot, and Apple/JAMF ecosystems Ensure devices meet compliance and security posture requirements prior to network access through conditional access controls Integrate device enrollment with asset management systems to maintain accurate ownership and lifecycle tracking Support full device lifecycle operations, including provisioning, reassignment, decommissioning, and secure wipe Authentication & Identity Security Implement and support secure authentication methods, including passwordless authentication and hardware-backed credentials (e.g., YubiKeys, CAC cards) Integrate endpoint systems with enterprise identity platforms (e.g., Entra ID / Active Directory) to enforce access controls Monitoring, Logging & Telemetry Design and maintain endpoint telemetry for monitoring, detection, and response Ensure endpoint logs (Windows, macOS, and application logs) are properly collected and integrated into
SIEM/EDR
platforms Implement logging, parsing, and alerting mechanisms to enable actionable insights and incident response Monitor compliance status, patch health, and operational metrics with defined alert thresholds Incident Response & Forensics Support Provide engineering support to incident response activities, including endpoint analysis and forensic data collection Develop recovery, remediation, and containment playbooks Assessment, Remediation & Change Management Conduct technical assessments to identify vulnerabilities and areas for improvement Develop structured remediation plans with validation and rollback procedures Execute changes in alignment with formal change control processes Maintain detailed documentation to support auditability and compliance Knowledge Transfer & Technical Leadership Develop and maintain SOPs, runbooks, and knowledge base documentation Provide training and knowledge transfer to Service Desk, IAM, and SOC teams Serve as the SME and escalation point for complex engineering issues (Tier 2/3) Ensure solutions are operationally sustainable and aligned with enterprise standards Key Deliverables Secure, standardized workstation images and baselines Endpoint lifecycle and enrollment workflows Imaging, patching, and recovery runbooks Monitoring and logging configurations Assessment reports, remediation plans, and validation documentation Audit-ready technical documentation and change records
REQUIRED QUALIFICATIONS
Significant experience in endpoint engineering, IT infrastructure, or cybersecurity engineering (non-Tier 1 support) Expertise supporting Windows and macOS enterprise environments Strong experience with: Microsoft Intune and Windows Autopilot Ivanti and/or KACE JAMF or equivalent Apple device management tools Proven experience with patch management, configuration baselines, and system hardening Experience supporting VDI environments and hybrid/remote work environments Hands-on experience implementing secure authentication solutions (passwordless, MFA, hardware tokens) Knowledge of logging, monitoring, and SIEM integration Experience working in compliance-driven environments with formal change management processes Strong troubleshooting, analytical, and root cause analysis skills
PREFERRED QUALIFICATIONS
Experience supporting federal or highly regulated environments Familiarity with
NIST, CIS
Benchmarks, or similar frameworks Experience supporting incident response and forensic investigations Scripting experience in PowerShell, Python, or Bash Experience integrating endpoint solutions with identity and access management platforms
