Windows Endpoint Automation Engineer

• Lead endpoint automation for provisioning, compliance, remediation, and standard configuration across the Windows fleet.

• Engineer and modernize deployment workflows using Microsoft Intune, SCCM/MECM, and Windows Autopilot, with a focus on repeatability, safety, and scale.

• Build reusable PowerShell-based frameworks (and supporting tooling) for device configuration, drift detection, self-healing remediation, and operational consistency.

• Define and evolve Windows endpoint standards including OS baseline configuration, security baselines, and lifecycle practices aligned with enterprise requirements.

• Partner with QA and release governance to improve validation practices for patches, feature updates, policy changes, security configuration, and application rollouts.

• Implement and expand CI/CD practices for endpoint engineering content (scripts, configuration, packaging, policy-as-code where applicable), using Git-based workflows, reviews, and promotion patterns.

• Integrate with identity and security platforms (e.g., Microsoft Entra ID) to support secure provisioning, access, and device compliance patterns.

• Reduce operational toil and improve reliability by automating routine work, codifying repeatable runbooks, and improving observability and troubleshooting signals.

• Strong experience with Windows endpoint engineering in an enterprise environment (OS configuration, policy management, troubleshooting, and lifecycle management).

• Hands-on experience with Microsoft Intune and SCCM/MECM for application delivery, device management, and endpoint configuration.

• Experience with Windows Autopilot and modern provisioning patterns.

• Proficiency in PowerShell for automation, packaging, and remediation workflows.

• Working knowledge of CI/CD concepts and Git-based workflows (code reviews, branching strategies, reusable templates/modules).

• Familiarity with Microsoft Entra ID and endpoint identity/compliance patterns.

• Experience with Desired State concepts (e.g., Desired State Configuration or similar) is a plus.

• Understanding of enterprise endpoint security concepts (security baselines, hardening, least privilege, patching/updates).

• Familiarity with monitoring/telemetry and operational observability concepts is a plus.

What it takes:

• Undergraduate degree in a related field or equivalent experience.

• 3-5+ years of relevant experience in Windows endpoint engineering, automation, or platform engineering roles.

• Strong analytical, problem-solving, and troubleshooting skills.

• Strong written and verbal communication skills, with the ability to document standards and enable others.

• Ability to work across teams, influence standards, and drive automation-first engineering practices.

• Strong planning, organization, and delivery discipline.

Qualifications:

• Minimum of eight years related work experience.

• Undergraduate degree in a related field or the equivalent combination of training and experience.

Special Factors

About Vanguard At Vanguard, we don't just have a mission-we're on a mission. To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best. How We Work Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience., Vanguard, one of the world's leading investment management companies, serves individual investors, institutions, employer-sponsored retirement plans, and financial professionals. We have a diverse and talented crew with a culture that promotes teamwork, along with an unwavering focus on serving our clients' best interests. This website uses "cookies" to distinguish you from other users. A cookie is a small file of letters and numbers placed on your computer or device. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site and services. The cookies are stored locally on your computer or mobile device. To accept cookies you can continue browsing as normal. Or you can go to ourPrivacy Policy (https://www.vanguardjobs.com/site-privacy-policy/) to read more information and learn how to change your preferences. Read More