Endpoint Manager

The Endpoint Manager oversees the full lifecycle of all organization-owned devices-including macOS, iOS, Windows, and ChromeOS-ensuring secure, consistent, and policy-aligned experiences across platforms. This role administers and optimizes Jamf Pro, Microsoft Intune, SCCM/MECM, and Google Workspace for Education to automate provisioning, enforce security controls, maintain compliance, and support zero-touch deployment workflows. The Endpoint Manager collaborates closely with cybersecurity, ASU partners, and cross-functional teams to align configurations with CIS/NIST standards, support instructional and operational needs, and maintain strong data-privacy practices under FERPA, COPPA, and state regulations., * Lead the end-to-end management of all organization-owned endpoint devices (macOS, iOS, Windows, ChromeOS) ensuring secure, consistent configurations, and full lifecycle management.

• Administer and optimize Jamf Pro, Microsoft Intune, and SCCM/MECM to deploy applications, enforce security policies, manage updates, and automate device provisioning.
• Oversee zero-touch or automated enrollment workflows to streamline onboarding and reduce manual workload.
• Implement and monitor endpoint security controls, including disk encryption, device compliance, antivirus/EDR integration, application controls, and patch management.
• Collaborate with ASU to develop and maintain standardized configuration profiles, compliance policies, baselines, and automated workflows to ensure a secure and predictable device experience for all users.
• Develop and maintain dashboards, reporting mechanisms, and compliance insights to support operational visibility, audit readiness, and executive reporting.
• Collaborate with the Cybersecurity Engineer to align endpoint configurations with CIS Benchmarks, NIST, and organizational security policies.
• Troubleshoot complex endpoint management issues, leveraging logs, diagnostics, and vendor resources to resolve problems efficiently.
• Maintain deep operational knowledge of OS ecosystems, including macOS, iPadOS, Windows, iOS, and ChromeOS, and guide their use within the organization.
• Coordinate with cross-functional teams to ensure device readiness for instruction, assessments, and operational needs.
• Develop and maintain technical procedures, SOPs, compliance guidelines, and end-user support materials.
• Evaluate and implement new endpoint technologies, emerging features, integrations, and automation tools to continuously improve efficiency and user experience.
• Provide mentorship, training, and escalation support to Service Desk teams on endpoint tooling, troubleshooting, and best practices.
• Align technology initiatives with district goals and instructional needs.
• Support compliance with FERPA, COPPA, and applicable federal and state data privacy regulations.
• Create and maintain technical documentation, SOPs, and end-user support materials.
• Translate technical concepts for educators, administrators, and other stakeholders.
• Additional duties may be assigned as necessary.

Do you have experience in macOS administration?, Do you have a Associate's degree?, * Bachelor's degree in Information Technology, Computer Science, or related field required; or Associate's degree with 3 years of relevant IT experience.

• 3-5 years experience managing Endpoints in Windows, Apple, and/or ChromeOs environments.
• Experience administering endpoint management platforms such as Microsoft Intune, SCCM/MECM, Jamf Pro, Google Workspace, or similar.
• Experience in a K-12 educational environment, strongly preferred
• Industry certifications preferred: Microsoft 365 Certified: Endpoint Administrator Associate, Jamf Certified, or Professional ChromeOS Administrator Certification
• Active AZ Department of Public Safety (DPS) IVP Fingerprint Clearance Card.
• Any equivalent combination of experience, training and/or education from which comparable knowledge, skills and abilities may be considered., * Strong expertise in endpoint management across macOS, Windows, iOS/iPadOS, Android, and ChromeOS environments.
• Proficiency with enterprise endpoint management platforms, including Jamf Pro, Microsoft Intune, SCCM/MECM, and Google Workspace for Education.
• Knowledge of device lifecycle management and automation, including enrollment (e.g., Autopilot, Apple Business Manager), provisioning, patching, and application deployment.
• Understanding of identity and access management systems (e.g., Azure AD/Entra ID, Google Workspace) and device authentication methods.
• Proven ability to implement and maintain endpoint security controls, including compliance policies, EDR/antivirus, OS updates, and secure configuration baselines aligned to CIS/NIST standards.
• Working knowledge of scripting (e.g., PowerShell, Bash, or Python) to automate processes and improve operational efficiency.
• Strong troubleshooting skills with the ability to diagnose and resolve complex, cross-platform endpoint issues.
• Ability to document processes, create technical resources, and communicate effectively with both technical and non-technical stakeholders.
• Ability to manage multiple priorities, work independently, and collaborate with cross-functional teams in a dynamic environment.
• Strong organizational, written, and oral communication, interpersonal skills with a focus on customer service.

As part of Arizona State University's charter to provide access and excellence, ASU Preparatory Academy (ASU Prep) shares this commitment by demonstrating all students can achieve at the highest levels, regardless of their background. To scale our current impact, ASU Prep is advancing a major expansion program taking fundamental responsibility for the communities we serve.