Systems Engineer IV - Endpoint Management

Overview

Please note this position is based in our Phoenix, AZ Support Office. The Sytems Engineer IV - Endpoint Management leads the strategy, design, deployment, and ongoing management of enterprise mobile and endpoint solutions across Windows, macOS, iOS, and Android platforms. This role is the primary subject matter expert for Mobile Device Management (MDM), Mobile Application Management (MAM), and zero-touch device enrollment programs. You will define BYOD, COPE, and COBO policies, enforce mobile security and compliance posture, and collaborate closely with the security team on zero-trust endpoint strategy. In addition, you will mentor junior engineers and drive continuous improvement across the endpoint lifecycle.

Essential Functions

• Design, deploy, and manage enterprise MDM/MAM platforms (Microsoft Intune, Kandji/SOTI) with a primary focus on mobile fleet management across iOS, Android, Windows, and macOS.
• Architect and administer zero-touch enrollment programs including Apple Business Manager (ABM/DEP), Android Enterprise (Zero-Touch) and Windows Autopilot.
• Implement, and enforce BYOD, COPE, and COBO device policies aligned with corporate security standards and regulatory requirements.
• Design and manage mobile app protection policies, app configuration profiles, and conditional access policies via Microsoft Intune and Entra ID.
• Collaborate with the security team to enforce zero-trust endpoint principles, including device compliance, identity-based access, and continuous monitoring.
• Manage endpoint security controls, patch management, software deployment, and compliance policy frameworks across all device types.
• Diagnose and resolve complex technical issues across the endpoint stack (hardware, OS, application, MDM policy) including escalated tier 3 incidents.
• Perform root cause analysis on endpoint and mobile incidents and implement corrective and preventive measures.
• Create and maintain comprehensive documentation for mobile/endpoint architecture, enrollment procedures, policy configurations, and operational runbooks.
• Provide leadership, coaching, and mentoring to junior engineers and support staff; act as a technical escalation point across the endpoint practice.
• Evaluate emerging mobile and endpoint technologies, vendors, and industry trends; provide recommendations to leadership.

Knowledge, Skills, Abilities and Physical Requirements

Knowledge, Skills & Abilities

• Bachelor's degree in Computer Science, Information Technology, or equivalent professional experience.
• 5+ years in endpoint engineering or device management roles, with at least 2 years focused on mobile endpoint management (Android at scale).
• Deep proficiency with MDM/MAM platforms: Microsoft Intune (required), Kandji, and/or SOTI.
• Hands-on experience with Apple Business Manager (ABM), Android Enterprise and Windows Autopilot enrollment programs.
• Strong understanding of Conditional Access, Entra ID (Azure AD) device compliance, and app protection policies.
• Proficiency in scripting and automation: PowerShell (required), Bash, and/or Python for endpoint lifecycle automation.
• Solid understanding of BYOD, COPE, and COBO program design, legal/privacy considerations, and policy enforcement.
• Familiarity with endpoint security frameworks (CIS Benchmarks, NIST, DISA STIGs) and patch management best practices.
• Excellent problem-solving, analytical, and written/verbal communication skills.

Core Competencies

• Mobile-First Mindset: Approaches endpoint strategy with mobile as a primary platform, not an afterthought.
• Security Orientation: Integrates security thinking into every aspect of device and application lifecycle management.
• Communication: Clearly conveys technical concepts to both technical and non-technical stakeholders; actively listens and collaborates.
• Customer Focus: Prioritizes end-user experience and business needs while maintaining security and compliance standards.
• Driving for Results: Sets measurable goals, pursues continuous improvement, and delivers outcomes with a sense of urgency.
• Positive Approach: Demonstrates a constructive attitude in challenging situations and inspires others with a forward-looking outlook.

#LI-NA1

Benefits

In addition to a rewarding career, Sprouts offers a comprehensive program to help support you and your family. These programs include:

• Competitive pay
• Sick time plan that you can use to support you or your immediate families health
• Vacation accrual plan
• Opportunities for career growth
• 15% discount for you and one other family member in your household on all purchases made at Sprouts
• Flexible schedules
• Employee Assistance Program (EAP)
• 401(K) Retirement savings plan with a generous company match
• Company paid life insurance
• Contests and appreciation events throughout the year full of prizes, food and fun!

Eligibility requirements may apply for the following benefits:

• Bonus based on company and/or individual performance
• Affor