We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Kraft Group LLC jobs

Endpoint Architect

Kraft Group LLC
United States, Massachusetts, Foxborough
May 01, 2025
Job Details
Job Location
Kraft Group - Foxborough, MA
Position Type
Full Time
Education Level
Bachelor's
 
Job Shift
Day
Job Category
Technical/Analytics
Description

SUMMARY:

The Endpoint Architect will own endpoint strategic planning & architecture development, systems engineering, script development, application and OS deployment, operations & maintenance of user endpoints, remediating endpoint vulnerabilities, and developing a modern application management approach. This role plays a critical role in modernizing and securing the organization's endpoint environment which consists of 2k endpoints.

The role supports all TKG companies, including but not limited to TKG (Gillette Stadium Campus Companies), RWG, RWCB and residential locations. This position will also be part of the Systems Administration team that supports infrastructure servers, Active Directory, and O365, as well as the associated applications and tool sets.

DUTIES AND RESPONSIBILITIES



  1. Endpoint Management & Operations

    • Develop the strategy and architecture of endpoint management systems for the organization.
    • Develop and execute security enhancements for endpoint management platforms like SCCM, Intune, and PatchMyPC, focusing on reducing technical debt.
    • Provide situational awareness on the threat landscape and take a leadership role in defining and implementing the techniques, tactics, and procedures associated with those threats. Analyze platform (SCCM, Intune, and PatchMyPC) errors and warnings and design/implement remediations. Develop goals related to endpoint vulnerability management and compliance.
    • Serve as a core member and trusted subject matter expert, collaborating on decisions and actions related to remediating vulnerabilities.
    • Independently research, test, and implement Automatic Deployment Rules (ADRs) for browsers, Adobe, and other third-party tools.


  2. Migration and Consolidation

    • Plan and execute the integration of Intune with existing SCCM infrastructure.
    • Evaluate legacy GPO and Intune policies for effectiveness and efficiency. Develop new policies and/or revisions to address policy gaps as appropriate.
    • Streamline the organization's application landscape by consolidating and packaging applications.


  3. Development, Deployment, and Customization

    • Rearchitect application packaging and deployment processes to include ensuring that only approved applications are installed on endpoints.
    • Develop scripts for solution deployment and vulnerability remediation.
    • Package, test, deploy, and support new applications, updates, and operating systems in compliance with TKG technology standards, ensuring compatibility with existing services.
    • Design and implement policies in Intune and GPO to harden endpoints and streamline management.


  4. Escalation and Troubleshooting

    • Identify and escalate concerns to Sr. Management regarding endpoint security deficiencies or enhancements that need to be addressed.
    • Partner with teammates and IT teams to test and resolve deployment or policy-related issues with an emphasis on creating a stable, secure and optimized endpoint environment for the organization.
    • Provide advanced technical support to resolve complex issues related to operating systems, endpoint applications, and images.
    • Utilize scripting and deployment expertise to address widespread endpoint issues


  5. Other Duties Special projects and assignments as business dictates including but not limited to

    • Plan, implement, and ensure regular systems maintenance tasks such as endpoint patching and server reboot schedules
    • Active Directory management and administration for users, groups, and other objects in AD.
    • Support of Okta, single sign on/multi-factor solution/remote access solutions.
    • Ticket queue management and problem resolution.
    • Required to participate in on-call (after-hours) support rotation and to participate in onsite stadium event support rotation (concerts, football games, soccer games, etc.)
    • Responsible for the creation, maintenance and control of all personally identifiable information or any other information protected by Confidentiality and Privacy Standards (see Mass Regulations on Personal Identity Regulations and HIPAA).





SUPERVISORY RESPONSIBILITIES



  • This position has no supervisory responsibilities



SKILLS AND QUALIFICATIONS



  • Bachelor's degree in information technology or relevant experience
  • 7+ years of experience managing enterprise endpoints on a large scale (1000+ clients).
  • Strong experience with Windows Server, Active Directory, GPO, and DNS
  • Experience creating and updating Windows 10/11 desktop Images.
  • Well versed in windows scripting (PowerShell, VBS)
  • Strong experience with SCCM, and Intune
  • Experience with patch management software (PatchMyPC, SolarWinds, etc)
  • Experience with Exchange Online, Office365, MS Teams, Azure AD and various cloud technologies
  • Experience creating deploying, and managing policies and software packages using products such as Intune and SCCM
  • Knowledge of MSI packages, including distribution, customization via transforms. (InstallShield Admin Studio experience preferred)
  • Experience with VMWare, O365, and Okta SSO
  • Strong oral, written, and interpersonal communication skills.
  • Strong documentation skills.



PHYSICAL DEMANDS



  • Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.



WORK ENVIRONMENT



  • The noise level in the work environment is usually moderate
  • Fast-paced office environment
  • Working hours may vary with the demands of the business, projects, and event schedules throughout the year.
  • Periodic on-call coverage.



CERTIFICATES, LICENSES, REGISTRATIONS



  • None required.



OTHER DUTIES

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

This company is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.

#LI-KG


Applied = 0
MORE JOBS LIKE THIS

(web-94d49cc66-c7mnv)