🌍 Location: Fully Remote
📝 Engagement: Full-Time
⏰ Working Hours: Standard EST Business Hours
💰 Compensation: Competitive & Negotiable + 20 PTOs
💡 About Zazz
At Zazz.io, we build world-class custom digital solutions that power innovation across industries. With over 763 successful application releases, we’ve partnered with startups, Fortune 500 companies, and government agencies to deliver cutting-edge products in healthcare, finance, e-commerce, and entertainment.
Our mission is simple: turn bold ideas into impactful digital experiences.
🔐 The Opportunity
The L2 Endpoint Engineer plays a critical role in managing and securing client endpoints across Windows and macOS platforms. This role focuses on Microsoft 365 administration, Intune-based device management, security baseline enforcement, patching, backup integration (Acronis + Axcient), and maintaining compliance posture through NinjaOne and Microsoft tools. L2 acts as the primary operational layer between L1 support and L3/Technical Leads.
⚡ What You’ll Do
Microsoft 365 Administration
- Manage and maintain M365 tenants including Exchange Online, Intune, Defender for Endpoint, and Compliance Center.
- Configure Autopilot enrollment, device provisioning profiles, compliance policies, and Conditional Access to support Zero Trust enforcement.
- Manage and monitor Defender for Endpoint security baselines, including EDR, ASR rules, and DLP configurations.
Endpoint Security & Management
- Deploy and manage Acronis Cyber Protect agents on endpoints for patching, anti-malware, vulnerability scanning, and backups.
- Manage OS and 3rd-party application patching through NinjaOne and Acronis patching engines, ensuring compliance with MSP patching SLAs.
- Deploy and monitor Sophos and Huntress agents, ensuring telemetry is active and alerts are triaged/escalated properly.
- Manage macOS devices (via Kandji/Jamf or Intune), applying equivalent baseline and security policies where applicable.
Application & Policy Management
- Create and manage application deployment catalogs via Intune and NinjaOne for common productivity/security apps.
- Maintain device grouping, tagging, and policy assignments in NinjaOne & Intune for structured device management.
Automation & Remediation
- Develop and maintain PowerShell scripts for configuration, remediation, reporting, and repetitive tasks.
- Automate baseline enforcement using NinjaOne workflows and Intune scripts.
Compliance & Reporting
- Support HIPAA/SOC 2/GDPR compliance by ensuring devices meet encryption, patching, and baseline requirements.
- Assist vCIO and Security teams with device compliance reporting, Acronis vulnerability summaries, and DLP enforcement checks.
Onboarding & Documentation
- Perform structured endpoint onboarding including RMM, Intune, Acronis, Defender, and backup configuration.
- Maintain accurate and detailed endpoint documentation for each client in the centralized knowledge base (e.g., Hudu/Confluence).
- Escalate unresolved endpoint issues to Technical Lead or Security Consultant with complete RCA notes.
🛠 What You Bring
- 4–7 years of experience in endpoint and M365 administration in MSP or enterprise environments.
- Advanced Intune configuration: Autopilot, compliance policies, Conditional Access, Defender baselines.
- Hands-on experience with Acronis Cyber Protect endpoint modules (backup, patching, vulnerability).
- Strong understanding of Defender for Endpoint configuration, DLP, and attack surface reduction.
- Proficiency with NinjaOne policies, device grouping, and workflows.
- Strong scripting skills (PowerShell, remediation, and automation scenarios).
- Exposure to macOS device management.
- Ability to interpret compliance/security requirements and apply to endpoint policies (HIPAA, SOC 2, GDPR).
- Strong documentation discipline and structured troubleshooting approach.
Tools & Platforms
- Productivity & Identity: Microsoft 365 E3/E5, Intune, Entra ID, Defender for Endpoint, Compliance Center
- RMM: NinjaOne (policy enforcement, patching, automation)
- Backup & Security: Acronis Cyber Protect, Axcient, Sophos XDR/MDR, Huntress
- Apple MDM: Kandji / Jamf / Intune (as applicable)
- Automation: PowerShell, Intune scripting, NinjaOne workflows
💜 Why You’ll Love Working Here
- Be part of a remote-first, collaborative, high-performing team
- Lead innovative security projects for top-tier global clients
- Enjoy a culture that values your voice, ideas, and career growth
