Lead Endpoint Engineer

About the Role

An Elite global Trading firm is seeking an experienced Endpoint Engineering Team Lead to guide a globally distributed team responsible for the design, deployment, and life cycle management of Windows and Mac endpoints across a high-velocity trading environment. You'll own the endpoint strategy and standards, ensure reliable configuration and patch management at scale, and partner closely with Security, Infrastructure, and Trading Operations to keep users productive and secure-24x7.

What You'll Do

Lead & Develop the Team

• Manage and mentor a global team of endpoint engineers (including APAC-based engineers), setting priorities, defining KPIs/SLAs, and driving continuous improvement.
• Own team ceremonies, backlog, and work intake; establish clear operational runbooks and escalation paths.

Endpoint Strategy & Operations

• Set standards for Windows and macOS endpoint configurations, baselines, hardening, and compliance.
• Oversee global patching, software distribution, and configuration management at scale (1,000+ endpoints).
• Manage the M365 client stack (Office apps, OneDrive, Teams), and general Active Directory tasks (GPOs, OU structure, device joins).

Tools & Automation

• Lead the use of Microsoft Configuration Manager (SCCM/ConfigMgr) and Microsoft Intune (including co-management, compliance, and device configuration profiles) for Windows endpoints.
• Oversee Jamf Pro (or similar) for macOS enrollment, policies, and package deployment.
• Drive PowerShell scripting standards for automation, reporting, health checks, and remediation at scale.

Reliability, Security & Compliance

• Partner with Security to enforce policies (BitLocker/FileVault, Defender, conditional access) and align with regulatory requirements.
• Maintain inventory accuracy, software license governance, and endpoint telemetry/observability.
• Own incident response and problem management for endpoint-related events impacting traders and critical staff.

Stakeholder & Vendor Management

• Collaborate with Service Desk, Infra, and Trading Ops to meet desk-side SLAs and minimize trading disruption.
• Manage vendor relationships and evaluate new tools/solutions to improve endpoint performance and experience.

Required Qualifications

• 3-5 years of experience leading an endpoint engineering or EUC team; strong plus if the team was globally distributed.
• Proven experience managing both Windows and Mac endpoints in an enterprise environment.
• Hands-on expertise with Configuration Manager (SCCM/ConfigMgr) and Intune for Windows endpoint management (including co-management scenarios).
• PowerShell proficiency for automation, configuration, and reporting.
• Practical experience with macOS management tools such as Jamf Pro (or equivalent).
• Experience managing at least 1,000 endpoints concurrently.
• Familiarity with the M365 client ecosystem (Office, Teams, OneDrive) and general AD administration (GPOs, device life cycle).
• Strong communication skills; able to translate technical topics for business stakeholders and drive decisions quickly.
• Openness to working outside core US business hours when needed to support/lead APAC-based engineers and global change windows.

Preferred/Bonus

• Experience in trading/financial services or other low-latency, high-availability environments.
• Exposure to Conditional Access, Defender for Endpoint, Entra ID (Azure AD), Autopilot, and modern provisioning.
• Experience with macOS security baselines, FileVault at scale, notarization/signing, and Apple Business Manager.
• Familiarity with ITIL practices (incident, change, problem) and SRE/observability principles for endpoints.
• Comfortable with data-driven decision-making using endpoint telemetry (SCCM/Intune reports, Jamf dashboards, custom scripts)

This is an onsite role in the firms Chicago office.