IT Endpoint Engineer at Halcyon

Offer summary

Qualifications:

3+ years managing enterprise macOS and Windows endpoints in a remote-first organization., Proficiency with Jamf Pro, Microsoft Intune, or equivalent MDM/UEM platforms., Experience with scripting for automation using Bash, Python, or PowerShell., Deep understanding of endpoint security best practices and compliance policies..

Key responsibilities:

Lead the provisioning, configuration, and security of user endpoints across macOS, Windows, and Linux devices.

Develop and maintain zero-touch deployment workflows and enforce EOL/refresh cycles.

Work closely with security to align endpoints with CIS/NIST benchmarks and remediate non-compliant devices.

Build scripts and policies to automate provisioning and optimize workflows through various scripting tools.

Job description

What we do:
Halcyon is the industry’s first dedicated, adaptive security platform that combines multiple proprietary advanced prevention engines along with AI models focused specifically on stopping ransomware.

Who we are:
Halcyon was formed in 2021 by a team of cyber industry veterans after battling the scourge of ransomware (and advanced threats) for years at some of the largest global security vendors. Comprised of leaders from Cylance (now Blackberry), Accuvant (now Optiv), Fireye and ISS X-Force (now IBM), Halcyon is focused on building products and solutions for mid-market and enterprise customers.

As a remote-native, completely distributed global team, we recognize great talent can exist anywhere. We invite you to apply to a job you’re interested in and we'll work a plan to meet your needs.

The Role:

We’re seeking a skilled IT Endpoint Engineer to lead the provisioning, configuration, and security of user endpoints across macOS, Windows, and Linux devices. You’ll define and automate standards for OS hardening, zero-touch deployments, patching, telemetry, and compliance at scale. This hands-on role blends engineering and strategy to support a secure, seamless experience for our global, remote-first workforce.

Responsibilities:

Endpoint Lifecycle Management
- Develop and maintain zero-touch deployment workflows (MDM)
- Define baseline configuration profiles, packages, and OS policies for fleet consistency
- Manage inventory, device health metrics, and enforce EOL/refresh cycles
Security & Compliance
- Work closely with security to align endpoints with CIS/NIST benchmarks
- Implement and monitor full disk encryption, OS patch compliance, antivirus/EDR
- Remediate misconfigurations or non-compliant devices using policy-based enforcement and scripts
Tooling & Automation
- Build scripts and policies to automate provisioning, updates, and configuration drift remediation
- Integrate endpoint telemetry with SIEM, EDR platforms
- Optimize workflows through tools such as PowerShell, Python, or Swift scripting
Collaboration & Support
- Partner with IT and Security to define escalation workflows and handle complex endpoint escalations
- Contribute to internal IT documentation and runbooks
- Evaluate new tools and lead pilots for endpoint-related platforms

Skills and Qualifications:

3+ years managing enterprise macOS and Windows endpoints at scale in a remote-first org
Proficiency with Jamf Pro, Microsoft Intune, or equivalent MDM/UEM platforms
Experience with scripting for automation (Bash, Python, PowerShell)
Deep understanding of endpoint security best practices (e.g., device trust, compliance policies, patch management)
Familiarity with conditional access policies, identity federation
Experience enforcing endpoint compliance in Zero Trust architectures

Bonus Skills and Qualifications:

Experience with EDR/XDR tools
Exposure to vulnerability management platforms or asset inventory integrations
Working knowledge of Splunk, Jira, and Microsoft 365 Admin Center
Previous experience working in a security-forward or regulated environment (SOC 2, FedRAMP, etc.)

Benefits:

Halcyon offers the following benefits to eligible employees:

Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents
401k plan with a generous employer contribution.
Short and long-term disability coverage, basic life and AD&D insurance plans.
Medical and dependent care FSA options.
Flexible PTO policy.
Parental leave.
Generous equity offering.

The Company reserves the right to modify or change these benefits programs at any time, with or without notice.

Base Salary Range: $110,000 - 140,000

In accordance with applicable state and federal laws, the range provided is Halcyon’s reasonable estimate of the base compensation for this role. The actual amount may differ based on non-discriminatory factors such as experience, knowledge, skills, abilities, and location. Base pay is one part of the total package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and equity in the Company.

We understand it takes a diverse team of highly intelligent, passionate, curious, and creative people to develop the exceptional product we are building. Our dynamic team has incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity employer.

Required profile