Endpoint Management Specialist

Duration: 6 months with possibility of extension

Location: Remote in LATAM

Objective of the Department

The Information Technology Services Department (ITS) provides leadership and direction in the deployment of information and communication technologies and systems to support the Pan American Health Organization/Regional Office of the Americas of the World Health Organization (PAHO/WHO) in carrying out its mandate. ITS establishes and maintains strategies, policies, standards and procedures to ensure the effective and efficient provision of information and communication services in a geographically dispersed environment.

Purpose of the consultancy

The Pan American Health Organization (PAHO) is looking for an information technology professional to collaborate in the management and security of corporate endpoint devices. This includes computers (physical/virtual) and mobile devices, ensuring they are configured, maintained, and protected against threats. This professional is responsible for various tasks, including deploying applications, managing security policies, and troubleshooting issues related to endpoints. 

Responsibilities:

The Endpoint Management Specialist is responsible for the following:

• Analyze, design, implement, maintain, and document endpoint management solutions based on Microsoft Intune.
• Lead the migration process from existing endpoint management solution based on SCCM to Intune.
• Collaborate in the decommission of the On-premises SCCM infrastructure.
• Support device lifecycle including provisioning, configuration, patching, and decommissioning.
• Coordinate and enforce endpoint security policies and compliance baselines.
• Automate endpoint tasks using scripting (e.g., PowerShell, Bash).
• Develop and deploy PowerShell scripts for automation and policy enforcement
• Monitor and report on endpoint health, compliance, and performance.
• Provide Tier 2/3 support for endpoint-related incidents and requests.
• Collaborate with security, networking, and helpdesk teams to ensure seamless endpoint operations.
• Participate in audits and ensure compliance with internal and external regulations.
• Configure and support Intune Autopilot for zero-touch provisioning when applicable.
• Set up application deployment and update strategies via Intune.

Qualifications 

Education & Experience

• Bachelor’s degree in computer science, Information Technology, or a related field (or equivalent experience).
• 5+ years of experience in IT infrastructure, systems administration, or endpoint management.
• Proven experience with Microsoft Endpoint Manager (co-management), Microsoft Intune and SCCM.
• Experience managing Windows, macOS, iOS, and Android devices in multilingual enterprise environments.

Technical Skills

• Microsoft Endpoint Manager / Intune / SCCM: Device enrollment, compliance policies, configuration profiles, app deployment, Autopilot, Co-management.
• Microsoft Entra-ID: Conditional Access, identity and access management.
• PowerShell scripting: Automation of device management tasks.
• Windows Autopilot: Zero-touch provisioning and deployment.
• Microsoft Defender for Endpoint: Integration and policy management.
• Mobile Device Management (MDM) and Mobile Application Management (MAM) concepts.
• Familiarity with Group Policy, Active Directory, and hybrid environments.
• Knowledge of networking fundamentals, VPN, and security baselines.
• Azure VDI and/or Windows 365 deployment and management are desirable.
• Endpoints vulnerability remediation.

Requirements

• Proficiency in:
  • Microsoft Intune: Device enrollment, compliance policies, configuration profiles, applications and personalization’s deployments
  • Windows Autopilot: Zero-touch provisioning.
  • PowerShell scripting: For automation and policy enforcement.
  • Entra-ID: Conditional Access, identity governance.
  • Microsoft Defender for Endpoint: Integration and policy configuration.
  • Group Policy Objects (GPOs)
  • Mobile Device Management (MDM) and Mobile Application Management (MAM)
  • Endpoint security and compliance standards
  • VPN, Wi-Fi, and network configuration for endpoints.

Work Schedule

Full time Off-Site (remotely in LATAM)

Language skills

• Fluency in English
• Desirable: working knowledge of Spanish