← All Jobs
Posted Apr 3, 2026

Endpoint Engineer - UEM & Packaging

Apply Now ✨
Position Summary ProAmpac, a nearly $5 billion packaging company, is seeking an Endpoint Engineer to join our Cloud & Digital Workplace Services team. This is a 100% remote, hands-on engineering role not a helpdesk position. You will own our enterprise Unified Endpoint Management (UEM) platform (ManageEngine Endpoint Central), the application packaging library, and the Windows server OS patching program across a large, rapidly growing fleet. ProAmpac is scaling through acquisition, scaling rapidly through acquisition across a large and growing number of manufacturing sites. You will be packaging legacy and modern applications from acquired companies, managing patch compliance across a large and rapidly growing server estate, and driving endpoint standards across the environment. Your counterpart on the team owns Intune and mobility both engineers cross-train on each other's primary platforms for full coverage.   What You'll Do ManageEngine Endpoint Central UEM — Primary Platform - Administer Endpoint Central as the primary owner across all managed Windows desktops and servers: device enrollment, configuration policy, software deployment, remote control, and compliance reporting. - Monitor endpoint health, agent connectivity, and policy compliance at scale; investigate and resolve drift and non-compliance. - Manage BIOS and firmware update testing and staged rollout; administer high-risk and outdated software remediation within defined SLAs. Application Packaging & Deployment - Own the enterprise application packaging library: build, test, version, and maintain deployment-ready packages for all managed software. - Package applications in MSI, MSIX, IntuneWin, and scripted EXE silent wrapper formats; collaborate with vendors to obtain silent install parameters and resolve compatibility issues. - Deploy applications via Endpoint Central and Intune; manage targeting, scheduling, and deployment rings to minimize user disruption. - Establish and document packaging standards, testing procedures, and naming conventions. - Support legacy application compatibility testing during OS upgrades and desktop refresh cycles. OS Patch Management - Own the Windows server OS patching program via Endpoint Central across a large and rapidly growing server estate: maintenance windows, patch rings, and deployment schedules. - Coordinate patching schedules with Cloud Platform and Networking teams; monitor compliance and remediate failures within SLA. - Track exceptions, escalate unresolved vulnerabilities, and support desktop OS patching. Windows Desktop Lifecycle Management - Manage the Windows workstation lifecycle from provisioning through retirement; coordinate hardware refresh cycles with procurement and the Service Desk. - Support new workstation deployments with your Intune counterpart; ensure devices are enrolled, compliant, and configured before user handoff. Endpoint Security Configuration - Deploy and maintain endpoint security agents, encryption policy and key escrow, local administrator password management, and device control policies across managed devices. - Apply and maintain endpoint hardening baselines across Windows platforms; coordinate with InfoSec on gap remediation. Digital Signage — Skykit - Support management of the enterprise digital signage platform (Skykit): device enrollment, content policy, and operational support across ProAmpac sites. Asset Management - Own endpoint asset data quality in Lansweeper; drive asset management process adherence by the Service Desk and maintain accurate lifecycle records. Microsoft Intune — Cross-Training Coverage - Maintain working proficiency in Intune to cover your counterpart during absences; assist with package deployment, compliance troubleshooting, and Autopilot support as needed. Documentation & On-Call - Create and maintain runbooks, SOPs, and change records in ServiceDesk Plus; participate in the Change Advisory Board (CAB). - Participate in the Endpoint Engineering on-call rotation (~20% of the time) and provide Tier 2/3 escalation support.   What You'll Bring - 3–5 years of enterprise endpoint engineering or systems administration experience focused on UEM or desktop/server management platforms. - Hands-on experience with ManageEngine Endpoint Central, Microsoft SCCM/MECM, or a comparable enterprise UEM platform at scale. - Strong application packaging experience: MSI, MSIX, and scripted silent-install deployments; ability to build and troubleshoot packages independently. - Solid Windows Server OS patch management experience in an enterprise environment with a large server footprint. - Working knowledge of Microsoft Intune for Windows device management and application deployment. - Proficiency in PowerShell scripting for automation, reporting, and bulk remediation. - Experience with encryption management, local administrator password management, and endpoint hardening baseline configuration. - Strong troubleshooting skills across Windows 10/11 desktop and server environments. - Self-motivated, detail-oriented, and able to manage concurrent tasks independently. - Bachelor's degree in Information Technology, Computer Science, or a related field, or equivalent work experience. - Preferred: Microsoft MD-102 (Endpoint Administrator Associate) certification or actively working toward it. - Preferred: experience with enterprise application packaging or repackaging tools (e.g., PACE Suite, InstallShield, or equivalent). - Preferred: familiarity with IGEL OS or thin client management platforms. - Preferred: experience supporting manufacturing or multi-site industrial environments.   Why ProAmpac   - Join a nearly $5 billion packaging company scaling rapidly through acquisition with a major infrastructure modernization underway. - Own a packaging practice and server patching program that will scale dramatically, this is a build role, not a maintain role. - Clear path for skill development as our environment grows, you will work on real scale, not a stable steady-state environment. - Professional development support including training and certification opportunities.   Location and Work Arrangement This is a 100% remote position. Candidates must be based in the United States and able to work during US business hours. Eastern or Central time zones are preferred for team collaboration. Travel: This position may require occasional travel (up to 20%) for site support and team meetings.   Additional Information This role includes participation in a rotating on-call schedule to support endpoint infrastructure. Escalations for service-impacting issues may occur outside standard business hours (8am–6pm). ProAmpac is an equal opportunity employer and does not discriminate on the basis of any characteristic protected by applicable law. EEO – M/F/Disability/Vets To apply, please submit your resume and cover letter.     #CORP
Apply Now ✨

More Remote Jobs

Senior Product Manager, PrivacyMar 30, 2026**Experienced Full Stack Supervisor, Starlink Customer Support - Overnight**Apr 3, 2026Advisor Tech Services ProfessionalApr 8, 2026Part-Time Psychiatric Mental Health Nurse Practitioner -Autonomous PracticeApr 11, 2026[Remote] Financial AnalystApr 10, 2026(RN) Nurse Case Manager - Evernorth Health Services -RemoteFeb 23, 2026**Experienced Social Media Content Creator & Manager – TikTok & Instagram Account Growth Specialist**Apr 12, 2026Executive Presentation Designer (C‑Suite Level)Apr 5, 2026Plaintiff Employment Law Attorney RemoteApr 12, 2026Digital Marketing SpecialistApr 11, 2026Virtual Customer and Sales Development Rep-No Experience!Apr 11, 2026Key Account Manager/ ULTA / NordstromApr 4, 2026Director, Platform Product Management - Sophia LearningMar 31, 2026AWS Sales Specialist, Federal Systems Intregrators (US)Apr 11, 2026**Experienced Full Stack Data Entry and Virtual Assistant – Remote Office Support**Apr 8, 2026