Endpoint Engineering Architect
Company: Ryder System
Location: Lansing
Posted on: March 1, 2026
|
|
|
Job Description:
Job Seekers can review the Job Applicant Privacy Policy by
clicking here (http://ryder.com/job-applicant-privacy-policy) . Job
Description : Summary The Endpoint Engineering Architect is
hands-on position responsible for engineering, automating,
securing, and optimizing all end?user compute platforms including
laptops, desktops, thin clients, virtual desktops (AVD), and mobile
devices. This role works with the Endpoint Engineering team as a
technical lead to design and support the lifecycle
processes—imaging, provisioning, patching, configuration,
compliance, and monitoring—across Linux, Microsoft Windows, and
mobile OS platforms. The ideal candidate is deeply experienced in
modern endpoint management, virtualization (AVD), image
engineering, automated deployments, and mobility management,
bringing strong technical leadership and an automation-first
mindset. Essential Functions Endpoint Engineering & Platform
Management Architect, deploy, and support endpoint solutions across
Windows, Linux, macOS, Thin Clients, and Mobile Devices. Design,
maintain, and optimize standardized OS images for multiple device
types and deployment scenarios. Engineer and maintain automated
installation workflows including or equivalent to Autopilot, Tanium
Provisioning, XAVD provisioning via W365, AVD provisioning,
PXE-based imaging, and other automated onboarding methods. Maintain
and enhance patch management strategies (OS and application level)
across platforms ensuring compliance, stability, and security.
Manage endpoint configurations, policies, and compliance baselines
across solutions such as or equivalent to Microsoft Intune,
Workspace ONE / AirWatch, SOTI, or similar MDM/UEM platforms.
Administer virtual desktop infrastructures, particularly Azure
Virtual Desktop (AVD), ensuring performance, scale, security, and
user experience meet business needs. Automation, Tools &
Infrastructure Experience in developing automation scripts and
workflows using methods such as PowerShell, Bash, or JSON/REST
APIs, or similar tools to streamline endpoint management processes.
Integrate endpoint management platforms with cloud services, Azure
Storage, Active Directory / Azure AD, certificate services, and
identity/security tooling. Partner with security teams to implement
standards for device compliance, identity, secure configurations,
and hardening baselines. Engage in continuous improvement of device
provisioning, self-healing capabilities, app delivery, and user
experience. Engineering Ownership & Collaboration Serve as subject
matter expert (SME) for major endpoint technologies, providing
guidance to operations, service desk, and cross-functional teams.
Participate in roadmap planning for endpoint modernization,
including cloud-based provisioning, hybrid AD ? Azure AD Join
transitions, and modernization of group policy landscapes.
Contribute to vendor evaluations, hardware standards, and lifecycle
planning (device recycling, employee buyback programs, etc.).
Document engineering standards, technical designs, change control
procedures, and knowledge-base content. Occasional site visits to
view and evaluate technology usage on site maybe be requested for
new technology/customers. Additional Responsibilities Performs
other duties as assigned. Skills and Abilities E ndpoint
management, engineering, systems administration, or equivalent
technical role. Deep expertise in Windows OS engineering, including
imaging, MDM provisioning, GPO/Intune configuration, patching, and
troubleshooting. Strong experience with Linux endpoint management
(Ubuntu, RHEL, or other enterprise distros). Hands?on experience
with mobile device management (MDM/UEM) using tools or equivalents
to Workspace ONE / AirWatch, Intune, or SOTI. Strong proficiency in
automation (PowerShell, etc.) and modern deployment technologies.
Experience with Azure Virtual Desktop (AVD) engineering, scaling,
performance optimization, and image management. Strong
understanding of endpoint security concepts: compliance baselines,
conditional access, identity management, certificate-based
authentication, and vulnerability management. Solid knowledge of
networking, DNS, DHCP, VPN clients, and cloud identity (Azure AD /
Entra ID). Preferred Skills Experience in hybrid AD ? Azure AD
migration models and policy modernizations. Experience integrating
automation platforms with repositories such as Azure Storage or
package management ecosystems (WinGet, or similar tools).
Understanding of frontline-focused hardware (thin clients, low
resource devices). Familiarity with large?scale enterprise hardware
lifecycle processes (procurement ? deployment ? recycling). Azure
certifications: AZ?104, AZ?305, or specialty certifications in
virtual desktop or endpoint management are a plus. Experience with
DEX / enterprise monitoring and self-healing tooling (e.g., Tanium,
NEXthink, etc.) - preferred . Soft Skills Strong analytical,
troubleshooting, and problem-solving abilities. Excellent
communication with both technical and non?technical stakeholders.
Ability to work independently, manage multiple priorities, and
influence engineering decisions. Provide technical leadership and
assist fellow engineers on the Endpoint Engineering team.
Continuous improvement mindset with passion for automation and
efficiency. What This Role Enables Modern, consistent, scalable
endpoint experience across the enterprise. Reduced provisioning
time and improved user onboarding through automation and imaging
modernization. Increased endpoint reliability through strong
patching, compliance, and self-healing efforts. Support for
business initiatives through secure, high-performance end-user
computing platforms. Qualifications Bachelor's degree required
Computer science, systems analysis or a related study, or
equivalent experience Ten (10) years or more at least two IT
disciplines in a client/server or service-oriented architecture
(SOA) environment, including technical architecture, network
management, application development, middleware, database
management or operations. required Five (5) years or more Domain
architecture required SOA design and implementation advanced
required Software Development Life Cycle and Agile Development
advanced required Enterprise Application Integration advanced
preferred Travel: DOT Regulated: None Job Category: Application
Development, Delivery & Support Compensation Information : The
compensation offered to a candidate may be influenced by a variety
of factors, including the candidate’s relevant experience;
education, including relevant degrees or certifications; work
location; market data/ranges; internal equity; internal salary
ranges; etc. The position may also be eligible to receive an annual
bonus, commission, and/or long-term incentive plan based on the
level and/or type. Compensation ranges for the position are below:
Pay Type : Salaried Minimum Pay Range: $135,000.00 Maximum Pay
Range: $145,000.00 Benefits Information : For all Full-time
positions only : Ryder offers comprehensive health and welfare
benefits, to include medical, prescription, dental, vision, life
insurance and disability insurance options, as well as paid time
off for vacation, illness, bereavement, family and parental leave,
and a tax-advantaged 401(k) retirement savings plan. For more
information about benefits, click here
(https://ryder.icims.com/icims2/servlet/icims2?module=AppInert&action=download&id=4022345&hashed=256118533)
to download the comprehensive benefits summary. Ryder is proud to
be an Equal Opportunity Employer and Drug Free workplace. All
qualified applicants will receive consideration for employment
without regard to race, religion, color, national origin, sex,
sexual orientation, gender identity, age, status as a protected
veteran, among other things, or status as a qualified individual
with disability. Important Note : Some positions require additional
screening that may include employment and education verification;
motor vehicle records check and a road test; and/or badging or
background requirements of the customer to which you are assigned.
Security Notice for Applicants: Ryder will only communicate with an
applicant directly from a [@ryder.com] email address and will never
conduct an interview online through a chat type forum, messaging
app (such as WhatsApp or Telegram), or via an online questionnaire.
During an interview, Ryder will never ask for any form of payment
or banking details and will never solicit personal information
outside of the formal submitted application through
www.ryder.com/careers . Should you have any questions regarding the
application process or to verify the legitimacy of an interview or
Ryder representative, please contact Ryder at careers@ryder.com .
Current Employees : If you are a current employee at Ryder, please
click here (http://wd5.myworkday.com/ryder/d/task/1422$3.htmld) to
log in to Workday to apply using the internal application process.
Job Seekers can review the Job Applicant Privacy Policy by clicking
here (http://ryder.com/job-applicant-privacy-policy) . \wd
Keywords: Ryder System, Lansing , Endpoint Engineering Architect, IT / Software / Systems , Lansing, Michigan
