Endpoint Engineer - Factory Systems

Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century’s most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril’s family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years. About the Role We're looking for an experienced Endpoint Engineer to join our team and take ownership of our device management ecosystem across multiple platforms. You'll design, implement, and maintain scalable endpoint management solutions that keep our fleet secure, compliant, and running smoothly. A core focus of this role is building and managing the systems that power our factory floor operations, ensuring reliability, security, and ease of deployment in demanding industrial environments. Working at the intersection of IT operations, security, and manufacturing, you'll make a direct impact on the productivity and security posture of the entire organization. What You'll Do Architect, deploy, and manage endpoint solutions across Windows, Android, and iOS devices at scale Design, build, and maintain kiosk systems for factory floor environments, including lockdown configurations, automated provisioning, remote management, and high-availability deployment strategies Partner with manufacturing and operations teams to deliver purpose-built endpoint solutions that meet the demands of industrial environments Administer and optimize MDM platforms (Intune, Workspace ONE, Fleet DM) to enforce configuration and security baselines Design and implement modern Windows configuration management using OMA-DM, Desired State Configuration (DSC), and cloud-native policy frameworks for large device fleets Develop automation and tooling using PowerShell, Python, Bash, or Go to streamline endpoint operations Integrate endpoint systems management with internal and third-party tools via APIs Lead CVE remediation efforts, including vulnerability identification, patching strategies, and compliance reporting Apply and maintain security hardening standards such as DISA STIGs or CIS Benchmarks across the endpoint fleet Partner with Security, IT, and Engineering teams to define and enforce device security policies Troubleshoot complex endpoint issues and provide escalation support for device management challenges Document standards, processes, and runbooks to enable operational excellence Required Qualifications 3–5 years of professional experience as an Endpoint Engineer, Systems Administrator, or Client Platform Engineer. Proven experience managing MDM platforms such as Intune, Workspace ONE, or Fleet DM Strong expertise in Windows device management at enterprise scale, including modern management approaches Demonstrated experience building, deploying, and managing workstations and mission-specific kiosk systems, ideally in factory, manufacturing, warehouse, or other industrial/operational environments Hands-on experience with Android device management Proficiency with PowerShell, MDM, OMA-DM protocols, and modern device configuration management. Demonstrated experience with large-scale Windows configuration management using MDM/OMA-DM, PowerShell DSC, and MDM policy enforcement Experience driving CVE remediation and vulnerability management programs Hands-on experience applying DISA STIGs or CIS Benchmarks for system hardening and compliance Ability to work with APIs using at least one scripting language (PowerShell, Python, Go, or Bash) Experience in packaging and deploying complex software solutions for Windows environments Strong troubleshooting skills and a systematic approach to problem-solving Excellent written and verbal communication skills Preferred Qualifications / Nice To Have Experience with Bash scripting and Linux systems management Hands-on experience with Jamf Pro Thin client experience with platforms such as ThinOS, IGEL, or 10ZiG Experience with Zebra device management Exposure to OT/manufacturing line endpoints and integration with production systems. Familiarity with Zero Trust principles and modern endpoint security frameworks Experience working with Desired State Configuration (DSC) Experience with Infrastructure-as-Code tools (Terraform, Ansible, Salt Project) for endpoint configuration  US Salary Range$129,000—$171,000 USD The salary range for this role is an estimate based on a wide range of compensation factors, inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience, education and/or training, critical skills, and/or business considerations. Highly competitive equity grants are included in the majority of full time offers; and are considered part of Anduril's total compensation package. Additionally, Anduril offers top-tier benefits for full-time employees, including:    Benefits At Anduril, we invest in our people. Our comprehensive, competitive benefits package (available at little to no cost to employees) ensures you’re supported in health, recovery, and whatever comes next. For more information, https://www.anduril.com/careers.   Protecting Yourself from Recruitment Scams Anduril is committed to maintaining the integrity of our Talent acquisition process and the security of our candidates. We've observed a rise in sophisticated phishing and fraudulent schemes where individuals impersonate Anduril representatives, luring job seekers with false interviews or job offers. These scammers often attempt to extract payment or sensitive personal information. To ensure your safety and help you navigate your job search with confidence, please keep the following critical points in mind: No Financial Requests: Anduril will never solicit payment or demand personal financial details (such as banking information, credit card numbers, or social security numbers) at any stage of our hiring process. Our legitimate recruitment is entirely free for candidates. Please always verify communications: Direct from Anduril: If you receive an email from one of our recruiters, it will only come from an @anduril.com address. Via Agency Partner: If contacted by a recruiting agency for an Anduril role, their email will clearly identify their agency. If you suspect any suspicious activity, please verify the agency's authenticity by reaching out to mailto:contact@anduril.com.  Exercise Caution with Unsolicited Outreach: If you receive any communication that appears suspicious, contains grammatical errors, or makes unusual requests, do not engage. Always confirm the sender's email domain is @anduril.com before providing any personal information or clicking on links. What to Do If You Suspect Fraud: Should you encounter any questionable or fraudulent outreach claiming to be from Anduril, please report it immediately to mailto:contact@anduril.com. Your proactive caution is invaluable in protecting your personal information and upholding the security and trustworthiness of our recruitment efforts.   Data Privacy To view Anduril's candidate data privacy policy, please visit https://anduril.com/applicant-privacy-notice/.    By submitting your application, you consent to Anduril Industries using a third-party service provider to conduct pre-employment risk, integrity, and due diligence screening and assessing potential risks as part of your application process. This third-party service provider provides risk-intelligence services that may include analysis of sanctions and watchlists, adverse media, public-record information, and other lawful open-source or commercial data sources. This third-party service provider does not act as a consumer reporting agency. Use of this provider helps to ensure compliance with applicable laws and protect technology, intellectual property, and organizational security. Offices: Costa Mesa, California, United States (Costa Mesa, CA (HQ));