Job Description

Team Overview

The Workplace Engineering organization is responsible for the design, delivery, and operation of the firm’s endpoint and device management platforms, supporting physical, virtual, and cloud‑hosted desktops across the digital workplace.

The Endpoint Management Platform function owns the strategy and execution for modern device management, including the transformation from legacy client management tools to cloud‑based, MDM‑driven architectures This function works closely with Security Engineering, Technology Risk, Compliance, and Audit teams to ensure endpoint management solutions are secure, scalable, and compliant by design.

We are seeking an Intune Platform Lead to own the engineering strategy, migration execution, and operational design for the firm’s modern endpoint management platform.

This role has primary responsibility for leading the migration from legacy device management (e.g., on‑premise client management, GPO‑centric models) to modern MDM‑based management, while ensuring continuity of service, security control coverage, and audit readiness.

The role sits at the intersection of platform engineering, endpoint security, and technology risk governance, and requires deep experience designing cloud‑native management patterns, defining policy baselines, and operating at enterprise scale

Job Responsibilities Platform Ownership & Strategy

• Own the endpoint management platform strategy, with a clear roadmap for:
  • Migrating from legacy client management tooling
  • Adopting MDM‑centric, cloud‑managed device models
  • Reducing dependency on traditional imaging, GPOs, and on‑prem infrastructure
• Define target‑state architectures for modern endpoint management across physical, virtual, and cloud desktop environments
• Establish standards for policy, configuration, and device lifecycle management

Legacy to Modern Management Migration

• Lead enterprise‑scale migration from:
  • Legacy client management platforms
  • GPO‑heavy configuration models
  • Image‑based provisioning and task‑sequence workflows
    
    to
  • Policy‑driven, MDM‑managed device models
• Define and execute co‑management and transition strategies, including:
  • Workload segmentation
  • Phased cutover approaches
  • Dependency and risk management
• Partner with application, security, and platform teams to modernize device and app management patterns

Policy, Configuration & Baselines

• Design and maintain:
  • Endpoint configuration baselines
  • Compliance and posture policies
  • Update and patch management strategies
• Ensure consistency and enforcement across:
  • Corporate‑owned devices
  • Virtual and cloud‑hosted desktops
  • Remote and hybrid workforce scenarios
• Balance security, usability, and operational scalability

Security, Risk & Governance Alignment

• Partner closely with Technology Risk, Security Engineering, and Audit teams to:
  • Support security design and architecture reviews
  • Demonstrate control coverage and enforcement through platform capabilities
  • Address risk findings related to device management, configuration drift, and endpoint posture
• Ensure the platform supports defensible controls, including device trust, access enforcement, and policy compliance
• Produce and maintain architecture diagrams, control narratives, and audit evidence

Operational Excellence

• Define platform operating models, including:
  • Role‑based administration
  • Change and release processes
  • Monitoring and troubleshooting practices
• Drive automation for device provisioning, configuration deployment, and compliance reporting
• Act as escalation point for complex endpoint management issues

Stakeholder & Engineering Leadership

• Serve as the technical authority for endpoint management across Workplace Engineering
• Guide and mentor engineers working on device and endpoint management
• Communicate clearly with:
  • Workplace Engineering leadership
  • Security and Risk stakeholders
  • Application and infrastructure teams

Basic Qualifications

• 6–12 years of experience in endpoint management, workplace engineering, or platform engineering
• Significant hands‑on experience with enterprise‑scale device management, including legacy client management platforms and modern MDM models
• Proven experience leading or contributing to large‑scale migrations from legacy to modern endpoint management
• Strong understanding of:
  • Windows device lifecycle management
  • Policy‑based configuration models
  • Update, patch, and compliance enforcement
• Experience working in regulated environments with formal risk, audit, and governance processes
• Strong documentation and communication skills

Preferred Qualifications

• Deep experience designing cloud‑native endpoint management architectures
• Strong understanding of:
  • Identity‑centric and zero trust endpoint models
  • Security baseline enforcement and configuration compliance
  • Endpoint telemetry and health reporting
• Experience operating endpoint platforms supporting:
  • Cloud desktops
  • Virtual desktops
  • Hybrid enterprise environments
• Ability to navigate complex organizational change where legacy tooling is deeply embedded

What Success Looks Like

• Legacy client management dependencies are systematically reduced and retired
• Endpoint management is policy‑driven, cloud‑first, and scalable
• Security and Technology Risk teams have confidence in control enforcement and visibility
• Device management is simpler, more consistent, and easier to audit
• Engineers and end users experience predictable, reliable device behavior.

ABOUT GOLDMAN SACHS

At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world.

We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers.

We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html
© The Goldman Sachs Group, Inc., 2023. All rights reserved.
Goldman Sachs is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, national origin, age, veterans status, disability, or any other characteristic protected by applicable law.