Thank you for considering IT Concepts dba Kentro, where innovation drives opportunity and collaboration leads to success. Our dynamic community of experts is fully committed to advancing our customers' missions, fostering professional growth, and making a positive impact on our communities.                                           

By joining our supportive community, you will find that Kentro is dedicated to your personal and professional development. Together, we can drive meaningful change, spark innovation, and achieve extraordinary milestones.

Kentro is seeking a seasoned Endpoint Engineering Solutions Architect (EESA) to support our government customer under the VA-ESOM (Endpoint Support and Operations Monitoring) contract and serve as a trusted advisor across the customer’s national endpoint ecosystem. In this role, you will translate emerging endpoint technologies into practical roadmaps, lead complex solution engagements, and provide expert guidance across all areas of endpoint engineering. This includes an Enterprise Printing initiative, device lifecycle strategy, UEM platforms, security standards, and cross‑platform architecture.

Role Overview

The EESA serves as a strategic technical advisor responsible for aligning enterprise endpoint engineering initiatives with operational priorities, modernization objectives, and long-term architectural direction. This role bridges executive strategy and technical execution by guiding technical sequencing, dependency management, risk assessment, and enterprise decision-making across complex endpoint initiatives. The EESA also provides technical guidance on scripting, automation, and scalable configuration management for a growing and diverse device ecosystem.

Working closely with government stakeholders, the EESA evaluates technical feasibility, shapes architectural direction, and ensures best‑practice execution across key workstreams, including PKI enablement, SNMPv3 implementation, queue standardization, and print server improvements. This role also contributes to defining ServiceNow items, maintaining CMDB accuracy, and ensuring integrations comply with enterprise ports, protocols, and security controls.

Additionally, this position serves as the primary architectural lead for developing the agency’s baseline and future-state architecture for printing services such as printing transitions into the IT organization. The EESA ensures that printing services align with broader endpoint engineering, security, infrastructure, and operational governance strategies. Responsibilities include advising on secure print design, device hardening, configuration management, and service governance.

The ideal candidate understands NIST and DISA STIG guidelines and has deep expertise in secure endpoint management (Windows, macOS, and mobile) and enterprise print technologies. They can translate complex security and infrastructure requirements into practical, scalable solutions that support a stable, long‑term service offering.

Location: Remote (This position can be performed remotely within the United States and will support Eastern Time working hours)

Key Responsibilities

• Partner with the customer and engineering teams to evaluate technical sequencing, enterprise dependencies, operational impacts, and architectural risks associated with endpoint modernization initiatives, including large-scale SCCM to Intune co-management and migration efforts.
• Serve as a strategic thought leader for endpoint engineering trends, covering configuration standards, security controls, ports and protocols, and cross‑platform engineering considerations.
• Architect and lead enterprise printing initiatives by aligning printing services with broader endpoint engineering, security, networking, and infrastructure strategies, ensuring scalable integration, operational sustainability, compliance, and long-term architectural consistency across the environment.
• Design and validate enterprise technical standards, including PKI integration, SNMPv3, secure queue architecture, device onboarding workflows, and modernized printing and endpoint baselines.
• Ensure alignment with federal security frameworks such as NIST 800‑series guidelines, NIST 800‑53/171, DISA STIGs, and agency‑specific enterprise policies.
• Architect scalable solutions across Windows, macOS, and mobile ecosystems, providing guidance on UEM platforms, cloud print infrastructure, and zero‑trust endpoint security models.
• Lead strategic endpoint modernization initiatives focused on Zero Trust integration, Unified Endpoint Management (UEM) adoption, and automation-driven provisioning capabilities to reduce operational inefficiencies, minimize reactive engineering efforts, and support evolving enterprise modernization and federal security mandates.
• Lead the development of enterprise solution blueprints, reference architectures, technical proposals, and implementation guidance supporting endpoint, printing, and managed service initiatives.
• Develop, review, and optimize automation and scalability via scripting (PowerShell, Bash, Python, and MDM workflows) to support scalable management of endpoints and printing environments.
• Assess technical feasibility for baseline workstreams, identify risks, dependencies, and required engineering decisions to support project execution.
• Collaborate with ServiceNow teams to shape catalog items, workflows, CMDB relationships, asset governance, and request processes supporting endpoint and printing services.
• Conduct in‑depth fleet capability assessments, identify compliance gaps or vulnerabilities, and define remediation or modernization strategies.
• Develop thorough technical documentation, configuration guides, and engineering reference materials to promote consistency, repeatability, and audit readiness.
• Support cutovers, escalations, and troubleshooting by offering real‑time technical expertise during deployment activities and configuration reviews.
• Monitor emerging endpoint engineering trends, including AI‑driven device management, edge computing, sustainability, and cloud printing, and translate them into strategic recommendations and go‑to‑market insights.
• Mentor engineering and account teams by sharing best practices, solution positioning guidance, and expertise that bridges technical and business perspectives.
• Present technical and strategic concepts to audiences ranging from engineers to executive stakeholders, adapting communication for clarity and impact.

#LI-BW1

Required Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related field.
• 10 years of experience in endpoint engineering, including:

• Windows, macOS, and mobile endpoint ecosystems
• Modern UEM platforms, such as Intune, JAMF, and other MDM/EMM tools
• Federal security frameworks and compliance standards, including NIST 800-53, NIST 800-171, DISA STIGs, and enterprise system hardening requirements.
• Strong architectural, analytical, and problem-solving capabilities with the ability to translate complex security and engineering requirements into practical, scalable, and actionable solutions
• Proven ability to lead or support major migrations, baseline deployments, or service modernization initiatives.

• 5+ years of experience in endpoint engineering, including:

• Experience designing or supporting secure printing environments leveraging PKI, SNMPv3, standardized queues, and cloud‑based printing architecture.
• Advanced scripting and automation using PowerShell, Python, Bash, or equivalent to support scalable endpoint and printing management.
• Working in large, complex enterprise environments with cross‑platform endpoint ecosystems and multiteam engineering dependencies.
• Effective communicator capable of presenting technical concepts to both technical contributors and non‑technical or executive audiences.
• Familiarity with ServiceNow CMDB structures, catalogs, workflows, and asset governance concepts.\

Preferred Qualifcations: 

• Master’s degree preferred but not required.
• Certifications in Microsoft 365, CompTIA, or vendor‑specific managed printing credentials (e.g., HP, Xerox, Lexmark).
• Experience with Enterprise Printing or Managed Printing Services (MPS), including cost modeling, service design, and enterprise SLA frameworks.
• Exposure to sustainability or carbon‑reporting considerations related to endpoint and printing‑fleet management.
• Experience with “as‑a‑service” financial modeling (e.g., cost‑per‑page structures, OPEX/CAPEX models).
• Background working within regulated industries such as the public sector, healthcare, or financial services.
• Familiarity with ITIL concepts and service-delivery best practices.

     Preferred Certifications

• CompTIA Security+ (federal baseline requirement).
• ITIL Foundation (widely used in federal service management environments).
• Microsoft certifications: MD‑102, MS‑102, or Intune/Endpoint Administrator (core to federal endpoint modernization).
• CompTIA Network+ or Cloud+ (common supporting certifications for federal infrastructure roles).
• GIAC, CISSP, or other advanced security certifications (valuable for NIST/STIG‑aligned work).
• JAMF certifications for macOS engineering (important for agencies with growing macOS footprints).
• Vendor‑specific managed printing certifications (e.g., HP, Xerox, Lexmark) for Enterprise Printing and MPS environments.

    Clearance Requirement:

• US Citizen or Green card holder
• Willing and able to obtain and maintain Public Trust Clearance 
• Must meet updated ID requirements: https://www.gsa.gov/technology/it-contract-vehicles-and-purchasing-programs/federal-credentialing-services/get-appointment-help/bring-required-documents
  • If you do not currently meet the ID requirements outlined, you must be willing and able to update your current forms of ID in a timely manner to complete the suitability process successfully. 

The Company

We believe in generating success collaboratively, enabling long-term mission success, and building trust for the next challenge. With you as our partner, let’s solve challenges, think innovatively, and maximize impact. As a valued member of our team, you have the unique opportunity to work in a diverse range of technology and business career paths, all while supporting our nation and delivering innovative technology solutions. We are a close community of experts that pride ourselves on creating an environment defined by teamwork, dedication, and excellence.

We hold three ISO certifications (27001:2013, 20000-1:2011, 9001:2015), two CMMI ML 3 ratings (DEV and SVC) and CMMC Level 2 Certification.

Industry Recognition

Growth | Inc 5000’s Fastest Growing Private Companies, DC Metro List Fastest Growing; Washington Business Journal: Fastest Growing Companies, Top Performing Small Technology Companies in Greater D.C.

Culture | Northern Virginia Technology Council Tech 100 Honoree; Virginia Best Place to Work; Washington Business Journal: Best Places to Work, Corporate Diversity Index Winner – Mid-Size Companies, Companies Owned by People of Color; Department of Labor’s HireVets for our work helping veterans transition; SECAF Award of Excellence finalist; Victory Military Friendly Brand; Virginia Values Veterans (V3); Cystic Fibrosis Foundation Corporate Breath Award

Benefits

We offer competitive benefits package including paid time off, healthcare benefits, supplemental benefits, 401k including an employer match, discount perks, rewards, and more.  We invest in our employees – Every employee is eligible for education reimbursement for certifications, degrees, or professional development.  Reimbursement amounts may fluctuate due to IRS limitations. We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking. We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.

We work hard; we play hard. Kentro is committed to incorporating fun into every day. We dedicate funds for activities – virtual and in-person – e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations. In alignment with our commitment to our communities, we also host and attend charity galas/events. We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy.

Commitment Equal Opportunity Employment & VEVRAA

Kentro is an equal opportunity employer.  All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state or local law.

Kentro is strongly committed to compliance with VEVRAA and other applicable federal, state, and local laws governing equal employment opportunity. We have developed comprehensive policies and procedures to ensure our hiring practices align with these requirements.

As part of our VEVRAA compliance efforts, Kentro has established an equal opportunity plan outlining our commitment to recruiting, hiring, and advancing protected veterans. This plan is regularly reviewed and updated to ensure its effectiveness.

We encourage protected veterans to self-identify during the application process. This information is strictly confidential and will only be used for reporting and compliance purposes as required by law. Providing this information is voluntary and will not impact your employment eligibility.

Our commitment to equal employment opportunity extends beyond legal compliance. We are dedicated to fostering an inclusive workplace where all employees, including protected veterans, are treated with dignity, respect, and fairness.

How to Apply

To apply to Kentro Positions- Please click on the job link and then click the blue “Apply” button at the top right of Job Description. Please upload your resume and complete all the application steps. You must fully submit the application for Kentro to consider you for a position.  If you need alternative application methods, please email careers@kentro.us and request assistance.     

Accommodations

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. If you need to discuss reasonable accommodations, please email careers@kentro.us.