Home › Companies › Hatchit › Endpoint Specialist
Endpoint Specialist
Hatchit · Boulder, CO · On Site · Active · Lever
Job facts
| Field | Value |
|---|---|
| Company | Hatchit |
| Title | Endpoint Specialist |
| Normalized title | - |
| Department / team | Featured Hatch Accounts / Expression |
| Location | Boulder, CO, United States |
| Work model | On Site |
| Employment type | Full Time |
| Salary | - |
| Status | active |
| ATS provider | Lever |
| Posted / first seen | 2026-04-22 / 2026-05-29 |
| Changed / last seen | 2026-05-29 / 2026-06-23 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Hatchit. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Lever. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| City jobs | Active postings in Boulder. | Open |
| Department jobs | Active postings in Featured Hatch Accounts. | Open |
| Work model jobs | Active On Site postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Hatchit |
| Source | e2ea7802-e924-462c-bda6-32def5821788 |
| ATS provider | Lever |
Description
hatch I.T. is partnering with Expression to find an Endpoint Specialist . See details below:
About The Role:
Expression is seeking a mission-driven Endpoint Specialist to support the National Telecommunications and Information Administration (NTIA). This role is responsible for managing and securing all Windows and Macintosh laptop endpoints across the enterprise, ensuring proper configuration, patch management, operating system updates, and compliance with federal cybersecurity standards. The Endpoint Specialist will implement and enforce mobile device management (MDM) policies, administer enterprise patching platforms, and collaborate closely with cybersecurity teams to ensure endpoint security controls align with NTIA’s overall security posture.
The ideal candidate brings hands-on expertise administering macOS devices through JAMF and demonstrates proficiency with enterprise patching technologies such as BigFix, WSUS, MECM, and related tools in a secure federal environment.
About the Company:
Founded in 1997 and headquartered in Washington DC, Expression provides data fusion, data analytics, software engineering, information technology, and electromagnetic spectrum management solutions to the U.S. Department of Defense, Department of State, and national security community. Expression’s “Perpetual Innovation” culture focuses on creating immediate and sustainable value for their clients via agile delivery of tailored solutions built through constant engagement with their clients. Expression was ranked #1 on the Washington Technology 2018's Fast 50 list of fastest growing small business Government contractors and a Top 20 Big Data Solutions Provider by CIO Review.
Responsibilities:
Manage and secure all Windows and Macintosh laptop endpoints, including system configuration, baseline enforcement, patch deployment, and lifecycle management.
Implement and maintain Mobile Device Management (MDM) solutions to enforce endpoint security policies and compliance controls across macOS and Windows environments.
Administer and secure Macintosh devices using JAMF (JAMF Pro preferred), including device enrollment, configuration profiles, software distribution, and compliance monitoring.
Utilize enterprise patch management tools including IBM BigFix, WSUS, MECM, and related technologies to ensure timely deployment of operating system and third-party application updates.
Oversee endpoint configuration standards, ensuring alignment with federal security requirements and organizational hardening guidelines.
Monitor endpoint health, patch compliance, and vulnerability remediation through reporting dashboards and security tools.
Collaborate directly with cybersecurity teams to ensure endpoint security controls, EDR tools, and patching strategies align with NTIA’s broader security posture and compliance framework.
Support implementation and enforcement of endpoint security baselines, including encryption, access controls, MFA integration, and device policy enforcement.
Troubleshoot and resolve issues related to device enrollment, patch failures, configuration drift, and security policy enforcement.
Maintain documentation, SOPs, and reporting artifacts to support audits, compliance reviews, and operational transparency.
Provide professional and timely support to NTIA users while maintaining secure and reliable endpoint operations.
Qualifications:
Bachelor’s degree in Information Technology, Computer Science, or a related field OR equivalent combination of education and relevant experience.
Minimum of 4 years of IT or endpoint administration experience.
U.S. Citizenship required with an Active Secret clearance.
Foundational experience managing macOS and Windows devices in an enterprise or federal environment.
Familiarity with MECM, IBM BigFix, and macOS MDM frameworks (JAMF, Intune, or Kandji).
Basic knowledge of scripting languages such as PowerShell, Bash, or Python for automation and remediation tasks.
Understanding of system patching, software distribution, and compliance reporting.
Strong communication skills, attention to detail, and commitment to maintaining secure and reliable endpoint operations.
Preferred Experience:
CompTIA certifications such as A+, Network+, or Security+.
Microsoft or IBM certifications related to MECM / BigFix administration.
Apple Certified Support Professional (ACSP) or equivalent macOS certification.
Experience managing Apple Business Manager and automated MDM enrollment workflows.
Familiarity with Active Directory / Azure AD, Group Policy, and identity management for cross-platform devices.
Experience with endpoint detection and response (EDR) tools and vulnerability management practices.
Experience working within a federal or enterprise IT environment with stringent security compliance requirements.
Full job record
| Job ID | c6a3f465c3b794111680f66654a9ad0235f6869c |
| Org ID | 3883f6fa-759f-4977-ab65-05926fcbad14 |
| Source ID | e2ea7802-e924-462c-bda6-32def5821788 |
| Board ID | e2ea7802-e924-462c-bda6-32def5821788 |
| Provider | lever |
| Provider Job Key | 1f2c9a1d-5c49-4793-a90a-afb9b056ef44 |
| Title | Endpoint Specialist |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | Boulder, CO |
| Department | Featured Hatch Accounts |
| Team | Expression |
| Employment Type | Full Time |
| Workplace Type | on_site |
| Remote Policy | — |
| Country | United States |
| Region | CO |
| City | Boulder |
| Salary Raw | — |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | — |
| Source URL | https://jobs.lever.co/hatchit/1f2c9a1d-5c49-4793-a90a-afb9b056ef44 |
| Apply URL | https://jobs.lever.co/hatchit/1f2c9a1d-5c49-4793-a90a-afb9b056ef44/apply |
| First Seen At | 2026-05-29 07:02:02Z |
| Last Seen At | 2026-06-23 07:57:47Z |
| Last Checked At | 2026-06-23 07:57:47Z |
| Last Changed At | 2026-05-29 07:02:02Z |
| Inactive At | — |
| Source Posted At | 2026-04-22 15:20:50Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=lever/board=hatchit/date=2026-06-23/2026-06-23T07-57-47-606Z-8f9254514cbc2ef8096b6f612e7d500079fb77bcf1e5812737959c252d7b5f5f.json |
Event Fields
{
"content_hash": "20f05d7744144973b86f5c9f81b190749676020cd0c7d0788d539f0b3bbd1860",
"source_hash": "0d989c17efc1efd9e3f3d076ce4b883c46530ba69ce4c42b86de0d4fe722e572",
"last_changed_at": "2026-05-29T07:02:02.245Z",
"active_status": "active"
}Parsed Structured
{
"dedupe": null,
"language": "en",
"location": {
"raw": "Boulder, CO",
"city": "Boulder",
"region": "CO",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-23T07:57:47.796Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "Boulder, CO",
"city": "Boulder",
"region": "CO",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"countries": [
"United States"
]
},
"remote_policy": null,
"salary_period": null,
"workplace_type": "on_site",
"salary_currency": null
}Extensions
{}Native Structured
{
"lists": [
{
"text": "Responsibilities: ",
"content": "<div>\n<ul style=\"list-style-type: disc;\">\n<li>Manage and secure all Windows and Macintosh laptop endpoints, including system configuration, baseline enforcement, patch deployment, and lifecycle management.</li>\n<li>Implement and maintain Mobile Device Management (MDM) solutions to enforce endpoint security policies and compliance controls across macOS and Windows environments.</li>\n<li>Administer and secure Macintosh devices using JAMF (JAMF Pro preferred), including device enrollment, configuration profiles, software distribution, and compliance monitoring.</li>\n<li>Utilize enterprise patch management tools including IBM BigFix, WSUS, MECM, and related technologies to ensure timely deployment of operating system and third-party application updates.</li>\n<li>Oversee endpoint configuration standards, ensuring alignment with federal security requirements and organizational hardening guidelines.</li>\n<li>Monitor endpoint health, patch compliance, and vulnerability remediation through reporting dashboards and security tools.</li>\n<li>Collaborate directly with cybersecurity teams to ensure endpoint security controls, EDR tools, and patching strategies align with NTIA’s broader security posture and compliance framework.</li>\n<li>Support implementation and enforcement of endpoint security baselines, including encryption, access controls, MFA integration, and device policy enforcement.</li>\n<li>Troubleshoot and resolve issues related to device enrollment, patch failures, configuration drift, and security policy enforcement.</li>\n<li>Maintain documentation, SOPs, and reporting artifacts to support audits, compliance reviews, and operational transparency.</li>\n<li>Provide professional and timely support to NTIA users while maintaining secure and reliable endpoint operations.</li>\n\n</ul></div>"
},
{
"text": "Qualifications: ",
"content": "<div>\n<ul style=\"list-style-type: disc;\">\n<li>Bachelor’s degree in Information Technology, Computer Science, or a related field OR equivalent combination of education and relevant experience.</li>\n<li>Minimum of 4 years of IT or endpoint administration experience.</li>\n<li>U.S. Citizenship required with an Active Secret clearance.</li>\n<li>Foundational experience managing macOS and Windows devices in an enterprise or federal environment.</li>\n<li>Familiarity with MECM, IBM BigFix, and macOS MDM frameworks (JAMF, Intune, or Kandji).</li>\n<li>Basic knowledge of scripting languages such as PowerShell, Bash, or Python for automation and remediation tasks.</li>\n<li>Understanding of system patching, software distribution, and compliance reporting.</li>\n<li>Strong communication skills, attention to detail, and commitment to maintaining secure and reliable endpoint operations.</li>\n\n</ul></div>"
},
{
"text": "Preferred Experience: ",
"content": "<div>\n<ul style=\"list-style-type: disc;\">\n<li>CompTIA certifications such as A+, Network+, or Security+.</li>\n<li>Microsoft or IBM certifications related to MECM / BigFix administration.</li>\n<li>Apple Certified Support Professional (ACSP) or equivalent macOS certification.</li>\n<li>Experience managing Apple Business Manager and automated MDM enrollment workflows.</li>\n<li>Familiarity with Active Directory / Azure AD, Group Policy, and identity management for cross-platform devices.</li>\n<li>Experience with endpoint detection and response (EDR) tools and vulnerability management practices.</li>\n<li>Experience working within a federal or enterprise IT environment with stringent security compliance requirements.</li>\n\n</ul></div>"
}
],
"country": "US",
"createdAt": 1776871250184,
"updatedAt": null,
"categories": {
"team": "Expression",
"location": "Boulder, CO",
"commitment": "Full Time",
"department": "Featured Hatch Accounts",
"allLocations": [
"Boulder, CO"
]
},
"salaryRange": null,
"workplaceType": "onsite"
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/c6a3f465c3b794111680f66654a9ad0235f6869c?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/3883f6fa-759f-4977-ab65-05926fcbad14JSONGET https://api.bluedoor.sh/job-postings/v1/sources/e2ea7802-e924-462c-bda6-32def5821788JSONGET https://api.bluedoor.sh/job-postings/v1/jobs/c6a3f465c3b794111680f66654a9ad0235f6869c/eventsJSON