# Endpoint Systems Engineer

> Prime System Solutions · Cape Town, South Africa (Remote) · Full-time · Posted 2026-04-03

**Workplace:** remote

**Department:** ITS

## Description

The Endpoint Systems Engineer is a critical member of the IT infrastructure team, responsible for the lifecycle management of all endpoint devices across the organization. This role bridges security, operations, and automation — ensuring that every managed device remains compliant, current, and performing at its best. The ideal candidate is hands-on with RMM tooling, comfortable writing PowerShell automation, and thrives in a fast-paced managed services or enterprise IT environment.

### Key Responsibilities

**Endpoint Patching & Compliance**

-   Deploy, schedule, and validate OS and software patches across Windows/macOS endpoints using **Kaseya VSA** and **Datto RMM**
-   Manage patch policies, rings, and compliance baselines through **Microsoft Intune**
-   Generate regular patch compliance reports and present remediation plans for non-compliant devices
-   Maintain patch SLAs and minimize exposure windows for critical CVEs

**Application Management**

-   Package, deploy, and maintain third-party applications across the endpoint fleet via Intune and RMM tooling
-   Manage application versioning, silent installs, and uninstall routines
-   Monitor application health and ensure licensing compliance

**Ticketing & Incident Management**

-   Triage, manage, and resolve endpoint-related tickets within **ConnectWise Manage**
-   Document resolution steps clearly for knowledge base contribution
-   Escalate complex issues appropriately while maintaining SLA commitments

**Automation & Scripting**

-   Write and maintain **PowerShell scripts** to automate repetitive tasks such as software installs, system health checks, user provisioning, and reporting
-   Develop and deploy scripts via RMM platforms at scale across managed endpoints

**Asset & Documentation Management**

-   Maintain accurate endpoint inventory and configuration records through **Liongard**
-   Ensure audit trails, change logs, and runbooks are up to date
-   Contribute to internal IT documentation and SOPs

**Security & Compliance**

-   Enforce endpoint security baselines (antivirus, EDR, encryption, MFA policies)
-   Monitor for policy drift and remediate non-compliant devices proactively
-   Collaborate with security teams on vulnerability management and endpoint hardening

## Requirements

-   Experience in endpoint management, systems administration, or MSP role
-   Hands-on experience with **Kaseya VSA**, **Datto RMM**, and/or **Microsoft Intune**
-   Proficiency in **PowerShell scripting** for automation and system management
-   Experience with **ConnectWise** (Manage or Automate) for ticketing and workflow
-   Familiarity with **Liongard** or similar documentation/asset platforms
-   Strong understanding of Windows endpoint management (Group Policy, MDM, registry)
-   Knowledge of patch management best practices and vulnerability frameworks (e.g., CVSS)
-   Excellent troubleshooting and communication skills

### Preferred / Bonus Skills

-   Experience in a **Managed Service Provider (MSP)** environment
-   Microsoft certifications (MD-102, AZ-800, or similar)
-   Familiarity with macOS endpoint management
-   Experience with endpoint security tools (CrowdStrike, SentinelOne, Defender for Endpoint)
-   Basic networking knowledge (DNS, DHCP, VPN)

## Apply

[Apply at Prime System Solutions](https://apply.workable.com/prime-system/j/68D35A1108/apply)

---
Powered by [Workable](https://www.workable.com)