Job Information

TIAA Lead SCCM Engineer in BROOMFIELD, Colorado


TIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services.

For more information about TIAA, .


TIAA’s Global Infrastructure Services team manages our core infrastructure assets. Our team is the first line of support on any production related issues including our network and telecommunications, computing (middleware), and end-user support, as well as the firm’s 24x7 data center operations. The Global Infrastructure Services team collaborates closely with our business-aligned partners in technology and with key stakeholders across the enterprise.

The Lead Engineer role requires leveraging Microsoft Endpoint Configuration Manager Client Management (formerly SCCM), Active Directory, Azure AD and other tools in our Unified Client Experience team to architect and engineer future solutions for the TIAA organizations desktop client environment. This includes but not limited to our Windows 10 Operating environment which entails the OS, productivity suites, on premise and cloud supporting tools and browser management solutions. This role requires utilization of MECM in conjunction with scripting skills and policy knowledge to automate and streamline processes, create innovative solutions and insure a stable Windows Client environment for our employees. The role requires use of MECM Reporting and SRSS to create and maintain client information, status and health reporting in support of project activities, operational processes and client health checks.

The role will collaborate within our team in providing Windows Client strategy and designs, including automation in addition to engineering, administration and tier 3 support. This role would be expected to interact with vendors such as Microsoft, Dell, HP and Adaptiva to solve complex problems and develop/implement strategic roadmaps to best leverage and evolve our toolkits to effectively and efficiently support the business. The role is responsible for consulting with internal business customers and application development teams during US business hours to understand their needs and issues and engineer workstation solutions and policies that support and address business needs.

Additionally this role handles escalated advanced troubleshooting with the Service Desk, Desktop Support and Desktop Engineering teams of issues with client Operating Systems, productivity tools and policies. This role will be required to train peers, Desktop Support and Service Desk staff on Client technologies this individual is responsible for to insure quality services and no single point of failure.


  • Design, configure, administer,build, and support the Microsoft Endpoint Configuration Manager (formerly SCCM)and Modern Management systems that support the desktop environment includinguse of Software Center and Application Catalogue self-service

  • Be an innovator with MicrosoftEndpoint Configuration Manager (formerly SCCM) processes through recommending,designing and leading implementations of process improvements and automation inall aspects of the desktop configuration in the Microsoft EndpointConfiguration Manager space as we expand and transition to Modern Management.

  • Design and engineer the WindowsDesktop Operating systems and automate upgrade processes on physical andvirtual infrastructure to TIAA standards for optimal performance and stability

  • Build roadmaps and lifecyclemanage products and services for the Windows desktop OS, productivity tools andmanagement tools such as Microsoft Endpoint Configuration Manager, Intune,Adaptiva, FSLogix, etc.

  • Participate and own aspects ofdesigning, engineering, configuring, and administering our Microsoft EndpointConfiguration Manager and FSLogix solutions to TIAA standards for optimal userprofile, OS and Application settings.

  • Develop and Engineer Workstationpolicies and configurations with Microsoft Endpoint Configuration Manager,Active Directory GPOs, AzureAD, M365, FSLogix and Powershell to manage andmaintain Windows desktop operating environment and productivity tools to meetbusiness needs.

  • Leverage Microsoft EndpointConfiguration Manager and SQL Reporting Services to engineer and implementcustomer reports and queries against the Microsoft Endpoint ConfigurationManager DB to support projects, operational process and client health.

  • Diagnose advanced Windows OSdesktop and productivity applications and internet browser issues and perform rootcause analyses being tier 3 support to TIAA’s Desktop Support team.

  • Provide training and knowledgesharing to internal desktop support staff on Windows OS operating environmentand issues.

  • Develop partnerships with keysupport, architecture, and peer engineering teams

  • Meet with internal businesscustomers and application development staff during US hours to understand theirrequirements and needs, providing consultation on best solution to meet theseneeds then engineer and execute the agreed workstation solution.

  • Produce basic project plans, rootcause analysis documents and report on progress to management

  • Participate in after-hours on-callrotation to provide critical/crisis support for our engineering tools and theWindows Desktop environment.

  • Execute changes as needed in theevening hours and weekends within defined maintenance windows to avoid impactsto our US and India businesses.

  • Collaborate with server andnetwork engineers, Cybersecurity, and business analysts to deliver desktopsolutions and meet company standards

  • Follow emerging trends in theClient Management space, Client Operating System space including MS Windows,ChromeOS and Apple OSX spaces.


Required Experience

  • Five or more years’ experience withMicrosoft Endpoint Configuration Manager/SCCM configuration and profilemanagement tools.

  • Five or more years of experienceengineering and architecting Windows Desktop Operating Systems.

  • Five or more years of experienceengineering and supporting Active Directory Group Policies for workstationdevices

Preferred Experience

  • Deep understanding of the MECM/SCCMSQL database, database management and SQL Reporting services

  • Three or more years of experience withdesign and engineering of Windows client operating systems and productivityapplication interconnectivity and management with AzureAD and M365

  • Seven or more years of experience withWindows desktop and server operating systems, related Windows operating systemsscripting skills (Powershell, WSH, Batch, etc.) and Visual Basic skills.

  • Five or more years of experiencesupporting desktops deployment processes in a multi segmented, routed andfirewalled enterprise network

  • Five or more years of experience withleveraging windows WMI in MECM/SCCM

  • Experience with App-V configuration,Citrix and VMWare OS and Application virtualization technologies

  • Strong familiarity with securitytechnologies such as antivirus, firewalls, VPN, SSL, etc. preferred

  • Server 2012/2016/2019 administrationexperience preferred

Equal Employment Opportunity is not just the law, it’s ourcommitment. Read more about the .

If you need assistance applying due to visually or hearing impaired,please email .

We are an Equal Opportunity/Affirmative Action Employer. We willconsider all qualified applicants for employment regardless of age, race,color, national origin, sex, religion, veteran status, disability, sexualorientation, gender identity, or any other legally protected status.

Additional Information

  • Requisition ID: 1727252

Company: TIAA

Post Date: 5 days ago