Join Aya Healthcare, winner of multiple Top Workplace awards!
Enterprise Technology at Aya is seeking a hands-on Manager to lead our Enterprise Device Management team. You’ll own the strategy and day-to-day operations that keep Aya’s Windows and macOS devices secure, compliant, and consistently great to use—so our people can do their best work anywhere.
Who We Are:
We’re a $10+ billion, rapidly growing workforce solutions provider in the healthcare industry. We deliver tech-enabled services that help healthcare organizations meet and manage their contingent labor needs. We build and manage tech-enabled marketplaces for national and local healthcare talent and deliver contingent labor management solutions through our proprietary software platform.
At Aya, we’re obsessed with creating exceptional experiences for our clients, clinicians, and employees. In fact, we put employee satisfaction above all else. Our team members are responsible for incomparable customer experience and we know that happy employees are critical to maintaining happy clients. We foster an entrepreneurial, high-energy, low-bureaucracy culture and value innovative thinking and creative problem solving. We embrace diversity in thought and backgrounds unified by a commitment to high achievement. When you join Aya, you’ll be surrounded by teammates who care about you as an individual and leaders who will help you grow both personally and professionally.
Responsibilities:
- Define and deliver the device management roadmap aligned to enterprise security, compliance, and user experience goals.
- Device lifecycle & MDM operations: Own Intune policies and profiles (enrollment, configuration, compliance, conditional access signals) across Windows and macOS.
- Standardize gold images/baselines; manage Autopilot/ABM flows; ensure clean join/retire processes.
- Patch & vulnerability management: Design patch rings and cadence; drive OS/application update compliance; coordinate comms and maintenance windows.
- Use Defender TVM to reduce exposure scores, track and close vulnerability backlogs with measurable SLAs.
- Endpoint security: Enforce encryption (BitLocker/FileVault), local admin controls/LAPS/EPM, and hardening baselines; tune MDE (EDR/ASR).
- Collaborate with InfoSec on detections, incident response, exceptions, and audits.
- Service delivery & incident/change management: Run day-to-day operations through ServiceNow: queues, SLAs, problem management, change approvals, and post-incident reviews.
- Provide clear user comms and self-service guides to improve first-contact resolution.
- Reporting & continuous improvement: Publish KPIs (compliance, exposure, MTTR, provisioning success rate); use automation to remove manual steps and reduce variance.
- Manage vendor relationships and licensing (Intune/MDE and related tools); budget input and forecast.
Required Qualifications:
- Education: Bachelor’s in Information Systems, Computer Science, Engineering, or related field or equivalent experience.
- 5+ years in endpoint/device management with 2+ years leading people or serving as a technical team lead.
- Deep experience with Microsoft Intune (Windows/macOS), Microsoft Defender for Endpoint, and Windows Update for Business/Autopatch; working knowledge of macOS update management.
- Solid grasp of identity & access concepts and how device compliance ties into Entra ID/Conditional Access.
- Proficiency with PowerShell and comfort with Microsoft Graph/KQL for automation and reporting.
- Strong stakeholder management and communication skills; able to translate risk and technical detail into business outcomes.
- Experience operating within ITIL-style processes (incident, change, problem) and ticketing in ServiceNow (or equivalent).
- Preferred: Experience with endpoint privilege management (e.g., LAPS/EPM), certificate management, and app packaging at scale.
- Preferred: Exposure to compliance frameworks (e.g., SOC 2, ISO 27001, HIPAA) and endpoint audit readiness.
- Preferred: Reporting/visualization in Power BI; scripting for macOS (zsh/bash) and device management on Apple platforms (ABM/ASM).
What We Offer:
- Free premium medical, dental, life and vision insurance
- Generous 401(k) match
- Aya also offers other benefits to those that are eligible and where required by applicable law, including reimbursements and discretionary bonuses
- Aya provides paid sick leave in accordance with all applicable state, federal, and local laws. Aya’s general sick leave policy is that employees accrue one hour of paid sick leave for every 30 hours worked. However, to the extent any provisions of the statement above conflict with any applicable paid sick leave laws, the applicable paid sick leave laws are controlling
- Celebrations! We hit our goals and reward ourselves.
- Company-sponsored virtual events, happy hours and team-building activities are always on the horizon — plus, you get a special treat on your birthday!
- Unlimited DTO — we believe in time off!
- Virtual yoga, meditation or boot camp classes offered daily
Compensation: Aya reasonably anticipates the pay scale for this position to be an annual salary of $160,000 to $175,000.
The pay scale for this position may vary if applicant possesses experience outside of what Aya reasonably anticipates for this position. Bonuses are subject to the role and your manager’s discretion.
Aya is an Equal Opportunity Employer (EEO), including Disability / Vets, and welcomes all to apply. Please click here for our EEO policy