Desktop Engineering Specialist

Canada
$90,000-140,000 per year
Permanent
Full-time

12 hours ago

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.Job Description:The Desktop Engineering Specialist is a hands-on technical leader and problem solver who thrives in fast‑paced enterprise environments. This role focuses on delivering secure, stable, and scalable Windows endpoint platforms through advanced desktop engineering practices. The engineer will balance day‑to‑day operational demands while independently driving technical initiatives and leading desktop-focused projects with PM support.This role is ideal for someone who is deeply technical, comfortable owning outcomes, and capable of coordinating internal and external resources to deliver high‑quality endpoint solutions.What you will do:

Design, engineer, and delivering scalable, secure, and standardized desktop solutions aligned with the enterprise end‑user computing roadmap.
Act as a subject matter expert for desktop engineering, owning engineering standards, technical roadmaps, service improvements, and platform enhancements.
Serve as a technical lead on desktop initiatives, building, validating, testing, and documenting solutions while ensuring smooth operational handover and knowledge transfer.
Design, build, and maintain Windows 11 deployment strategies including imaging, provisioning, upgrade paths, and lifecycle management.
Engineer and maintain endpoint management solutions using SCCM and Microsoft Intune, including co‑management where applicable.
Support the Global Software Delivery teams Windows servicing strategies including deployment rings, update orchestration, and phased rollout of feature and quality updates using Windows Update for Business, SCCM, and Intune.
Develop, implement, and maintain desktop security baselines, compliance policies, and endpoint hardening standards aligned with security requirements.
Perform and remediate desktop baseline scanning and compliance assessments to ensure endpoints meet security and operational standards.
Manage hardware platforms including model onboarding, driver packaging, BIOS/firmware updates, and lifecycle refresh activities.
Implement solutions to improve desktop stability, performance, security, patching, and overall end‑user experience.
Maintain accurate and current technical documentation for all desktop services and solutions in accordance with service design standards.
Balance a busy operational workload while independently running desktop engineering projects from a technical perspective (with PM support).
Identify when additional capacity is required and engage or coordinate contract and partner resources to support delivery.
Collaborate with operations and support teams to analyze incident, problem, and trend data for continuous improvement.
Work closely with infrastructure, security, service desk, and front‑line support teams to ensure desktop solutions are supportable and aligned.
Execute projects in partnership with other teams involving:

Windows 11
SCCM
Microsoft Intune
Desktop imaging and provisioning
Endpoint security baselines and hardening
Hardware platforms, drivers, and firmware

What you need to succeed:

Advanced experience with SCCM (applications, OS deployment, compliance, reporting)
Advanced experience with Windows 10/11 imaging, deployment, and in‑place upgrades
Advanced PowerShell scripting capabilities including module development and automation frameworks
Strong hands‑on experience with Microsoft Intune (device configuration, compliance, endpoint security)
Experience designing and implementing desktop security baselines and endpoint hardening
Experience with desktop compliance scanning and remediation
Strong knowledge of hardware platforms, driver management, BIOS/firmware updates, and vendor tooling
Experience with co‑management or hybrid endpoint environments
Experience designing and implementing Windows servicing rings and update deployment strategies
Experience working in large, globally distributed enterprise environments
Familiarity with BitLocker, endpoint protection, and device security controls
Knowledge of Windows Update for Business, update compliance reporting, and feature update management

Preferred skills:

Strong technical leadership skills with experience driving engineering outcomes (without needing to be a formal PM)
Ability to work independently and take ownership of desktop engineering initiatives
Experience coordinating internal teams and external/contract resources
General knowledge of networking, servers, identity, and security concepts as they relate to endpoint computing
Proficiency with PowerShell scripting for endpoint automation, configuration management, and reporting (required)
Proven problem‑solving skills in large or complex enterprise environments
University degree / college diploma in a related discipline or equivalent practical experience
7+ years of experience in the IT industry, with significant focus on endpoint or desktop engineering

What’s in it for you:

We’re honoured to be recognized as a 2026 Best Workplaces in Canada by Great Place to Work® Canada.
We are thrilled to be recognized by Excellence Canada with their top-level certification, the Canada Order of Excellence for Mental Health at Work®, for prioritizing employee well-being, fostering a positive work culture, and achieving excellence in mental health.
Wellness programs that support the three pillars of your health – mental, physical, and financial
The opportunity to move along a variety of career paths with amazing networking potential.
As a hybrid organization, you and your leader use business and Client need to choose where you work, at home or in the office

As a condition of the role, the successful candidate must obtain a Government of Canada Reliability Status security clearance through Sun Life in advance of the start dateMust be able to satisfactorily complete applicable background checks prior to the start date and during employment, in accordance with Sun Life’s policies and practices.The Base Pay range is for the primary location for which the job is posted. It may vary depending on the work location of the successful candidate or other factors. In addition to Base Pay, eligible Sun Life employees participate in various incentive plans, payment under which is discretionary and subject to individual and company performance. Certain sales focused roles have sales incentive plans based on individual or group sales results.Diversity and inclusion have always been at the core of our values at Sun Life. A diverse workforce with wide perspectives and creative ideas benefits our Clients, the communities where we operate and all of us as colleagues. We welcome applications from qualified individuals from all backgrounds.Persons with disabilities who need accommodation in the application process, or those needing job postings in an alternative format, may e-mail a request to .We are proud to be a hybrid organization that offers our employees the choice and flexibility to work from both the office and virtually based on the needs of the business, our Clients and you! Several work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.We may use artificial intelligence to support candidate sourcing, screening, interview scheduling.We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.Salary Range: 90,000/90 000 - 140,000/140 000Job Category: IT - Technology ServicesPosting End Date: 22/04/2026

Sun Life Financial

Apply Now