Desktop Engineering Specialist

You are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

The Desktop Engineering Specialist is a hands-on technical leader and problem solver who thrives in fastpaced enterprise environments. This role focuses on delivering secure, stable, and scalable Windows endpoint platforms through advanced desktop engineering practices. The engineer will balance daytoday operational demands while independently driving technical initiatives and leading desktop-focused projects with PM support.

This role is ideal for someone who is deeply technical, comfortable owning outcomes, and capable of coordinating internal and external resources to deliver highquality endpoint solutions.

What you will do:

• Design, engineer, and delivering scalable, secure, and standardized desktop solutions aligned with the enterprise enduser computing roadmap.
• Act as a subject matter expert for desktop engineering, owning engineering standards, technical roadmaps, service improvements, and platform enhancements.
• Serve as a technical lead on desktop initiatives, building, validating, testing, and documenting solutions while ensuring smooth operational handover and knowledge transfer.
• Design, build, and maintain Windows 11 deployment strategies including imaging, provisioning, upgrade paths, and lifecycle management.
• Engineer and maintain endpoint management solutions using SCCM and Microsoft Intune, including comanagement where applicable.
• Support the Global Software Delivery teams Windows servicing strategies including deployment rings, update orchestration, and phased rollout of feature and quality updates using Windows Update for Business, SCCM, and Intune.
• Develop, implement, and maintain desktop security baselines, compliance policies, and endpoint hardening standards aligned with security requirements.
• Perform and remediate desktop baseline scanning and compliance assessments to ensure endpoints meet security and operational standards.
• Manage hardware platforms including model onboarding, driver packaging, BIOS/firmware updates, and lifecycle refresh activities.
• Implement solutions to improve desktop stability, performance, security, patching, and overall enduser experience.
• Maintain accurate and current technical documentation for all desktop services and solutions in accordance with service design standards.
• Balance a busy operational workload while independently running desktop engineering projects from a technical perspective (with PM support).
• Identify when additional capacity is required and engage or coordinate contract and partner resources to support delivery.
• Collaborate with operations and support teams to analyze incident, problem, and trend data for continuous improvement.
• Work closely with infrastructure, security, service desk, and frontline support teams to ensure desktop solutions are supportable and aligned.
• Execute projects in partnership with other teams involving:
  • Windows 11
  • SCCM
  • Microsoft Intune
  • Desktop imaging and provisioning
  • Endpoint security baselines and hardening
  • Hardware platforms, drivers, and firmware

What you need to succeed:

• Advanced experience with SCCM (applications, OS deployment, compliance, reporting)
• Advanced experience with Windows 10/11 imaging, deployment, and inplace upgrades
• Advanced PowerShell scripting capabilities including module development and automation frameworks
• Strong handson experience with Microsoft Intune (device configuration, compliance, endpoint security)
• Experience designing and implementing desktop security baselines and endpoint hardening
• Experience with desktop compliance scanning and remediation
• Strong knowledge of hardware platforms, driver management, BIOS/firmware updates, and vendor tooling
• Experience with comanagement or hybrid endpoint environments
• Experience designing and implementing Windows servicing rings and update deployment strategies
• Experience working in large, globally distributed enterprise environments
• Familiarity with BitLocker, endpoint protection, and device security controls
• Knowledge of Windows Update for Business, update compliance reporting, and feature update management

Preferred skills:

• Strong technical leadership skills with experience driving engineering outcomes (without needing to be a formal PM)
• Ability to work independently and take ownership of desktop engineering initiatives
• Experience coordinating internal teams and external/contract resources
• General knowledge of networking, servers, identity, and security concepts as they relate to endpoint computing
• Proficiency with PowerShell scripting for endpoint automation, configuration management, and reporting (required)
• Proven problemsolving skills in large or complex enterprise environments
• University degree / college diploma in a related discipline or equivalent practical experience
• 7+ years of experience in the IT industry, with significant focus on endpoint or desktop engineering

What's in it for you:

• We're honoured to be recognized as a 2026 Best Workplaces in Canada by Great Place to Work Canada.
• We are thrilled to be recognized by Excellence Canada with their top-level certification, the Canada Order of Excellence for Mental Health at Work,for prioritizing employee well-being, fostering a positive work culture, and achieving excellence in mental health.
• Wellness programs that support the three pillars of your health - mental, physical, and financial
• The opportunity to move along a variety of career paths with amazing networking potential.
• As a hybrid organization, you and your leader use business and Client need to choose where you work, at home or in the office

As a condition of the role, the successful candidate must obtain a Government of Canada Reliability Status security clearance through Sun Life in advance of the start date

Must be able to satisfactorily complete applicable background checks prior to the start date and during employment, in accordance with Sun Life's policies and practices.

The Base Pay range is for the primary location for which the job is posted. It may vary depending on the work location of the successful candidate or other factors. In addition to Base Pay, eligible Sun Life employees participate in various incentive plans, payment under which is discretionary and subject to individual and company performance. Certain sales focused roles have sales incentive plans based on individual or group sales results.

Diversity and inclusion have always been at the core of our values at Sun Life. A diverse workforce with wide perspectives and creative ideas benefits our Clients, the communities where we operate and all of us as colleagues. We welcome applications from qualified individuals from all backgrounds.

Persons with disabilities who need accommodation in the application process, or those needing job postings in an alternative format, may e-mail a request to thebrightside@sunlife.com.

We are proud to be a hybrid organization that offers our employees the choice and flexibility to work from both the office and virtually based on the needs of the business, our Clients and you! Several work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.

We may use artificial intelligence to support candidate sourcing, screening, interview scheduling.

We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.

Salary Range:

Job Category:

Posting End Date: