Purpose The Desktop Support Engineer is a regional role reporting to the Global IT Director, with a strategic focus on keeping the end-user technology that people from Orion Health’s and its sister companies across the HEALWELL.ai Group rely on every day secure, available, and easy to use. The role is the front line of the IT experience. Success looks like… The IT experience is something Orion Health and HEALWELL.ai people talk about positively. Internal customers consistently rate support interactions positively. First-contact resolution and mean time to resolve trend down quarter over quarter; repeat issues are tracked and eliminated at the root cause. Every Orion Health and HEALWELL device is enrolled in MDM, encrypted, patched within policy, and compliant with the current security baseline. Onboarding and offboarding are completed accurately and on time. Documentation is current: every recurring issue has a runbook; every common request has a self-service article. Repeat manual work is identified and automated. Success in this role is reliant on living the Orion Health Values. Key Relationships Global IT Director, Global IT Services team, Global Security team, regional office leads, People & Culture team (for onboarding/offboarding), external, and all employees as the user base. Key Responsibilities End-User Support - Be the primary point of contact for hardware, software, identity, and connectivity issues across macOS, Windows, iOS, and Android. Identify, document, and manage incidents to minimize disruption.

Identity & Access - Administer the user lifecycle in Entra ID and Active Directory — including SSO, MFA, conditional access, and group-based entitlements. Handle access requests, approvals, and quarterly access reviews. Endpoint Management - Provision, configure, and decommission devices through MDM platforms (JAMF for macOS, ManageEngine for Windows). Maintain configuration profiles, compliance policies, and patch baselines. Onboarding & Offboarding - Deliver a new-hire day-one experience that is fast and friendly. Provision the device, accounts, and access; walk new hires through the essentials. On offboarding, revoke access immediately, recover hardware, and leave no orphaned accounts. Documentation - Contribute to the IT knowledge base for all users. Write and maintain runbooks, user-facing how-tos, and internal procedures. Local Network Support - Provide local office networking support: Wi-Fi and ISP escalation. Partner with the network team on anything beyond local troubleshooting. Asset Management - Keep hardware and software inventory accurate in the asset portal. Track devices through their full lifecycle — purchase, deployment, refresh, decommission, disposal. Meeting-Room & Collaboration AV - Support meeting-room audio and video systems and remote-collaboration tooling. Ensure hybrid meetings work as reliably as in-person ones. Behavioural and Technical Capabilities Customer-first instinct: Strong empathy and patience with both technical and non-technical audiences. Skilled communicator across all levels of the organisation — comfortable engaging with everyone, from individual contributors to the executive team. Globally minded teammate, comfortable supporting and collaborating with IT colleagues across regions and time zones Documentation as a habit. Captures fixes while they're fresh and keeps the KB accurate. Self-starter with a flexible mindset, finds the next useful thing to work on without prompting, and adapts comfortably across tools, priorities, and teams. Endpoint management: JAMF and ManageEngine administration. Improvement-minded, suggests and ships AI assists, automations, and process improvements that make the whole IT function more efficiently. Identity platforms: Entra ID — conditional access, SSO (SAML/OIDC), MFA, and group-based access control. Operating systems: macOS, Windows 11, iOS, Android — administration, troubleshooting, and security baselines. Microsoft 365 administration (Exchange Online, SharePoint, Productivity applications, and Teams). Ticketing and Documentation tools (Atlassian Jira Service Management and Confluence) Patch and vulnerability management fundamentals, understand how to configure patch policies and dynamic device groups in JAMF and ManageEngine, interpret patch compliance data, and troubleshoot failed installs. Experience 2 or more years in a desktop support, IT support, or end-user computing Supporting a multi-platform user base (macOS, Windows, and mobile) in a global, hybrid or distributed workforce Hands-on with at least one MDM platform and one identity platform in production. Writing technical documentation Working ticket queues against SLAs Qualifications A tertiary qualification in a related field, or industry certifications (CompTIA A+/Network+/Security+, ITIL Foundation) or equivalent hands-on IT work experience.