Consultant - Microsoft Solutions Architect

ABOUT KALLES GROUP:

Everyone deserves to be secure. Our mission at Kalles Group is to help secure the future for companies of all shapes and sizes.

While our expertise spans multiple disciplines our method remains consistent: building trust and relationship with people -- whether you are a client a consultant or--in this case--a candidate.

No matter what role you come from--whether youre an executive or just starting your career-you can expect our highest level of attention and respect. We want to find the right fit for each role but we also want you to find the right fit for your career.

We believe the best way to show you what our team is like is to treat you like youre already a part of it. We hope youll consider joining our team of experienced professionals who are building their careers at Kalles Groupand having fun while doing it.

We are seeking a Microsoft Solutions Architect with strong engineering delivery capabilities to lead and complete a complex migration from Microsoft Endpoint Configuration Manager (SCCM) to Microsoft Intune and Entra ID. This individual will operate in a dual capacityowning both the high-level architectural strategy and the hands-on detailed engineering executionto bring this in-flight project to a successful conclusion.

This role is ideal for a resource with deep experience in Microsofts modern endpoint management ecosystem strong hybrid identity knowledge and the ability to lead client scoping conversations map out technical plans and implement solutions directly with precision and accountability.

WHAT YOU WILL DO:

Architecture & Planning

• Lead scoping and technical discovery sessions with client stakeholders to assess SCCM Intune and hybrid Entra ID configurations.
• Design the end-state modern endpoint management and identity architecture incorporating zero trust principles Windows Autopilot and mobile device management best practices.
• Develop a migration strategy and execution plan for transitioning remaining SCCM workloads to Microsoft Intune including app deployments compliance policies configuration profiles and enrollment workflows.
• Define the technical roadmap for hybrid join cloud policy alignment and phased deprecation of legacy tooling.

Engineering Delivery & Execution

• Directly perform detailed level engineering tasks including configuring Intune policies compliance rules application packaging and deployment profiles.
• Build and manage Windows Autopilot deployment profiles and deployment workflows including device registration white-glove provisioning (as needed) and hybrid/Entra join integration.
• Execute complex hybrid identity configurations in Entra ID including Conditional Access hybrid join SSO MFA and device lifecycle governance.
• Engineer and optimize co-management scenarios resolving overlaps and dependencies between SCCM and Intune.
• Analyze migrate and replace legacy Group Policy Objects (GPOs) using Policy Analytics and PowerShell automation.
• Troubleshoot device enrollment issues Autopilot provisioning errors app deployment failures and compliance/reporting anomalies.

Documentation Handoff and Support

• Produce comprehensive technical documentation SOPs and engineering-level implementation guides for IT operations and support teams.
• Collaborate with infrastructure desktop and security teams to ensure integration operational stability and support readiness during and after migration.
• Deliver technical coaching and knowledge transfer sessions to client engineering and support resources.

ABOUT YOU:

• Your values:
  • Integrity: You believe in doing the right thing even when its uncomfortable seemingly inefficient or costly.
  • Purposefulness: You have a desire to serve others with your skillset and an openness to continuous learning and growth.
  • Ownership: You stick to your commitments follow up with action and seek clarity in communication & expectations.

Your experience:

• 10 years of experience with Microsoft infrastructure including direct engineering of endpoint and identity solutions.
• Proven track record designing and executing SCCM-to-Intune migrations including device onboarding app delivery and co-management.
• Hands-on experience configuring and deploying Windows Autopilot in both Azure AD Join and Hybrid Join scenarios.
• Expert-level knowledge of Microsoft Intune including compliance policies configuration profiles app protection and device lifecycle management.
• Expertise with Microsoft Entra ID (Azure AD) including hybrid identity architecture Conditional Access and governance.
• Strong PowerShell scripting skills for automating deployment device configuration and policy migration tasks.
• Experience supporting hybrid cloud environments and distributed user bases preferably within manufacturing or industrial sectors.

Preferred Certifications:

• Microsoft Certified: Endpoint Administrator Associate
• Microsoft Certified: Identity and Access Administrator Associate
• Microsoft Certified: Azure Solutions Architect Expert

Key Attributes:

• Capable of owning the full technical lifecycle from architecture to hands-on execution.
• Strong client-facing presence with consultative communication and leadership skills.
• Highly organized and analytical with structured problem-solving ability and focus on delivery.
• Comfortable working in partially completed or undocumented environments reverse-engineering where necessary.
• Able to design build and validate Windows Autopilot deployments aligned to enterprise operational requirements.

WHAT WE OFFER:

• Salary range for this role is $140000-$180000 per year dependent on experience.
• Medical dental vision plans.
• 401(k)
• 3 weeks of Paid Time Off PLUS 8 paid company holidays and 2 flexible holidays for anything you want to celebrate!
• Work/life balance we know theres more to life than work! We encourage our team to pursue other passions get outside and spend time with family. We work with clients and consultants to set expectations for a manageable workload.

LOCATION:

This role can be remote.

HOW TO APPLY:

Please fill out the form below (including uploading your most recent resume) and well be in touch! We know imposter syndrome can be a barrier to many great applicants. We hope youll still consider applying. Thats why weve made the application process as short and simple as possible.

Even if youre not a fit for the role you can expect to hear back from us! We want you to have the best experience as a candidate so please feel free to share feedback at any stage of the process to .

Kalles Group is an equal-opportunity employer and does not discriminate on the basis of creed nationality race ethnicity disability gender or other protected class.