Senior Microsoft Intune Engineer

ABOUT YOU

Are you passionate about joining an inclusive work environment committed to leading new ideas and pathways and delivering value If the answer is Yes! then we have an exciting career opportunity!

Were seeking a high-impact well-rounded Senior Microsoft Intune Engineer to lead the evolution of our endpoint management this role youll collaborate with business users consultants internal teams and vendors to design and maintain resilient infrastructure systems that support our global operations.

For this role there is a strong preference for candidates based in Orange County CA. but open to remote within the US.

We have over 80 offices across the United States Canada Europe and Australia and are approaching 3500 employees all ready to provide solutions for environmental needs.

WHAT WE CAN OFFER YOU

Our Mission is: To help protect the air we breathe the water we drink and the soil that feeds us and is supported by our Principles: We Value Our People We Value Our Community We Value Our Clients We Value Our Shareholders. We care for the well-being of our people and offer:

• Mentorship and professional development resources to advance your career

• Direct exposure to our industrys leading experts who are solving the worlds toughest environmental challenges

• An entrepreneurial environment where you can learn thrive and collaborate with talented colleagues

• Competitive compensation package: annual salary ranging from $130000 to $150000 commensurate with accomplishments performance credentials and geography

• Competitive medical dental and vision insurance coverage

• 401k with a competitive 4% employer match

• Progressive vacation policies company holidays and paid parental leave benefits to ensure work/life balance

• A financial assistance program that supports peers in need known as the Montrose Foundation

• Access to a student loan planning tool to optimize your student loan payoff plans and compare student loan rates with lenders.

A DAY IN THE LIFE:

We are seeking a highly skilled and certified Microsoft Intune Configuration Manager with 5 to 8 years of hands-on experience in endpoint management and Microsoft 365 deployments. The ideal candidate will be an expert in deploying managing and supporting Microsoft Intune Microsoft Endpoint Manager and the broader M365 ecosystem. You will play a key role in architecting and maintaining secure scalable and efficient device management solutions for a modern workplace.

As a Senior Microsoft Intune Engineer specializing in Microsoft 365 and M&A integration your day involves monitoring endpoint health managing Intune policies and supporting device compliance across multiple platforms. You participate in cross-functional meetings focused on merger-related projects helping plan and execute device and tenant migrations. You collaborate with security operations teams and work with supplication owners to troubleshoot escalated issues deploy applications refine security policies and automate tasks using PowerShell and Graph API throughout the day you collaborate supporting teams while documenting processes and contributing to long-term endpoint strategy and integration planning.

Specific responsibilities of the position include but are not limited to:

• Architect implement and manage Microsoft Intune for MDM configurations: device compliance configuration profiles application protection and endpoint security policies across all OS platforms to include Windows 10/11 macOS iOS and Android

• Lead the deployment and configuration of Microsoft 365 services including Exchange Online Teams OneDrive SharePoint Online and Microsoft Defender for Endpoint

• Build and manage Device Configuration Profiles: security baselines custom OMA-URI policies ADMX ingestion and compliance policies

• Configure and optimize Windows Autopilot Hybrid Azure AD Join White Glove/Pre-Provisioning and self-deploying scenarios

• Design Co-management architectures (SCCM Intune) including workload transitions and pilot ring strategies

• Experience with or exposure to premium features within the Microsoft Intune Suite such as Endpoint Privilege Management (EPM) Remote Help or Tunnel.

• Manage BitLocker encryption policies compliance reporting and recovery key backup integration with Azure AD and Entra ID

• Configure deploy and manage M365 apps for enterprise using Intunes Win32 App model MSAL and LOB app deployment with custom detection rules dependency chains and detection logic

• Work with Microsoft Defender for Endpoint Microsoft Purview and Defender for Cloud Apps for enhanced threat protection and compliance

• Designing and implementing solutions in alignment with a Zero Trust security framework using Microsoft Security Baselines and CIS or NIST frameworks via Intune profiles

• Implement and maintain Conditional Access policies MFA device compliance and App Protection Policies (MAM-WE) Privileged Identity Management (PIM) and Identity Governance policies

• Develop and maintain PowerShell scripts and Graph API automations for bulk device operations policy auditing and report generation

• Leverage Log Analytics (KQL queries) Azure Monitor and Intune Data Warehouse to build custom dashboards and alerts

• Optimize and tune Endpoint Analytics for visibility into device health startup performance and user experience metrics

• Establish lifecycle management processes for device provisioning retirement and compliance remediation workflows

YOUR EXPERTISE AND SKILLS

• Bachelors degree in computer science Information Technology or a related field

• 58 years of IT experience with at least 3 years focused on Intune in complex modern environments (3000 devices)

• Microsoft Intune (MDM/MAM Win32 App Packaging Configuration Profiles Compliance Deployment Rings)

• Windows Autopilot and Enrollment Status Page (ESP) optimization

• Azure AD / Entra ID (Hybrid Join Conditional Access RBAC Identity Protection)

• Strong experience with PowerShell scripting (Graph API JSON templates module scripting automation)

• MEMCM (SCCM) Co-management / tenant attach

• Hands-on experience in delivering global rollouts migration from legacy platforms (e.g. SCCM/MAMF/EntraID) customization and telemetry via Intune

• Microsoft Defender for Endpoint Microsoft 365 Defender and integration with security tools

• Endpoint Analytics KQL Log Analytics Intune Data Warehouse

• Networking knowledge of VPN integration certificates (SCEP/NDES) and NPS for device authentication

• App packaging and deployment: Win32 apps MSIX LOB apps VPP (iOS) Managed Play (Android)

Certifications Required / Strongly Preferred:

• Microsoft 365 Certified: Modern Desktop Administrator Associate

• Microsoft 365 Certified: Enterprise Administrator Expert (Strongly Preferred)

• Microsoft Certified: Azure Administrator Associate (Preferred)

• Microsoft Certified: Identity and Access Administrator Associate (SC-300) (Preferred)

• CompTIA: Security or ISC2 CCSP Certified Cloud Security Professional (Preferred)

The above statements are intended to describe the general nature of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities duties and skills required of employees so classified. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process or are limited in the ability or unable to access or use this online application process and need an alternative method for applying you may contact or for assistance.

MAKE THE MOVE TO ACCELERATE YOUR CAREER

We are going to be blunt the way we work may not suit everyone. We are a fast-paced dynamic and high-growth company. You are your own boss but you will get tons of guidance and plenty of support from talented super-smart colleagues and service providers. Therefore if freedom autonomy and head-scratching professional challenges attract you we could be the perfect match.

Want to know more about us Visit and have fun!

Montrose is an Equal Opportunity Employer. Montrose is committed to recruiting and hiring qualified candidates without regard to race religion sex sexual orientation gender identity age national origin ancestry citizenship disability or veteran status. Montrose is committed to providing access and reasonable accommodation in its employment for individuals with disabilities.