Intune Engineer

Must Have:

• Strong Sr. Level Experience with Microsoft Intune
• Strong experience in endpoint management in an enterprise sized environment
• Strong experience with Azure AD/ Entra ID; PowerShell scripting Windows 10/11 management and Conditional Access
• Must have good written and verbal communication skills

Job Description:

Overview

CLIENT is seeking an experienced Microsoft Intune Engineer to design build and deploy a new enterprise-scale Microsoft Intune environment supporting approximately 30000 global endpoints. This role will lead the greenfield implementation of Intune including Windows Autopilot endpoint security device compliance and application management while integrating with existing Microsoft 365 and security platforms.

The ideal candidate has deep technical expertise in Microsoft Endpoint Manager strong experience with large-scale device deployments and the ability to work across security infrastructure and end-user computing teams.

Key Responsibilities

Intune Architecture & Design

• Design and implement a new Microsoft Intune tenant architecture aligned with Tennecos security compliance and operational requirements
• Define device management strategy for Windows macOS iOS and Android (as applicable)
• Establish scalable device enrollment lifecycle and retirement processes for 30000 devices
• Document architecture standards and operational runbooks

Windows Autopilot & Provisioning

• Design and deploy Windows Autopilot for user-driven and/or pre-provisioned (white glove) scenarios
• Integrate Autopilot with Azure AD / Entra ID Conditional Access and identity lifecycle processes
• Develop standardized device profiles naming conventions and deployment rings
• Optimize provisioning performance and end-user experience

Device Configuration & Compliance

• Create and manage Intune configuration profiles security baselines and settings catalogs
• Implement device compliance policies aligned with corporate and regulatory requirements
• Integrate compliance with Conditional Access to enforce Zero Trust principles
• Support BitLocker Defender firewall and endpoint security configurations

Application & Update Management

• Package deploy and manage Win32 Microsoft Store and LOB applications
• Design application deployment strategies for global scale and reliability
• Implement Windows Update for Business and feature update rings
• Coordinate testing pilot and production rollout phases

Security & Integration

• Integrate Intune with Microsoft Defender for Endpoint and broader security tooling
• Partner with Security Architecture teams to align endpoint management with security controls
• Support audit readiness and reporting for compliance initiatives

Operations & Collaboration

• Provide Tier 3 engineering support for Intune-related issues
• Collaborate with infrastructure identity security and service desk teams
• Mentor junior engineers and contribute to operational maturity
• Support transition from project implementation to steady-state operations

Required Qualifications

Technical Skills

• 5 years of experience in endpoint management in enterprise environments
• 3 years of hands-on experience with Microsoft Intune / Endpoint Manager
• Proven experience deploying Windows Autopilot at scale
• Strong knowledge of:
  • Azure AD / Entra ID
  • Conditional Access
  • Windows 10/11 management
  • PowerShell scripting for automation and reporting
• Experience managing large device fleets (10000 endpoints)

Enterprise & Soft Skills

• Experience working in global multi-region organizations
• Strong documentation and communication skills
• Ability to lead technical design discussions and influence standards
• Comfortable working independently in a greenfield environment

Preferred Qualifications

• Experience in manufacturing or industrial enterprise environments
• Knowledge of macOS and mobile device management via Intune
• Familiarity with Zero Trust and modern endpoint security frameworks
• Microsoft certifications such as:
  • MD-102 (Endpoint Administrator)