Sr Intune Endpoint Engineer

Voorhees, NJ - USA

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Details:

Stefanini Groupis looking forSr. Intune Endpoint Engineerfor a globally recognized company!For interested applicants click the apply button or you may reach out to Alfher Hidalgo at /Alfher for faster processing. Thank you!

Were hiring a Senior Intune Endpoint Engineer to take ownership of a partially migrated Intune tenant and bring it to a stable predictable and auditable state. This role requires someone who is deeply hands-on with Intune internals (IME behavior detection logic precedence/conflicts filters ESP) strong in Win32 app packaging and disciplined about testing rollout rings and documentation.

Core Responsibilities

Stabilization Troubleshooting and Intune Internals

Own day-to-day engineering and escalation for Intune: policies apps enrollment compliance and updates.
Troubleshoot when policies/apps dont applyusing a structured approach (assignment/scoping filters licensing device state IME logs MDM diagnostics event logs).
Diagnose and remediate policy conflicts and precedence issues across configuration profiles security baselines compliance policies scripts and (where applicable) co-management/GPO overlap.
Perform deep Windows troubleshooting when needed (Event Viewer Services Scheduled Tasks registry MDM diagnostics) to resolve issues without reimaging.

Win32 App Packaging Detection and Automation

Package and deploy complex Windows applications (non-MSI installers multiple components prerequisites) using Win32 app model.
Build reliable detection rules install/uninstall logic versioning and logging standards; manage supersedence and dependencies.
Create repeatable packaging standards (folder structure log locations naming/versioning conventions) and automate where possible with PowerShell and Graph.

Autopilot and Provisioning

Design implement and test Autopilot deployments (deployment profiles ESP device naming dynamic groups required apps enrollment flows).
Establish a repeatable Autopilot test plan and acceptance criteria before expanding scope.

Update Rings Feature Management and Verification

Implement and manage Windows Update for Business: update rings feature update policies quality updates deadlines and safeguards.
Verify what is actually happening on devices (Intune reporting device-side validation) and troubleshoot update compliance gaps.

Governance Change Control and Documentation

Implement operational maturity: change control peer review (where applicable) pilot rings rollback plans and post-change validation.
Maintain documentation that supports auditability and long-term maintainability: runbooks standards why behind configurations and conflict-avoidance guidance.
Produce drift detection and baseline comparison outputs (e.g. export Intune objects compare to a golden baseline report differences).

Security Layering Without Collisions

Partner with Security/IAM to layer WUfB Defender compliance baselines Conditional Access in a way that avoids conflicting settings and unintended lockouts.
Ensure endpoint security posture is strong while maintaining usability and operational stability.

Details:

Required Qualifications

5 years in endpoint engineering/EUC withsignificant enterprise Intune ownership.
Proven experience stabilizing or cleaning up apartially migrated / inconsistentIntune environment.
Strong knowledge of:
- Intune Management Extension (IME)behavior Win32 app processing and log-based troubleshooting
- Policy assignment/scopingfilters and conflict resolution
- Autopilot ESP design and troubleshooting
- Windows Update for Business rings and feature update control
Strong Windows 10/11 troubleshooting skills (Event Viewer services scheduled tasks registry MDM diagnostics).
Strong PowerShell skills used routinely for automation reporting and troubleshooting (Graph API preferred).
Ability to write clear documentation and operate with disciplined change control.

Preferred Qualifications

Co-management (ConfigMgr/SCCM) experience and understanding of how it can shadowor override Intune behavior.
Defender for Endpoint and endpoint security policy experience (BitLocker ASR firewall security baselines).
macOS and/or mobile management experience (iOS/iPadOS Android Enterprise).
PKI/cert profiles (SCEP/PKCS) Wi-Fi/VPN profiles and enterprise networking integrations.
Certifications (nice to have): MD-102 Azure/Entra Security certs.

#LI-AH1

#LI-REMOTE

Required Experience:

Senior IC

Details:Stefanini Groupis looking forSr. Intune Endpoint Engineerfor a globally recognized company!For interested applicants click the apply button or you may reach out to Alfher Hidalgo at /Alfher for faster processing. Thank you!Were hiring a Senior Intune Endpoint Engineer to take ownership of a ...

Details:

Core Responsibilities

Stabilization Troubleshooting and Intune Internals

Own day-to-day engineering and escalation for Intune: policies apps enrollment compliance and updates.
Troubleshoot when policies/apps dont applyusing a structured approach (assignment/scoping filters licensing device state IME logs MDM diagnostics event logs).
Diagnose and remediate policy conflicts and precedence issues across configuration profiles security baselines compliance policies scripts and (where applicable) co-management/GPO overlap.
Perform deep Windows troubleshooting when needed (Event Viewer Services Scheduled Tasks registry MDM diagnostics) to resolve issues without reimaging.

Win32 App Packaging Detection and Automation

Package and deploy complex Windows applications (non-MSI installers multiple components prerequisites) using Win32 app model.
Build reliable detection rules install/uninstall logic versioning and logging standards; manage supersedence and dependencies.
Create repeatable packaging standards (folder structure log locations naming/versioning conventions) and automate where possible with PowerShell and Graph.

Autopilot and Provisioning

Design implement and test Autopilot deployments (deployment profiles ESP device naming dynamic groups required apps enrollment flows).
Establish a repeatable Autopilot test plan and acceptance criteria before expanding scope.

Update Rings Feature Management and Verification

Implement and manage Windows Update for Business: update rings feature update policies quality updates deadlines and safeguards.
Verify what is actually happening on devices (Intune reporting device-side validation) and troubleshoot update compliance gaps.

Governance Change Control and Documentation

Implement operational maturity: change control peer review (where applicable) pilot rings rollback plans and post-change validation.
Maintain documentation that supports auditability and long-term maintainability: runbooks standards why behind configurations and conflict-avoidance guidance.
Produce drift detection and baseline comparison outputs (e.g. export Intune objects compare to a golden baseline report differences).

Security Layering Without Collisions

Partner with Security/IAM to layer WUfB Defender compliance baselines Conditional Access in a way that avoids conflicting settings and unintended lockouts.
Ensure endpoint security posture is strong while maintaining usability and operational stability.

Details:

Required Qualifications

5 years in endpoint engineering/EUC withsignificant enterprise Intune ownership.
Proven experience stabilizing or cleaning up apartially migrated / inconsistentIntune environment.
Strong knowledge of:
- Intune Management Extension (IME)behavior Win32 app processing and log-based troubleshooting
- Policy assignment/scopingfilters and conflict resolution
- Autopilot ESP design and troubleshooting
- Windows Update for Business rings and feature update control
Strong Windows 10/11 troubleshooting skills (Event Viewer services scheduled tasks registry MDM diagnostics).
Strong PowerShell skills used routinely for automation reporting and troubleshooting (Graph API preferred).
Ability to write clear documentation and operate with disciplined change control.

Preferred Qualifications

Co-management (ConfigMgr/SCCM) experience and understanding of how it can shadowor override Intune behavior.
Defender for Endpoint and endpoint security policy experience (BitLocker ASR firewall security baselines).
macOS and/or mobile management experience (iOS/iPadOS Android Enterprise).
PKI/cert profiles (SCEP/PKCS) Wi-Fi/VPN profiles and enterprise networking integrations.
Certifications (nice to have): MD-102 Azure/Entra Security certs.

#LI-AH1

#LI-REMOTE

Required Experience:

Senior IC