Job Description Summary

Job Description

Key Responsibilities

1. Global Scalability & Lifecycle (100k Nodes)

• Architectural Strategy: Design and maintain a Cloud-First endpoint strategy that scales to 100000 nodes across global regions.

• Staged Rollouts (Rings): Define and govern deployment rings (Canary Pilot Broad) to ensure stability during OS updates and application pushes.

• Data-Driven Decisions: Use KQL (Kusto Query Language) to build custom workbooks and dashboards in Log Analytics turning raw telemetry into actionable fleet health insights.

• Automation at Scale: Utilize Microsoft Graph API for bulk Intune object manipulation automated policy assignments and cross-tenant consistency.

2. Modern Provisioning (Intune / Autopilot)

• Zero-Touch Excellence: Mature the Windows Autopilot program to achieve a shrink-wrap to productivity experience.

• Frictionless Onboarding: Minimize the Enrollment Status Page (ESP) footprint by optimizing app blocking logic and offloading non-critical installs to post-provisioning phases.

• OEM Integration: Partner with hardware vendors to automate Hardware Hash harvesting and direct-to-employee shipping workflows.

3. Real-Time Operations (Tanium Ops)

• Fleet Hygiene: Architect Tanium workflows for real-time patching vulnerability remediation and software inventory.

• Instant Remediation: Design custom Tanium Sensors and Packages to identify and fix configuration drift (registry keys file versions or zombie processes) across the entire 100k fleet in seconds.

• Performance Monitoring: Leverage Tanium Performance telemetry to identify noisy apps or hardware bottlenecks before the user opens a ticket.

4. Security & Compliance (M365 E5)

• Identity-Driven Access: Design and manage complex Conditional Access (CA) policies that enforce device compliance as a prerequisite for accessing corporate data.

• Least Privilege: Implement Microsoft Endpoint Privilege Management (EPM) to eliminate local admin rights while providing a seamless elevation on-demand experience for developers and power users.

• Compliance Baselines: Maintain a Continual Compliance posture using Intune and Tanium to verify security baselines (BitLocker Defender Firewall) in real-time.

5. Advanced Root Cause Analysis

• Beyond the Reimage: Lead Tier 4 investigations into systemic issues. You are expected to dig into Intune Management Extension (IME) logs event viewers and ETL traces rather than defaulting to a factory reset.

• Telemetry Mastery: Proactively hunt for fleet-wide silent failures using Log Analytics and Tanium ensuring that the Root Cause is identified and automated away.

6. Leadership Experience and Financial Management

• Strategic Technical Leadership: Proven experience leading cross-functional engineering teams to define and execute multi-generational hardware roadmaps ensuring alignment with long-term corporate vision and market trends.

• Budget & P&L Management: Demonstrated proficiency in managing large budgets including OPEX/CAPEX allocation vendor contract negotiations and cost-benefit analyses to ensure product development remains profitable without compromising quality.

• Operational Financial Oversight: Ability to collaborate with Finance and Supply Chain teams to optimize costs track project burn rates and implement cost-reduction strategies through strategic component sourcing and platform standardization.

7. Drive and support M&A activities related to DWP

• Due Diligence & Infrastructure Assessment: Proven ability to conduct comprehensive technical audits of an acquisition targets endpoint environmentevaluating hardware lifecycles fleet health and security posturesto identify integration risks and estimate the total cost of ownership (TCO) for harmonizing disparate fleets.

• Post-Merger Integration (PMI) Strategy: Experience designing and executing scalable unified Day 1 and Day 2 hardware deployment strategies that ensure seamless user transitions including the standardization of global device personas and the consolidation of heterogeneous PC imaging and provisioning systems (e.g. Autopilot Intune).

• Digital Workplace Transformation & Synergy Realization: Demonstrated expertise in aligning acquired technology stacks with the parent companys Digital Workplace vision focusing on optimizing vendor contracts and hardware supply chains to capture immediate cost synergies while improving the overall employee experience (EX).

Technical Requirements

• Expertise: Significant experience in Endpoint Engineering with proven experience in an Architect-level role managing 50k nodes.

• Scripting: Mastery of PowerShell and familiarity with C# / .NET for Graph API integrations.

• Cloud Stack: Deep expertise in the Microsoft 365 E5 suite (Intune Defender for Endpoint Entra ID).

• Remediation: Proven experience with Tanium (specifically Patch Deploy and Asset modules).

• Data: Proficient in KQL (Kusto) for querying Azure Resource Graph and Log Analytics.

Soft Skills

• User-Centric Design: You view User Friction as a technical bug that must be fixed.

• Strategic Communication: Ability to translate 100k-node data trends into executive-level summaries.

• Mentorship: A desire to upskill Tier 2/3 engineering teams to adopt an Automate Everything mindset.

Additional Information