Senior IT Modern Workplace Specialist

Marquardt GmbH
Tuttlingen, Germany
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English, German
Experience level
Senior

Job location

Tuttlingen, Germany

Tech stack

Microsoft Access
Microsoft Windows
Admin Tools
Document Management Systems
Identity and Access Management
System Center Configuration Manager
Powershell
Azure
Microsoft InTune
Azure Security Center
Windows Client

Job description

  • Design, implement, and maintain device configuration profiles, compliance policies, and reference OS builds.
  • Own Windows deployment scenarios
  • Define and enforce endpoint security baselines according to industry standards.
  • Deep dive into Group Policy Objects (GPO) and co-existence/migration scenarios from on-prem AD GPOs to cloud-native Intune CSPs.
  • Manage Privilege Access Management for endpoints
  • Drive standardization of Windows client images, feature updates, and quality update strategies
  • Collaborate with the security team on Conditional Access policies, MFA, and device compliance integration
  • Act as Tier-3 escalation point for complex client management incidents and requests
  • Create and maintain documentation, runbooks, and best-practice guidelines
  • Drive IT workplace projects to completion in collaboration with

Requirements

  • Minimum 5 years of professional experience in enterprise Windows client management
  • Deep, hands-on expertise with Microsoft Intune / Microsoft Endpoint Manager (policy creation, troubleshooting, reporting, Co-Management with ConfigMgr is a plus)
  • Strong knowledge of Windows 10/11 client architecture, Autopilot, Enrollment Status Page, and modern provisioning
  • Proven experience implementing and managing Privileged Access Management solutions for endpoints (Windows LAPS, Entra ID PIM for devices, removal of local admin rights, tiered administration models)
  • Solid understanding of Microsoft Entra ID (formerly Azure AD), Conditional Access, and device identity
  • Experience with PowerShell scripting for automation and reporting in the Intune environment
  • Familiarity with Microsoft Defender for Endpoint, ASR rules, and endpoint security best practices
  • Excellent documentation and communication skills in English (German is a plus)

Apply for this position