Senior Engineer - Systems

• Design, implement, and maintain enterprise Intune infrastructure, including configuration profiles, compliance policies, conditional access, and application management at scale.
• Architect manage Windows Autopilot deployment solutions across the organization, including profile design, device registration, and integration with Entra ID and Intune.
• Plan and execute migrations from on-premises or hybrid endpoint management environments (MECM/GPO) to a modern Intune-based management model, minimizing disruption to end users.
• Train, guide, and support cross-functional teams while streamlining system processes, improving workflow efficiency, and enhancing the overall user experience.
• Maintain a working knowledge of MECM infrastructure to support co-management scenarios, policy coexistence, and workload transitions to Intune.
• Configure and manage MECM and Intune co-management workloads to ensure a smooth transition toward cloud-native endpoint management.
• Define and enforce device configuration standards, security baselines, and compliance frameworks across managed endpoints.
• Provide technical guidance and mentorship to associate- and mid-level engineers on Intune, Autopilot, and endpoint management best practices.
• Partner with security, identity, and helpdesk teams to align endpoint management strategies with broader organizational goals.
• Own and maintain comprehensive documentation for Intune and Autopilot processes, migration playbooks, and infrastructure configurations., Intune infrastructure ownership - Design, implement, and maintain enterprise Intune infrastructure including configuration profiles, compliance policies, conditional access, and app management at scale.

-Autopilot program lead - Architect and manage Windows Autopilot deployment strategies across the organization, including profile design, device registration, and integration with Entra ID and Intune.

-Intune migration leadership - Plan and execute migrations from on-premises or hybrid management environments (MECM/GPO) to a modern Intune-based management model, minimizing disruption to end users.

-MECM infrastructure support - Maintain working knowledge of MECM infrastructure to support co-management scenarios, policy coexistence, and workload transitions to Intune.

-Co-management configuration - Configure and manage MECM and Intune co-management workloads, ensuring a smooth transition path as the organization moves toward cloud-native management.

-Policy & security architecture - Define and enforce device configuration standards, security baselines, and compliance frameworks across managed endpoints.

-Team mentorship - Provide technical guidance and mentorship to associate and mid-level engineers on Intune, Autopilot, and endpoint management best practices.

-Stakeholder collaboration - Partner with security, identity, and helpdesk teams to align endpoint management strategies with broader organizational goals.

-Documentation & runbooks - Own and maintain comprehensive documentation for all Intune and Autopilot processes, migration playbooks, and infrastructure configurations., Microsoft Intune - Expert Level

• Intune tenant configuration and administration
• Device configuration profiles (Windows, iOS, Android, macOS)
• Compliance policies and conditional access integration
• App deployment and management (Win32, MSIX, LOB apps)
• PowerShell and Intune scripting / remediation scripts
• Role-based access control (RBAC) within Intune
• Entra ID (Azure AD) device identity and hybrid join
• Endpoint security policies (Defender, BitLocker, Firewall)
• Update rings and Windows Update for Business
• Intune reporting and monitoring

Windows Autopilot - Expert Level

• Autopilot profile design and deployment strategy
• All deployment modes (user-driven, self-deploying, pre-provisioning)
• Hardware hash registration and OEM/reseller integration
• Enrollment Status Page (ESP) configuration and troubleshooting
• Autopilot Reset and device reprovisioning
• Integration with Entra ID and dynamic device groups

Intune Migration - Core Competency

• MECM to Intune workload migration planning and execution
• GPO to Intune configuration profile translation
• Co-management enablement and workload transition
• Hybrid Azure AD join to Entra ID join migration
• Stakeholder communication and change management during migrations
• Validation and testing frameworks for policy parity

'- Bachelor's degree in relevant field of study and 5+ years of relevant professional experience required, or equivalent combination of education and experience., * 5+ years of experience in enterprise endpoint management or systems engineering

• 3+ years of hands-on experience with Microsoft Intune in a production enterprise environment
• Proven experience leading or executing an Intune migration from MECM or GPO-based management
• Strong working knowledge of Windows Autopilot in an enterprise setting
• Familiarity with MECM/SCCM in a co-management or hybrid capacity

Must have the following experience for consideration, * Co-management configuration and workload management

• Site infrastructure and hierarchy awareness
• OSD and task sequence fundamentals
• Software deployment and patch management
• Client health and troubleshooting

Supporting & General Skills

• PowerShell scripting (intermediate to advanced)
• Microsoft Graph API (basic to intermediate)
• Entra ID / Azure AD administration
• Active Directory and Group Policy
• Networking fundamentals (DNS, DHCP, VPN, proxy)
• Windows 10/11 enterprise architecture
• Security baseline frameworks (CIS, DISA STIG awareness)
• Strong documentation and technical writing skills
• Project and migration planning, * Microsoft MD-102 (Endpoint Administrator) certified
• Microsoft SC-300 or AZ-104 a plus
• Experience with Microsoft 365 and Defender for Endpoint integration
• Familiarity with Zero Trust network access principles
• Experience working in regulated or compliance-driven environments

$102,720

Maximum Salary

$154,080