Senior Intune Engineer

We are seeking a senior endpoint engineering leader to drive the modernization of our device management strategy and accelerate the transition from a co-managed SCCM/Intune model to a cloud-first Intune environment. This role is responsible for designing scalable, secure, and operationally efficient endpoint management solutions across Windows, macOS, iOS, and Android, while strengthening compliance, improving the user onboarding experience, and reducing reliance on legacy infrastructure. The ideal candidate brings deep technical expertise, strong architectural judgment, and the ability to partner across infrastructure, security, and support teams to deliver measurable business and operational outcomes., * Lead the phased migration from a co-managed SCCM/Intune environment to an Intune-first operating model, defining standards, sequencing workloads, and reducing long-term dependency on legacy infrastructure

• Architect and govern endpoint management policies across Windows, macOS, iOS, and Android to deliver secure, consistent, and scalable device operations
• Design, implement, and continuously optimize Intune configuration profiles, compliance policies, security baselines, and device restrictions aligned to enterprise and Zero Trust requirements
• Own and improve Windows Autopilot deployment experiences to enable reliable, low-touch provisioning and faster end-user readiness
• Standardize and manage application packaging, deployment, update, and retirement processes to improve software delivery reliability and endpoint stability
• Develop and enforce mobile device and mobile application management strategies that balance security, usability, and platform-specific requirements
• Strengthen endpoint security posture through compliance controls, Conditional Access integration, and alignment with Microsoft Defender for Endpoint and broader identity-driven access policies
• Partner with infrastructure, security, identity, and support teams to resolve complex endpoint issues, guide technical decisions, and improve operational processes
• Create and maintain technical standards, operational runbooks, and implementation documentation to support governance, consistency, and long-term supportability, * Establishes a clear and sustainable migration path from SCCM co-management to an Intune-first model with measurable progress against modernization goals
• Improves consistency and governance of endpoint policies, compliance controls, and deployment standards across supported platforms
• Delivers a reliable, low-friction device provisioning experience through well-designed Windows Autopilot and enrollment workflows
• Reduces operational complexity by standardizing app deployment, automating repeatable tasks, and improving documentation and support readiness
• Strengthens endpoint security and compliance posture through close integration of device management, identity controls, and modern security practices, This role operates in a complex enterprise environment with a diverse endpoint fleet and a strong emphasis on cloud-first management, security, and operational standardization. The Senior Intune Engineer will work closely with infrastructure, identity, security, and support teams to guide endpoint strategy, influence technical direction, and improve the scalability, resilience, and user experience of modern device management services.

Do you have experience in macOS administration?, Do you have a Associate's degree?, * 5+ years of hands-on experience administering and engineering Microsoft Intune in a large-scale enterprise environment

• Demonstrated success leading or executing migrations from SCCM co-management to a modern Intune-first endpoint management model
• Strong expertise in device configuration, compliance policy design, application packaging, and software deployment lifecycle management
• Hands-on experience managing Windows, macOS, iOS, and Android devices in a unified endpoint management environment
• Deep experience with Windows Autopilot, modern provisioning methods, and enrollment strategy design
• Strong knowledge of Microsoft Entra ID, device compliance, and Conditional Access policy integration
• Proficiency in PowerShell scripting and automation to support endpoint administration, remediation, and operational efficiency
• Strong analytical, troubleshooting, and communication skills, with the ability to independently drive complex technical work across cross-functional teams, * Experience planning or executing the decommissioning of SCCM infrastructure as part of a broader cloud modernization effort
• Familiarity with Microsoft Defender for Endpoint and its integration with Intune for compliance, security monitoring, and risk-based access decisions
• Knowledge of Zero Trust principles and their application to endpoint management, device compliance, and identity-driven access controls
• Relevant Microsoft certifications such as MD-102, AZ-104, or security- and identity-focused credentials
• Experience with an automated tool like Rimo3 is a plus
• Experience using reporting tool Lik Power BI is preferred, * Strong problem-solving and leadership skills
• Ability to design scalable endpoint solutions
• Excellent communication and documentation
• Self-driven and able to work independently, * Associate (Preferred)

Experience:

• Microsoft Intune: 5 years (Preferred)
• Enterprise architecture: 5 years (Preferred)

License/Certification:

• Microsoft 365 Certified: Endpoint Administrator Associate (Preferred)

Work Location: Hybrid remote in Chicago, IL 60661

Pulled from the full job description

• 401(k)
• Health insurance
• Paid time off
• Vision insurance
• Dental insurance
• Flexible spending account, * 401(k)
• Dental insurance
• Flexible spending account
• Health insurance
• Paid time off
• Vision insurance