Own end-to-end Microsoft 365 and Intune architecture across corporate production, dev, and demo environments, including tenant strategy, governance, and lifecycle management.
Build, automate, and maintain multi-tenant demo and test environments with seeded data, realistic users, and scripted resets for Engineering, Product, and Sales teams.
Standardize and streamline Intune device management: Autopilot, enrollment, configuration and compliance policies, Win32/MSIX app packaging and deployment, patching, and reporting for Windows and macOS endpoints. Manage iOS and Android MDM as needed.
Own laptop deployment configuration, including establishing golden Windows images, standard baselines, and endpoint hardening policies in partnership with the Security team.
Implement reusable infrastructure-as-code and automation (PowerShell, Microsoft Graph, Bicep/Terraform, CI/CD) for environment provisioning and policy enforcement.
Collaborate with the Security team to define and enforce Entra ID policies, including conditional access, MFA, RBAC/PIM, and zero trust configurations — integrating with our Okta-centric identity ecosystem.
Manage M365 tenant administration across multiple environments, including app registrations, Graph API scopes, licensing optimization, and Entra configuration.
Provide Tier 3 support and root-cause analysis for Microsoft platform issues; build monitoring, alerting, and reporting to proactively identify and resolve problems before they impact employees.
Create and maintain clear documentation, runbooks, architecture diagrams, and golden configurations; enable self-service where practical.
Partner with Engineering and Product on validation scenarios and with Sales on accurate, compelling demo environments; track KPIs on environment readiness and Intune adoption.

Requirements

7+ years of experience in IT systems engineering, with deep expertise in Microsoft Intune and M365 administration at scale.
Hands-on experience managing multi-tenant Microsoft environments, including production, dev, and demo configurations.
Proven success building automated demo and test labs, including data seeding and environment reset workflows.
Strong PowerShell and Microsoft Graph API skills; solid infrastructure-as-code experience (Bicep or Terraform) and CI/CD pipelines.
Deep Intune experience: Autopilot, Win32/MSIX packaging, configuration and compliance policies, BitLocker/FileVault, patching, and endpoint analytics across both macOS and Windows.
Experience with Entra ID (Azure AD), including conditional access, SSO, identity governance, and integration with third-party identity providers such as Okta.
Solid understanding of security frameworks and best practices (Zero Trust, least privilege, conditional access, MFA).
Strong communication and stakeholder management skills, with the ability to translate technical concepts for non-technical audiences including legal professionals.

Benefits

Comprehensive health, dental and vision coverage
Retirement benefits (401k match up to 4%)
Flexible PTO

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Microsoft 365IntunePowerShellMicrosoft Graph APIBicepTerraformCI/CDAutopilotWin32/MSIX packagingendpoint analytics

Soft Skills

communicationstakeholder managementroot-cause analysisdocumentationcollaboration