Own and maintain the current Microsoft Intune environment, ensuring high availability, performance, and security compliance at all times.
Monitor, troubleshoot, and resolve endpoint management issues proactively, minimizing disruption to end users and business operations.
Manage device enrollment, configuration profiles, and compliance policies, across Co-managed and Hybrid Azure AD-joined environments.
Partner with the security team to enforce organizational compliance standards, CIS benchmarks, and regulatory requirements through Intune policy frameworks.
Conduct regular audits of the Intune environment, producing compliance reports and remediation plans as needed.
Develop repeatable, scalable deployment frameworks and templates to streamline onboarding of new employees.
Design, architect, and deploy new Intune environments as the organization scales into an MSP support model, supporting multiple customer tenants.
Establish and enforce best practices, standards, and governance models applicable across all managed tenants.
Collaborate with leadership and client stakeholders to understand requirements and translate them into Intune configurations and automation pipelines.
Design and implement automation solutions using PowerShell, Microsoft Graph API, and other scripting tools to reduce manual effort and increase operational consistency.
Apply DevOps principles including CI/CD pipelines, version control (Git), and Infrastructure-as-Code (IaC) methodologies to endpoint management workflows.
Integrate Intune with Azure DevOps or GitHub Actions for automated policy deployment, testing, and rollback capabilities.
Continuously identify opportunities to automate repetitive tasks, improving efficiency across both current and future client environments.
Serve as the subject matter expert (SME) for Intune and modern endpoint management across the organization.
Provide technical mentorship and guidance to junior engineers and IT staff on best practices, tooling, and architecture decisions.
Lead technical discussions, project planning sessions, and cross-departmental meetings to drive alignment on endpoint strategy.
Document solutions, runbooks, and standard operating procedures (SOPs) to ensure knowledge transfer and operational continuity.
Communicate technical concepts clearly to both technical teams and non-technical stakeholders, including leadership and clients.

Requirements

5+ years of hands-on experience designing, implementing, and deploying solutions with Microsoft Intune in production environments
Demonstrated experience with Co-management (Microsoft Endpoint Configuration Manager + Intune) and Hybrid Azure AD-joined device scenarios
Proven track record of managing Intune environments at scale, including multi-tenant or MSP-style deployments
Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent combination of experience and education which clearly indicates the ability to perform the essential functions of the position.
Deep expertise in Microsoft Intune: device enrollment (BYOD, Corporate), configuration profiles, compliance policies, app deployment, and Windows Autopilot.
Strong proficiency in PowerShell scripting and the Microsoft Graph API for automation and reporting.
Solid understanding of Azure Active Directory, Conditional Access, and identity-driven security models.
Functional knowledge of DevOps practices: CI/CD pipelines, Git-based version control.
Experience with Microsoft Endpoint Configuration Manager (MECM/SCCM) and Co-management workloads.
Familiarity with security frameworks such as CIS Benchmarks, NIST, or CMMC as they relate to endpoint compliance.
Understanding of network fundamentals, PKI, and certificate management as they apply to device management.
Exposure to zero-trust architecture principles as applied to endpoint and identity management.
Microsoft certifications such as MD-102 (Endpoint Administrator), MS-102, or AZ-104 (Azure Administrator) preferred.
Experience working in or transitioning an IT organization to an MSP or shared-services support model.
Familiarity with Microsoft Defender for Endpoint and its integration with Intune for endpoint security management.
Experience with Microsoft Sentinel, Azure Monitor, or Log Analytics for compliance reporting and alerting.
Prior experience leading or mentoring other engineers in a formal or informal capacity.

Benefits

Generous time off including Paid Time Off, 13 annual holidays, and volunteer time off
Day One Medical/Rx, Dental and Vision Plans
Family friendly benefits including Paid Caregiver Leave, Paid Parental Leave and Adoption Reimbursement
Performance/Incentive bonuses
Career advancement, training opportunities, Employee Resource Groups, and tuition reimbursement
Retirement programs including Matching 401(k) Contributions and Profit Sharing
Employer paid Short-Term Disability, Long-Term Disability and Life Insurance
myFlexPay partner – allows you to track, manage and access your pay anytime

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Microsoft IntunePowerShellMicrosoft Graph APIAzure Active DirectoryCI/CD pipelinesGitMicrosoft Endpoint Configuration ManagerWindows Autopilotnetwork fundamentalszero-trust architecture

Soft Skills

technical mentorshipcommunicationproject planningcollaborationproblem-solvingleadershipdocumentationauditingstakeholder engagementoperational continuity

Certifications

MD-102MS-102AZ-104