Primary Duties & Responsibilities
- Manage and support a 10,000+ user environment with a strong emphasis on Intune (MDM/MAM), device enrolment, compliance policies, and endpoint management.
- Configure, troubleshoot, and maintain Intune and Microsoft Endpoint Manager services, ensuring device security, patching, and compliance with organizational standards.
- Provide day-to-day administration and production support for Intune/MDM, Microsoft 365, Teams, and OneDrive environments.
- Develop, deploy, and maintain device configuration profiles, compliance policies, app protection policies, and conditional access rules.
- Monitor system health, performance, and compliance posture of managed devices, proactively identifying and resolving potential issues.
- Practical knowledge of device enrolment methods (Autopilot, Apple DEP, Android Zero-Touch), Active Directory/LDAP, DNS, mail routing, and patch management.
- Administer security baselines, BitLocker encryption, Windows Update for Business (WUfB), and mobile application deployment via Intune.
- Collaborate with security and infrastructure teams to maintain device security posture, identity protection, and zero-trust policies.
- Other duties as assigned.
Requirements
- Strong background in Intune / Microsoft Endpoint Manager (MDM/MAM) administration and support.
- 5 to 8+ years of experience in M365 administration, with at least 3+ years hands-on experience in Intune/MDM.
- Proven experience implementing, migrating, and supporting large-scale environments (10,000+ users and devices) from legacy on-prem to M365.
- In-depth understanding of Active Directory, Azure AD, conditional access, endpoint security, and device lifecycle management.
- Experience with patch management, compliance monitoring, and security baselines using Intune and related tools (e.g., SCOM, Defender for Endpoint).
- Ability to perform under pressure in a fast-paced, enterprise IT environment.
- Excellent communication and documentation skills with a collaborative, team-oriented mindset.
