We are looking for a highly skilled and hands-on Microsoft Intune Deployment Specialist / Microsoft Endpoint Administrator with strong expertise in Microsoft Intune, Windows Autopilot, Microsoft Entra ID (Azure AD), Endpoint Security, and Modern Device Management.
The ideal candidate should have real-world experience in deploying, configuring, securing, rebuilding, and managing enterprise devices in cloud-first environments using Microsoft technologies.
This role requires practical implementation knowledge in:
- Microsoft Intune Administration
- Windows Autopilot Deployment
- Enterprise Endpoint Security
- Device Build & Provisioning
- Cloud-based Device Management
- Endpoint Troubleshooting & Automation
The candidate should be capable of independently managing the complete endpoint lifecycle for corporate devices.
Key Responsibilities
Microsoft Intune Administration
- Design, implement, and manage Microsoft Intune environments for enterprise operations.
- Configure and maintain:
- Device compliance policies
- Configuration profiles
- Endpoint security policies
- Application deployment policies
- Conditional access integrations
- Manage device enrollment for:
- Windows 10/11
- Monitor endpoint compliance, security posture, and device health.
Windows Autopilot Deployment
- Configure and manage Windows Autopilot deployments for enterprise environments.
- Create and maintain:
- Autopilot deployment profiles
- Enrollment Status Pages (ESP)
- Dynamic device groups
- Pre-provisioning / White glove deployments
- Perform zero-touch deployment and provisioning of enterprise devices.
- Coordinate hardware hash imports and OEM device onboarding.
- Troubleshoot Autopilot deployment failures and enrollment issues.
Device Build & Provisioning Management
- Create, configure, and maintain standardized enterprise device builds.
- Handle:
- New laptop and desktop provisioning
- Existing device rebuilds and reprovisioning
- Device refresh and migration activities
- Prepare deployment-ready systems with:
- Operating system configuration
- Security baselines
- Application deployment
- Intune enrollment
- Endpoint security setup
- Configure and maintain Standard Operating Environment (SOE) builds.
- Support migration from traditional imaging methods to modern cloud-native deployment using Intune and Autopilot.
- Perform testing, validation, and quality checks before production deployment.
- Troubleshoot:
- Build failures
- Driver conflicts
- Enrollment issues
- Provisioning errors
- Policy conflicts
- Maintain documentation for deployment processes and device lifecycle procedures.
Microsoft Endpoint Management
- Administer and support:
- Microsoft Endpoint Manager
- Microsoft Intune Admin Center
- Microsoft Entra ID (Azure AD)
- Manage:
- Azure AD Join / Hybrid Azure AD Join
- RBAC permissions
- Device identities
- Endpoint analytics
- Group policy migration to Intune
- Support enterprise mobility and modern workplace initiatives.
Security & Compliance
- Configure and manage:
- Microsoft Defender for Endpoint
- BitLocker encryption policies
- Firewall & antivirus configurations
- Conditional Access policies
- MFA integrations
- Device compliance standards
- Support Zero Trust security implementation.
- Ensure enterprise devices comply with security and governance standards.
Application & Patch Management
- Deploy and manage:
- Win32 applications
- Microsoft 365 Apps
- Line-of-business applications
- PowerShell deployment packages
- Configure Windows Update for Business (WUfB) and update rings.
- Monitor patch compliance and deployment success rates.
Troubleshooting & Technical Support
- Diagnose and resolve:
- Intune enrollment failures
- Autopilot deployment issues
- Azure AD Join problems
- Compliance conflicts
- Application deployment failures
- Perform advanced troubleshooting using:
- Event Viewer
- Intune diagnostic logs
- PowerShell
- Endpoint analytics
- Windows troubleshooting tools
Automation & Scripting
- Develop automation scripts using:
- PowerShell
- Microsoft Graph API
- Automate device deployment, reporting, compliance checks, and operational tasks.
Support integration with third-party enterprise tools where required.