Endpoint Engineer - INTUNE SPECIFIC with Security Clearance

Endpoint Engineer Responsibilities: Lead the administration and engineering of a Microsoft endpoint management solution (e.g., Intune), including policy creation and management, application deployment, device compliance, and conditional access configurations.

Design and implement hybrid identity solutions leveraging cloud-based directory services (e.g., Azure AD) and on-premises Active Directory for seamless identity management.

Utilize cloud automation tools (e.g., Azure Automation) and endpoint management platforms to manage and secure cloud-based and on-premises workstations and servers, ensuring they are patched to correct levels.

Develop and maintain cloud-based system templates and images for rapid deployment.

Manage and maintain Windows Server and PC images in both cloud and on-premises environments.

Identify, analyze, and resolve system problems with both short-term workarounds and long-term cloud-based solutions.

Write advanced scripts (e.g., PowerShell) and leverage cloud scripting services (e.g., Azure Functions) to automate systems administration tasks across cloud and on-premises environments.

Implement and manage a comprehensive endpoint management solution (e.g., Microsoft Endpoint Manager, combining Intune and SCCM). Design and implement cloud-based security solutions, including cloud security monitoring and management tools (e.g., Azure Security Center, AWS Security Hub). Provide guidance and work leadership to less-experienced cloud and systems engineers.

Qualifications: Required: Ability to obtain a security clearance or government suitability (e.g., DHS EOD). BA or BS + 7 years of applicable experience in endpoint management and systems administration.

5+ years of experience supporting software packaging and patching using an endpoint management tool (e.g., SCCM). 5+ years of experience with modern device management platform administration (e.g., Intune Autopilot). Strong working knowledge of a comprehensive endpoint management solution (e.g., SCCM and Intune) to include device enrollment, policy management, application deployment, compliance enforcement, and conditional access.

Solid understanding of virtualization platforms (e.g., VMware vCenter, Hyper-V). Functional understanding of database systems (e.g., Microsoft SQL Server) and Active Directory.

Expertise in operating system deployment methodologies and tools (e.g., MDT, SCCM) including image management, package creation, task sequences, and OSD.

Solid knowledge of scripting languages (e.g., PowerShell) to automate tasks and customize configurations.

Expertise with security vulnerability management processes, including testing, approval, and deployment.

Solid knowledge of Active Directory Security Groups, OUs, DNS, and Group Policy Object (GPO) management.

Solid Windows troubleshooting skills.

Strong understanding of networking concepts including VPN and certificate-based authentication.

Relevant Microsoft Endpoint Administrator certification (or equivalent). Relevant certification in an endpoint management tool (e.g., SCCM). Desired: ITIL v4 certification.

Advanced Microsoft Endpoint Management certification (or equivalent). Microsoft 365 Modern Desktop Administrator Associate certification (or equivalent). Experience with modern device provisioning and deployment (e.g., Autopilot, Zero-Touch Deployment). Familiarity with cloud services, particularly Microsoft Azure or AWS.

Permanent