Endpoint Engineer/Architect

Apply for job

Job description

Title: Senior Microsoft Intune Engineer (Enterprise Endpoint SME)

Type: Contract (Long-Term Contract-to-Hire)
Location: Hybrid Commute – Atlanta, Near The Battery

Overview

We are seeking a Senior Microsoft Intune Engineer to serve as the organization’s subject matter expert for modern endpoint management and security, with a strong focus on the Microsoft ecosystem.

This role is responsible for designing, implementing, and optimizing Intune-driven endpoint management across a 6,500+ user environment. You will lead the transition to a cloud-first, Intune-centric architecture, driving device compliance, security posture, and lifecycle automation at scale.

This is a hands-on, highly technical role for someone who lives and breathes Intune—capable of architecting solutions, solving complex challenges, and influencing enterprise-wide endpoint strategy.

Key Responsibilities

Microsoft Intune Ownership & Strategy

  • Serve as the primary owner and SME for Microsoft Intune / Endpoint Manager across the enterprise
  • Design and implement Intune architecture, including device configuration profiles, compliance policies, and security baselines
  • Lead the evolution from traditional management (SCCM) to modern, cloud-first Intune management
  • Define and enforce device compliance policies aligned with security and regulatory frameworks

Modern Endpoint Management & Automation

  • Lead deployment and optimization of:
    • Windows Autopilot (zero-touch provisioning)
    • Conditional Access policies tied to device compliance
    • Co-management strategy and eventual SCCM deprecation
  • Build and maintain automated provisioning, configuration, and remediation workflows using Intune and PowerShell
  • Administer and optimize:
    • BitLocker encryption policies
    • Microsoft Defender for Endpoint integration
    • Device health monitoring and compliance reporting

Patch Management & Device Lifecycle

  • Own Windows Update for Business (WUfB) strategy, including update rings, feature updates, and patch governance
  • Ensure consistent and timely patching across all endpoints using Intune-native capabilities
  • Develop lifecycle strategies for:
    • Device provisioning
    • OS upgrades
    • Device retirement and refresh

Security, Compliance & Governance

  • Partner with Information Security, Risk, and Compliance teams to enforce endpoint security controls
  • Align Intune configurations with frameworks such as:
    • SOC 2
    • HIPAA
    • NIST / CIS benchmarks
  • Support audits by providing documentation, reporting, and evidence of endpoint compliance
  • Implement and monitor secure configuration baselines and policy enforcement

Operational Leadership & Escalation

  • Act as the Tier 3 escalation point for complex Intune and endpoint-related issues
  • Lead troubleshooting for device compliance failures, policy conflicts, and deployment issues
  • Mentor junior engineers and IT staff on modern endpoint management best practices
  • Drive continuous improvement in endpoint performance, security posture, and user experience

Required Qualifications

Must-Haves

  • 8+ years of enterprise endpoint engineering experience with a strong focus on Microsoft Intune
  • Deep, hands-on expertise with:
    • Microsoft Intune / Endpoint Manager (expert level)
    • Azure AD / Entra ID
    • Windows 10/11 management in enterprise environments
  • Proven experience implementing:
    • Autopilot (zero-touch deployments)
    • Conditional Access with device compliance policies
    • Windows Update for Business (WUfB)
  • Strong PowerShell scripting for automation and remediation
  • Experience leading modern endpoint transformations (SCCM → Intune)
  • Solid understanding of endpoint security and compliance frameworks

Preferred / Standout Experience

  • Experience with:
    • Microsoft Defender for Endpoint
    • Endpoint security baselines and hardening
    • Zero Trust architecture principles
  • Relevant Microsoft certifications (Intune, Endpoint Management, Security)
  • Experience in large-scale environments (5,000+ endpoints)

Additional Qualifications

    • Bachelor’s degree in IT or related field (preferred)
    • Strong understanding of networking fundamentals (IP, DNS, LAN/WAN)
    • Experience working in regulated environments (SOC 2, HIPAA, ISO)
    • Ability to balance security, user experience, and operational efficiency

 

Why This Role:

This is a long-term contract-to-hire opportunity with a well-known Atlanta organization. You’ll have high visibility and the chance to make a major impact on endpoint management, security, and digital workplace modernization.

 

Apply Today:

Send your detailed resume to begin discussions on this exciting opportunity!

Job details

Job type Contract

Location Atlanta, GA

Reference JOB-5013

Apply now

"*" indicates required fields

Step 1 of 3

Accepted file types: pdf, doc, docx, txt, Max. file size: 4 MB.
If hired, will you now or in the future require sponsorship for employment visa status (e.g., H-1B visa)?
Employment with Tier4 Group and our clients may be contingent upon successfully passing a background check, in compliance with applicable laws. Do you consent to a background check if offered employment?
Are you legally authorized to work in the United States?*