Microsoft Intune Configuration & Migration SME

About The Position

Requirements

• Active DoD Secret Clearance, with Top Secret eligibility
• BS degree and 8+ years of Windows systems administration/engineering experience. Experience can be substituted in lieu of degree
• CompTIA Security + CE or equivalent IAT Level II DoD 8570 certification
• Minimum of 5 years of enterprise endpoint management experience, with a primary focus on architectural design and migration.
• Deep hands-on expertise with Microsoft Intune and MECM/MCM, with proven experience designing and managing a co-managed environment.
• Understanding of DoD, DISA cybersecurity requirements
• Proven experience migrating a large portfolio of applications from a legacy platform (like MECM/MCM) to Microsoft Intune.
• Strong experience with MECM/MCM, including task sequences, collections, application deployments, and co-management.
• Strong experience with Azure Active Directory, including Hybrid Join, Conditional Access, and identity management.
• Advanced PowerShell scripting skills for automating application lifecycle and reporting tasks.
• Strong knowledge of Windows 11 operating systems, Group Policy Objects (GPOs), and modern policy management (CSPs).
• Ability to troubleshoot complex device enrollment, policy application, and migration issues in a large-scale enterprise.
• Must be able to commute onsite at least 3 days per week.

Nice To Haves

• DevSecOps software delivery model - Understanding of Agile methodology: CMMI, ITIL.
• Microsoft certifications such as MD-102 (Endpoint Administrator Associate), AZ-104 (Azure Administrator Associate), or equivalent.
• Strong organizational and execution skills with attention to detail.
• Ability to operate effectively under tight timelines and high-volume workloads.
• Excellent communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.
• Self-directed, proactive, and comfortable owning critical migration components.

Responsibilities

• Lead the architectural design and migration strategy for a large-scale transition to Microsoft Intune in a co-managed environment.
• Engineer and manage the end-to-end device lifecycle, from initial enrollment and configuration to compliance and retirement.
• Design, build, and troubleshoot the MECM/MCM task sequences required to migrate Windows endpoints to Intune management.
• Develop, configure, and deploy Intune policies, including Device Configuration Profiles, Compliance Policies, Security Baselines, and Conditional Access Rules.
• Implement and manage Windows Autopilot deployment profiles, including the Enrollment Status Page (ESP) for a zero-touch provisioning experience.
• Configure and manage the integration between Intune, Azure Active Directory (AAD), Microsoft Defender for Endpoint, and on-premises MECM infrastructure.
• Troubleshoot and resolve issues related to co-management workloads, device sync, and policy application.
• Track and report on migration progress, device compliance, and overall platform health.