Microsoft Intune SME Engineer - Only applicable for H1B \ GC

About The Position

Requirements

• Microsoft Intune
• Windows Autopilot
• Windows OS
• PowerShell
• SCEP
• NDES
• Azure Active Directory
• PowerShell App Deployment Toolkit (PSADT)

Nice To Haves

• managing iOS
• iPadOS
• macOS devices

Responsibilities

• Develop and maintain Surface release builds, including validation processes, deployment automation, and comprehensive technical documentation to support consistent and scalable rollouts.
• Provide third-line engineering support for escalated issues related to Microsoft Intune, Windows Autopilot, and Windows OS, working closely with L3 operations teams to resolve complex technical challenges.
• Design, build, and maintain a structured knowledge base, including technical documentation, troubleshooting guides, and end-user support articles to promote self-service and reduce support overhead.
• Identify, document, and implement workarounds for known issues, while continuously improving operational processes through scripting, automation, and workflow optimization.
• Collaborate with security and compliance teams to support endpoint hardening, reduce risk exposure, and ensure alignment with organizational security standards.
• Customize and manage Windows OS builds, including branding, provisioning logic, and seamless integration with Autopilot and Azure Active Directory environments.
• Create and manage Intune Configuration Profiles, Compliance Policies, Microsoft Defender settings, Firewall rules, and other mobile device management (MDM) controls to enforce consistent device configurations.
• Oversee the full lifecycle of Windows devices, from provisioning to retirement, with additional experience in managing iOS, iPadOS, and macOS devices considered a plus.
• Package and deploy enterprise applications using PowerShell App Deployment Toolkit (PSADT), ensuring automation, version control, and rollback capabilities are in place.
• Implement and monitor patch management and vulnerability remediation strategies, ensuring timely updates and alignment with security best practices.
• Design and support certificate-based authentication workflows using SCEP and NDES for both user and device scenarios.
• Develop automated solutions to enforce compliance policies and streamline policy deployment using Intune and related tools.
• Skilled in PowerShell for scripting, automation, application packaging, and system configuration.
• Conduct performance tuning and capacity planning to ensure the scalability and reliability of Intune services and related infrastructure.
• Perform proactive monitoring and health checks of Intune deployments to detect and resolve issues before they impact end users.
• Collaborate with cross-functional engineering and operations teams to improve the overall user experience and drive innovation in endpoint management.
• Develop and execute test plans to validate new features, updates, and configurations within the Intune environment before production rollout.
• Provide mentorship and technical guidance to junior engineers, fostering a culture of continuous learning and collaboration.
• Analyze performance metrics and operational data to identify trends, generate insights, and recommend improvements to optimize endpoint management strategies