Microsoft Intune Engineer / Endpoint Management Specialist

Location: Palo Alto, CA – Hybrid Pay Rate: $39.50 – $44.50/hr Duration: 6-month contract Schedule: Standard Working Hours

Summary

We are seeking a skilled Microsoft Intune Engineer to own and advance our endpoint management strategy within a fast-paced Enterprise IT environment. The ideal candidate will serve as the subject matter expert for Microsoft Intune and the broader Microsoft Endpoint Manager (MEM) ecosystem, ensuring secure, compliant, and well-managed device fleets across macOS, Windows, iOS, and Android platforms. This role is responsible for driving end-to-end policy management, deployment testing, and cross-functional collaboration with Security and Compliance teams to support a Zero Trust security posture.

Job Responsibilities

In this role, you will manage and support a variety of projects within the Enterprise IT department. Key responsibilities include:

• Serving as the subject matter expert for Microsoft Intune and the Microsoft Endpoint Manager ecosystem across all supported platforms
• Owning device policy management including authoring, testing, versioning, and retiring policies across the full device lifecycle
• Leading end-to-end deployment testing for all policy changes, app deployments, and configuration updates prior to production rollout
• Managing and maintaining the Company Portal experience to ensure apps are correctly published and accessible to end users
• Maintaining software currency across the device fleet including application versions, OS updates, and security patches
• Partnering with Security and Compliance teams to align device posture with organizational standards
• Providing escalation support and mentoring junior IT staff on endpoint management best practices

Essential Job Duties and Job Functions

• Design, deploy, and maintain Microsoft Intune policies for device enrollment, configuration, compliance, and app management across Windows, macOS, iOS, and Android
• Manage conditional access policies in integration with Microsoft Entra ID (Azure AD) to enforce Zero Trust security principles
• Lead device lifecycle management including enrollment, provisioning, policy assignment, and decommissioning
• Develop and maintain Autopilot and Apple DEP/ABM enrollment workflows
• Troubleshoot and resolve endpoint management issues including policy conflicts, enrollment failures, and compliance gaps
• Support software deployment, patch management, and app packaging through Intune
• Create and maintain technical documentation, runbooks, and SOPs for Intune configurations and deployment test results
• Evaluate new Intune features and Microsoft 365 endpoint capabilities and recommend adoption where appropriate
• Submit, document, and communicate changes through formal change control workflows (CAB, RFC, etc.)

Knowledge and Skills

• Deep knowledge of MDM and MAM policies across Windows, macOS, iOS, and Android platforms
• Experience managing device policy at scale including policy conflict resolution, scope tagging, and deployment ring strategy
• Proficiency with Microsoft Entra ID (Azure AD), Conditional Access, and device compliance policies
• Strong working knowledge of Windows Autopilot and Apple Business Manager / Device Enrollment Program
• Understanding of certificate management (SCEP/PKCS) and network access control (Wi-Fi/VPN profiles)
• Familiarity with PowerShell scripting for automation and reporting
• Solid understanding of security baselines (CIS, NIST, Microsoft Security Baselines)
• Strong working knowledge of change management principles and ITSM frameworks such as ServiceNow or Jira
• Clear written and verbal communication skills with the ability to explain technical concepts to non-technical stakeholders
• Strong analytical and troubleshooting skills with a detail-oriented mindset

Preferred:

• Microsoft certifications: MD-102 (Endpoint Administrator), SC-300, or MS-102
• Experience with Microsoft Defender for Endpoint integration with Intune
• Familiarity with JAMF or other MDM platforms
• Exposure to M365 E3/E5 licensing and feature management

Education and Experience

• 3+ years of hands-on Microsoft Intune administration experience in an enterprise environment
• Demonstrated experience designing and executing end-to-end deployment testing processes including staged rollouts and rollback planning
• Experience in a high-growth or technology/manufacturing company environment preferred

...