Overview
Skills
Job Details
Role Description
We seek a Lead Desktop Engineer with deep expertise in Windows 11 environments and enterprise
endpoint lifecycle management. This role is ideal for a technically astute, process-driven professional
who thrives in high-demand, multi-tenant environments and can serve as the Subject Matter Expert
(SME) for Windows and Microsoft Intune. You ll own the full Windows endpoint stack, lead Intune
administration across Windows and iOS devices, and act as a senior escalation point. Experience in the
media or entertainment industry is highly preferred, given the fast-paced nature and creative tooling
often involved.
Responsibilities
Windows Endpoint Management: Lead lifecycle management, configuration, and standardization
of Windows 11 devices across diverse client environments with a focus on performance, security,
and scalability..
Intune Ownership: Architect, deploy, and manage Microsoft Intune environments, including
device enrollment, compliance policies, configuration profiles, application deployment, and
conditional access strategies for Windows and iOS platforms.
Automation & Scripting: Develop and maintain PowerShell scripts and other automation tools to
streamline provisioning, patching, configuration management, reporting, and endpoint
monitoring.
Security & Compliance: Implement and enforce hardening standards, BitLocker encryption,
compliance frameworks (CIS, NIST), and endpoint protection strategies. Support Zero Trust and
modern device management principles..
Cross-Platform Integration: Collaborate with macOS, mobile, and cloud platform engineers to
ensure seamless device integration across Azure AD, Microsoft 365, and identity/security stacks
Advanced Support & Escalation: Act as the final technical escalation point for Windows and
Intune-related issues. Conduct root cause analysis (RCA) and drive long-term resolution plans.
Application Packaging & Deployment: Manage application packaging, deployment, version
control, and compliance for enterprise software using Intune and supporting tools..
Documentation & Mentorship: Produce and maintain detailed system and support
documentation. Guide and mentor junior engineers and support analysts.
Project Leadership: Lead endpoint modernization projects, including Windows upgrades, zero
touch deployments, security remediation efforts, and MDM platform enhancements
Working hours
Our usual working hours will be Monday through Friday between 8 a.m. and 6 p.m. (EST), with times
subject to change. This will be an 8-hour shift with a 1-hour lunch. Due to the nature of the work, you
may need to start earlier or work later, depending on user and business requirements.
Requirements
7+ years of enterprise IT experience with 5+ years focused on Windows endpoint management.
Extensive MS Intune expertise Intune/Microsoft Endpoint Manager certifications highly
preferred (e.g., MD-102, MS-102).
Experience managing Windows 11 devices, Azure AD join/hybrid join, and compliance policies..
Proficient scripting skills in PowerShell (required) and automation frameworks.
Hands-on experience with M365 administration and conditional access policies.
Working knowledge of security tools, encryption, and endpoint monitoring platforms.
Excellent documentation, communication, and client management skills.