Offer summary

Qualifications:

5+ years of experience in systems engineering with a focus on Windows management., Expertise in Microsoft Intune and proficiency in Powershell scripting for automation., Familiarity with DevOps practices and experience with automation tools like Terraform and Jenkins., Knowledge of AWS services and understanding of endpoint hardening best practices..

Key responsabilities:

Manage and secure a fleet of Windows PCs and Windows 365 globally using Microsoft Intune.

Create and maintain workflows and images for Windows-based virtual machines in a VDI ecosystem.

Collaborate with other teams to automate provisioning and support procedures for Windows endpoints.

Ensure compliance with industry standards and deploy updates to maintain endpoint security.

Job description

We are looking for a Windows expert with a passion for managing complex desktop, cloud-based, and server infrastructure endpoints to join a Platform Engineering team. In this role, you will be part of the Business Technology (BT) Engineering Services team, focused on Windows management and security. You will be responsible for ensuring the security, usability, and deployment of all Windows-based endpoints, including physical PCs, Windows 365, and Amazon WorkSpaces.

Responsibilities

Manage a fleet of Windows PCs and Windows 365 globally with Microsoft Intune
Manage Federal VDI environment in GovCloud
Create workflows, pipelines, and images for Windows-based virtual machines in a VDI ecosystem (AWS Workspaces, Windows 365, AVD)
Ensure that endpoints meet industry standard / regulatory requirements (ex: NIST, CIS, STIG, etc.)
Deploy and update applications, configurations, settings, and scripts to all Windows endpoints, and keep devices up to date as new vulnerabilities are discovered
Collaborate with other BT teams to automate provisioning, de-provisioning, integrations, and support procedures for Windows endpoints
Manage Entra ID and Azure resources (e.g,. vNets, extension attributes, Conditional Access, roles)
Experience automating tasks with Microsoft Graph API and AWS CLI
Familiarity with DevOps practices, including configuration as code
Plan and prepare for future growth and scaling of the Windows program
Advocate for employees using Windows devices and provide them with the best user experience possible

Skills:

5+ years’ experience in systems engineering
Expertise managing Windows and Windows-based applications
Expert level Microsoft Intune knowledge, soup to nuts
Proficient in Powershell scripting and automation
Experience with MDM solutions (Microsoft Intune or other enterprise Windows management platforms)
Experience with version control systems such as Git, CodeCommit, etc.
Experience with Automation tools (GitHub Actions, GitLab pipelines, Terraform, Packer, Jenkins, Chef, Ansible, SaltStack)
Working knowledge of AWS Lambdas or similar serverless automation tools
Experience with VDI technologies and tools (AWS, Azure, Citrix, VMware)
Experience building and integrating (SAML OIDC, Attribute mapping) into Windows Management Systems
Experience with other Windows or endpoint management tools (e.g., Fleet / osquery, Patch My PC, PSAppDeployToolkit, WinGet, Chocolatey)
Knowledge of AWS (Lambda, WorkSpaces, Systems Manager, Directory Services)
Understanding of CIS Benchmarks and endpoint hardening best practices
Knowledge of SAML authentication and federation workflows
Good communication and writing skills, specifically technical documentation
Experience in defining/generating reports and metrics
Will be required to participate in on-call rotation

Bonus Points

Proficient in Python, Go, or other scripting languages
Experience with integrating Windows / Entra ID
Experience managing other endpoints: macOS, iOS, Android, Linux
Relevant IT industry certifications (Okta, AWS, Microsoft, ITIL, etc) are a plus
Experience with Federal requirements and FedRAMP compliance

Required profile