Key Facts

Remote From:

Maryland (USA)

Full time

Expert & Leadership (>10 years)

English

Hard Skills

Other Skills

•
Non-Verbal Communication
•
Time Management
•
Progress Reporting
•
Problem Solving

Roles & Responsibilities

Bachelor’s degree with 8-12 years of relevant experience or Master’s degree with 6-10 years of relevant experience
Active DoD Secret clearance
Experience migrating users and desktops to Microsoft Intune and packaging applications using Intune
Experience writing and troubleshooting PowerShell scripts

Requirements:

Design, implement, and optimize Microsoft Intune-based solutions for device migration from MECM/AD joined to Azure AD joined and Intune managed, collaborating with cross-functional teams.
Package, deploy, and maintain applications using Intune with emphasis on automation, version control, and user experience; create and manage Intune policies for app deployment and device compliance.
Configure Windows provisioning workflows (Intune, Autopilot, ESP) and Windows Update for Business policies; maintain standardized Windows 10/11 deployment images and imaging strategies.
Transition Group Policy Objects (GPOs) to modern Intune equivalents; ensure SCCM readiness; implement security controls, monitor security incidents with SIEM/SOC, and maintain thorough documentation.

Global Enterprise Services, LLC

About Global Enterprise Services, LLC

Global Enterprise Services (GES) is a SBA certified 8(a) and Service Disabled Veteran Owned Small Business (SDVOSB) that provides Information Technology (IT) and Telecommunications consulting and services. GES has proven experience in the federal, private and public IT and telecommunications sectors. Functional Areas • IT, Cloud and Telecom Services • Strategy Planning and Development • Acquisition and Contracting Support • Program / Project Management • System Engineering • Mediation Services • Staff Augmentation • Enterprise Cyber Security Services, including Information Assurance (IA) • Risk Assessment (IA, acquisition, and Program) • Web Design /Development • ServiceNow Administration /Development • Installation /Deployment of Data, Voice, Video, and Command and Control (C2) Solutions • Cloud and Legacy System Integration & Migration

Company type: SME

Founded: 2018

Company size: 1 - 10

Website LinkedIn See all jobs →

Job description

******This is a NINE (9) Month Assignment; however, history has shown that these migrations may continue beyond that timeline*****

GES is seeking an experienced Staff Unified Endpoint Management (UEM) Engineer to join our Defense Enclave Services (DES) team, who will support an extensive digital modernization program critical to Defense Information Systems Agency (DISA) and Department of Defense (DoD) Fourth Estate Agencies. The Staff UEM Engineer will be responsible for designing, implementing, and optimizing Microsoft Intune solutions, for migration from MECM and AD joined devices to Azure AD joined and Intune Managed. They will develop Intune policies, utilizing existing Active Directory group policies and work closely with cross-functional teams to architect and deliver robust, scalable, and secure solutions.

Primary Responsibilities
List daily duties and/or specific job responsibilities.

Design and implement Microsoft Intune-based solutions that align with user needs, security requirements, and enterprise standards
Package, deploy, and maintain applications using Intune, with a focus on automation, version control, and user experience
Create and manage Intune policies for application deployment, device compliance, security configurations, and configuration profiles
Ensure seamless integration with Microsoft 365 services, including Defender for Endpoint, Conditional Access, and Autopilot
Design and deploy Windows 10 and 11 provisioning workflows using Intune, Autopilot, ESP, and dynamic provisioning techniques
Configure and manage Windows Update for Business (WUfB) policies to ensure timely and secure OS updates
Maintain and evolve standardized Windows 10 and 11 deployment images, leverage both cloud-native and traditional imaging strategies.
Collaborate with infrastructure teams to transition Group Policy Objects (GPOs) to modern Intune equivalents (e.g., Settings Catalog, ADMX-backed policies)
Work closely with the Active Directory and SCC teams to ensure SCCM readiness and alignment with broader infrastructure goals
Implement security best practices and compliance frameworks within Intune, including endpoint protection, encryption, and data loss prevention
Monitor and respond to security incidents related to mobile devices and endpoints, integrating with SIEM and SOC workflows
Continuously evaluate and improve endpoint management processes, proposing innovative solutions and communicating effectively with leadership
Develop and maintain comprehensive documentation for Intune configurations, provisioning processes, legacy GPO mappings, and SCCM coexistence strategies

Required Qualifications:

Bachelor’s degree and 8-12 years of prior relevant experience or Master’s degree with 6-10 years of prior relevant experience
Active DoD Secret clearance
Experience migrating users and desktops to Microsoft Intune
Experience packaging applications using Microsoft Intune

Experience writing and troubleshooting Power Shell scripts
Experience working directly with customer and other stakeholders to interpret requirements / feedback and report status
Excellent written and verbal communication skills, a demonstrated ability to meet deadlines, and a strong problem-solving mindset
Familiarity with the Atlassian suite, including Jira and Confluence
Current IAT Level II (or higher) Certification such as Security + or CISSP

Desired Qualifications: