Maximus is currently seeking an experienced Senior Engineer for our enterprise Endpoint Management strategy, with a primary focus on Microsoft Intune and Windows Autopilot infrastructure. In this role, you will serve as the subject matter expert for modern device management, lead Intune migrationefforts, and provide architectural guidance across the team. You will also bring working knowledge of MECM infrastructure to support hybrid management scenarios and assist in the broader transition to cloud-first endpoint management
Essential Duties and Responsibilities:
Design, implement, and maintain enterprise Intune infrastructure, including configuration profiles, compliance policies, conditional access, and application management at scale.
Architect manage Windows Autopilot deployment solutions across the organization, including profile design, device registration, and integration with Entra ID and Intune.
Plan and execute migrations from on-premises or hybrid endpoint management environments (MECM/GPO) to a modern Intune-based management model, minimizing disruption to end users.
Train, guide, and support cross-functional teams while streamlining system processes, improving workflow efficiency, and enhancing the overall user experience.
Maintain a working knowledge of MECM infrastructure to support co-management scenarios, policy coexistence, and workload transitions to Intune.
Configure and manage MECM and Intune co-management workloads to ensure a smooth transition toward cloud-native endpoint management.
Define and enforce device configuration standards, security baselines, and compliance frameworks across managed endpoints.
Provide technical guidance and mentorship to associate- and mid-level engineers on Intune, Autopilot, and endpoint management best practices.
Partner with security, identity, and helpdesk teams to align endpoint management strategies with broader organizational goals.
Own and maintain comprehensive documentation for Intune and Autopilot processes, migration playbooks, and infrastructure configurations.
Job Specific Duties and Responsibilities:
Intune infrastructure ownership - Design, implement, and maintain enterprise Intune infrastructure including configuration profiles, compliance policies, conditional access, and app management at scale.
-Autopilot program lead - Architect and manage Windows Autopilot deployment strategies across the organization, including profile design, device registration, and integration with Entra ID and Intune.
-Intune migration leadership - Plan and execute migrations from on-premises or hybrid management environments (MECM/GPO) to a modern Intune-based management model, minimizing disruption to end users.
-MECM infrastructure support - Maintain working knowledge of MECM infrastructure to support co-management scenarios, policy coexistence, and workload transitions to Intune.
-Co-management configuration - Configure and manage MECM and Intune co-management workloads, ensuring a smooth transition path as the organization moves toward cloud-native management.
-Policy & security architecture - Define and enforce device configuration standards, security baselines, and compliance frameworks across managed endpoints.
-Team mentorship - Provide technical guidance and mentorship to associate and mid-level engineers on Intune, Autopilot, and endpoint management best practices.
-Stakeholder collaboration - Partner with security, identity, and helpdesk teams to align endpoint management strategies with broader organizational goals.
-Documentation & runbooks - Own and maintain comprehensive documentation for all Intune and Autopilot processes, migration playbooks, and infrastructure configurations.
Minimum Requirements
'- Bachelor's degree in relevant field of study and 5+ years of relevant professional experience required, or equivalent combination of education and experience.
Job Specific Requirements:
5+ years of experience in enterprise endpoint management or systems engineering
3+ years of hands-on experience with Microsoft Intune in a production enterprise environment
Proven experience leading or executing an Intune migration from MECM or GPO-based management
Strong working knowledge of Windows Autopilot in an enterprise setting
Familiarity with MECM/SCCM in a co-management or hybrid capacity
Must have the following experience for consideration
Microsoft Intune - Expert Level
Intune tenant configuration and administration
Device configuration profiles (Windows, iOS, Android, macOS)
Compliance policies and conditional access integration
App deployment and management (Win32, MSIX, LOB apps)
PowerShell and Intune scripting / remediation scripts
Role-based access control (RBAC) within Intune
Entra ID (Azure AD) device identity and hybrid join
Endpoint security policies (Defender, BitLocker, Firewall)
Update rings and Windows Update for Business
Intune reporting and monitoring
Windows Autopilot - Expert Level
Autopilot profile design and deployment strategy
All deployment modes (user-driven, self-deploying, pre-provisioning)
Hardware hash registration and OEM/reseller integration
Enrollment Status Page (ESP) configuration and troubleshooting
Autopilot Reset and device reprovisioning
Integration with Entra ID and dynamic device groups
Intune Migration - Core Competency
MECM to Intune workload migration planning and execution
GPO to Intune configuration profile translation
Co-management enablement and workload transition
Hybrid Azure AD join to Entra ID join migration
Stakeholder communication and change management during migrations
Validation and testing frameworks for policy parity
MECM / SCCM - Working Knowledge
Co-management configuration and workload management
Site infrastructure and hierarchy awareness
OSD and task sequence fundamentals
Software deployment and patch management
Client health and troubleshooting
Supporting & General Skills
PowerShell scripting (intermediate to advanced)
Microsoft Graph API (basic to intermediate)
Entra ID / Azure AD administration
Active Directory and Group Policy
Networking fundamentals (DNS, DHCP, VPN, proxy)
Windows 10/11 enterprise architecture
Security baseline frameworks (CIS, DISA STIG awareness)
Strong documentation and technical writing skills
Project and migration planning
Preferred:
Microsoft MD-102 (Endpoint Administrator) certified
Microsoft SC-300 or AZ-104 a plus
Experience with Microsoft 365 and Defender for Endpoint integration
Familiarity with Zero Trust network access principles
Experience working in regulated or compliance-driven environments
Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics.
Minimum Salary
$102,720
Maximum Salary
$154,080