Senior Tech Specialist, Digital Workplaces
- Azure Platform Administration (PaaS), Azure Administration (IaaS)
- Azure Infrastructure Engineering: Senior Tech Specialist, Digital Workplaces
- ROLE OBJECTIVE & DELIVERABLES: • Assessing business requirements and evaluating the existing endpoint estate, identifying opportunities to modernise and simplify device management. • Aiding design and deploying Windows 365 Cloud PC environments, including provisioning policies, network configurations, and user assignment strategies. • Implementing Microsoft Intune for modern device management, including device compliance policies, configuration profiles, and application deployment across Windows, macOS, iOS, and Android. • Leading the design and rollout of Windows Autopilot for zero-touch device provisioning, reducing dependency on traditional imaging and on-premises infrastructure. • Configuring and managing Microsoft Entra ID (Azure AD) join and hybrid join scenarios, conditional access policies, and identity-driven security postures. • Developing and maintaining Modern Endpoint standards, including Windows 11 feature update rings, driver management, and ongoing patch compliance via Windows Update for Business. • Integrating endpoint management with the broader Microsoft 365 ecosystem, including Defender for Endpoint, Purview compliance, and Microsoft 365 Apps deployment. • Providing SME-level technical authority on modern management strategies, supporting the transition away from legacy tooling (e.g., SCCM/MECM, GPO-dependent configurations, on-premises VDI) towards cloud-native management. • Producing technical documentation including high-level designs (HLDs), low-level designs (LLDs), operational runbooks, and knowledge transfer materials. • Troubleshooting and resolving endpoint, Cloud PC, and Intune-related issues, acting as an escalation point within the delivery team. KEY SKILLS & EXPERIENCE: Essential • Strong hands-on experience with Microsoft Intune (device compliance, configuration profiles, app protection policies, Autopilot). • Proven experience designing and deploying Windows 365 Cloud PC or Azure Virtual Desktop (AVD) solutions. • Deep knowledge of Microsoft Entra ID (Azure AD), conditional access, and identity-driven endpoint security. • Experience with Windows Autopilot provisioning (user-driven, pre-provisioned, and self-deploying modes). • Solid understanding of Windows 11 deployment, servicing rings, and feature update management. • Familiarity with Microsoft Defender for Endpoint onboarding and integration with Intune. • Experience migrating organisations from legacy management tools (SCCM/MECM, Group Policy) to cloud-native Intune management. Desirable • Microsoft certifications such as MD-102 (Endpoint Administrator), MS-102 (Microsoft 365 Administrator), or equivalent. • Experience with Microsoft Graph API and PowerShell scripting for endpoint automation and reporting. • Exposure to Universal Print, OneDrive Known Folder Move, and broader Microsoft 365 workload integration. • Understanding of regulatory or compliance frameworks relevant to endpoint security (e.g., Cyber Essentials, ISO 27001).
