[Hiring] Senior Modern Endpoint Engineer @Jolera Inc.

Role Description

We are seeking a Senior Modern Endpoint Engineer with deep hands-on expertise in Microsoft Intune and Windows Autopilot to support enterprise endpoint deployment engagements across our client base. The ideal candidate has a strong background in modern device management, cloud identity integration, and structured delivery within complex enterprise environments. This is a client-facing technical role requiring the ability to conduct assessments, produce designs, and implement and validate production-grade Autopilot and Intune solutions end-to-end.

What You’ll Do

• Conduct targeted assessments of client Intune tenant configurations, including compliance policies, security baselines, application deployment structures, and existing Autopilot profiles.
• Review and validate client identity models (Hybrid vs. Entra ID joined), certificate deployment approaches, and network dependencies for on-premises and offsite provisioning scenarios including EAP-TLS.
• Design Windows Autopilot deployment profiles (Gen2) with Entra ID joined configuration and pre-provisioning workflows, aligned to client environment findings.
• Define Enrollment Status Page (ESP) behavior, Windows Security Baselines, device configuration profiles, and compliance policy frameworks.
• Configure application deployment within Intune, including install context, dependency sequencing, and provisioning-time vs. post-login behavior across pre-provisioned and user-assigned applications.
• Validate PKI integration (PKCS via Intune Certificate Connector) and confirm device certificate availability and EAP-TLS authentication for wired and wireless networks.
• Execute pilot deployments including pre-provisioning workflows, user sign-in validation, policy application, application installation, and certificate confirmation.
• Identify, document, and remediate issues encountered during pilot execution; perform fine-tuning and re-validation within agreed scope boundaries.
• Deliver structured knowledge transfer sessions covering Autopilot provisioning workflows, key Intune configuration components, and operational handover considerations.
• Produce high-level as-built documentation of implemented configurations and document outstanding risks and limitations.
• Coordinate with client IT teams and device vendors throughout engagements to manage responsibilities, validate inputs, and obtain approvals at key milestones.

Qualifications

• 5+ years of experience in Microsoft endpoint management, with at least 3 years of hands-on Intune and Windows Autopilot deployment experience in enterprise environments.
• Deep working knowledge of Windows Autopilot Gen2 deployment profiles, pre-provisioning workflows, and device join types (Entra ID joined and Hybrid).
• Proven experience configuring Enrollment Status Pages, Windows Security Baselines, device configuration profiles, and compliance policies within Microsoft Intune.
• Hands-on experience with PKI integration in Intune environments, including PKCS certificate deployment via the Intune Certificate Connector and EAP-TLS network authentication.
• Solid understanding of Microsoft Entra ID (Azure AD), identity models in hybrid enterprise environments, and Conditional Access fundamentals.
• Experience managing application deployment in Intune including packaging context, dependency sequencing, and provisioning-time vs. post-login deployment behavior.
• Strong client-facing communication and documentation skills; able to present designs, obtain approvals, and lead knowledge transfer sessions for both technical and operational audiences.
• Structured approach to scoped project delivery — comfortable working within defined boundaries and documenting assumptions, risks, and out-of-scope items clearly.

Preferred Qualifications

• Microsoft certifications such as MD-102 (Endpoint Administrator), MS-102, or AZ-104.
• Experience with Active Directory Certificate Services (ADCS) and PKI infrastructure administration.
• PowerShell scripting experience for Intune automation, bulk device operations, or reporting tasks.
• Familiarity with direct-ship and centralized device staging models in enterprise Autopilot deployments.
• Prior experience delivering endpoint management engagements in an MSP or GSI environment across multiple concurrent clients.
• Exposure to Microsoft Defender for Endpoint integration within Intune and security baseline hardening practices.

Benefits