Microsoft Endpoint Security / Intune

About Us:

As a Senior Microsoft Endpoint Security Engineer at Kenility, you will become part of a collaborative team of developers, engineers, and designers focused on delivering top-quality software solutions to the market.

Technical Requirements:

• Bachelor’s degree in Computer Science, Software Engineering, or a related field.
• Strong hands-on experience working with Microsoft Intune administration, configuration, and troubleshooting.
• Solid knowledge of Microsoft Entra ID, including device management and identity-related configurations.
• Proven expertise in implementing and managing Entra Conditional Access policies and security controls.
• Experience working with Microsoft security solutions within the Endpoint Security ecosystem.
• Practical knowledge of Microsoft Mobile Application Management (MAM) capabilities.
• Experience managing macOS environments, including security, compliance, and device administration.
• Familiarity with Microsoft CASB solutions and cloud application visibility practices.
• Experience working with Microsoft Purview for data protection and security readiness initiatives.
• Hands-on background in endpoint compliance, endpoint protection, and security policy implementation.
• Experience reviewing, optimizing, standardizing, and documenting security and device management policies.
• Ability to perform troubleshooting and operational support activities across Microsoft Endpoint Security environments.
• Knowledge of Kandji is considered a plus.
• Familiarity with Cisco security technologies is desirable.
• Understanding of SaaS visibility and governance concepts is a plus.
• Experience working with CIS Benchmarks and security best practices is valued.
• Microsoft certifications are desirable; however, equivalent practical experience is acceptable.
• Minimum Upper Intermediate English (B2) or Proficient (C1).

Tasks and Responsibilities:

• Assess and optimize existing Microsoft Intune configurations and device management environments.
• Review device objects and enrollment statuses within Microsoft Entra ID.
• Configure and validate Entra Conditional Access policies aligned with security requirements.
• Analyze current macOS management, compliance, and security configurations to identify improvement opportunities.
• Standardize and streamline Intune and Entra policy structures across the environment.
• Detect and eliminate outdated, duplicated, undocumented, or conflicting policies.
• Simplify and consolidate endpoint security and compliance policy architecture.
• Validate security configurations against established baselines and best practices.
• Perform cleanup and maintenance activities for device inventories in Intune and Entra environments.
• Identify stale, duplicated, inactive, orphaned, unmanaged, or partially managed devices.
• Implement Conditional Access controls to enforce compliant and corporate-managed device usage.
• Design, configure, and validate macOS compliance, encryption, password, lock-screen, operating system, and update policies.
• Support assessment and readiness initiatives involving Microsoft CASB and Microsoft Purview capabilities.
• Evaluate Microsoft MAM capabilities and recommend improvements aligned with business needs.
• Produce technical documentation, including configurations, recommendations, risk assessments, roadmaps, dependencies, and troubleshooting guides.
• Collaborate with client stakeholders throughout project execution, validation, and delivery phases.

Soft Skills:

• Responsibility
• Proactivity
• Flexibility
• Great communication skills