This role requires deep technical capability across Intune, Endpoint Security, Application Control, and compliance uplift aligned to Essential Eight controls. Microsoft Intune / Endpoint Manager End‑to‑end management of Windows 10/11 devices Compliance policies, configuration profiles, Proactive Remediations Application deployments (Win32/MSI), provisioning, and Autopilot Endpoint Security & Hardening Expertise implementing WDAC policies (allow/deny lists, signing, policy staging & deployment) Strong knowledge of Microsoft Defender for Endpoint , Defender Antivirus, Firewall, Attack Surface Reduction (ASR) rules, and vulnerability reduction Azure AD / Entra ID Conditional Access, identity hardening, device trust, hybrid join scenarios Troubleshooting device-based access issues & authentication flows Essential Eight (E8) Security Framework Hands‑on experience implementing or operationalizing: Application Control (WDAC/AppLocker) Patch management & application updates Hardening baselines MFA, restricting admin privileges, macro control Mapping client's endpoint policies to E8 maturity uplift activities · Citrix EUC Experience o Working knowledge of Citrix VDI environments (session issues, profile problems, performance analysis) o Coordinating with Citrix operations teams for remediation · Advanced Troubleshooting & Engineering Debugging complex endpoint issues across OS, identity, security controls, and application behavior Strong skills interpreting event logs, defender logs, WDAC audit logs, and Intune diagnostics Ability to create PowerShell scripts for automation and policy validation Documentation & Customer Engagement Build SOPs, security implementation guides, and configuration baselines Work directly with client's SMEs and security architects Strong communication and stakeholder confidence Debugging complex endpoint issues across OS, identity, security controls, and application behavior Strong skills interpreting event logs, defender logs, WDAC audit logs, and Intune diagnostics Ability to create PowerShell scripts for automation and policy validation Documentation & Customer Engagement Build SOPs, security implementation guides, and configuration baselines Work directly with client's SMEs and security architects Strong communication and stakeholder confidence Debugging complex endpoint issues across OS, identity, security controls, and application behavior Strong skills interpreting event logs, defender logs, WDAC audit logs, and Intune diagnostics Ability to create PowerShell scripts for automation and policy validation Documentation & Customer Engagement Build SOPs, security implementation guides, and configuration baselines Work directly with client's SMEs and security architects Strong communication and stakeholder confidence Experience Required: 6–11 years in EUC engineering with demonstrated security hardening experience, particularly in WDAC, Intune security baselines, and Essential Eight compliance.
