Senior Modern Workplace Engineer-M365

Primary Responsibilities

• Architect, deploy, and optimise large-scale Microsoft 365 Modern Workplace solutions (5,000–150,000+ seats) 
• Serve as final escalation point for critical production incidents involving Intune, Autopilot, Windows 365 Cloud PC, Entra ID Conditional Access, Defender for Endpoint, and Teams 
• Provide advanced troubleshooting of device compliance, application deployment failures, provisioning issues, BitLocker recovery, and hybrid identity sync problems 
• Design and implement enterprise-grade Conditional Access policies, Intune configuration profiles, compliance policies, and Windows Update rings 
• Lead Autopilot migrations (on-prem ConfigMgr → full cloud Autopilot) and Windows 365 Cloud PC deployments 
• Build and maintain PowerShell/PnP/Graph API automation for tenant-wide governance and lifecycle management 
• Optimize Microsoft Teams environments (voice, meetings, governance, retention, data loss prevention) 
• Integrate and troubleshoot Defender for Endpoint, Defender for Office 365, and Microsoft Purview (Information Protection, DLP, Insider Risk) 
• Conduct performance and security reviews of Entra ID, SharePoint, and OneDrive configurations 
• Create and deliver technical runbooks, root-cause analysis reports, and proactive health assessments 
• Mentor mid-level engineers and contribute to the internal knowledge base and tooling 
• Participate in a 24×7 on-call rotation (with generous premium on-call compensation) 

Required Qualifications

• 8+ years of progressive experience in Microsoft endpoint and cloud identity management 
• Expert-level knowledge of Microsoft Intune, Entra ID (Azure AD), Autopilot, Windows 365, and Co-management 
• Advanced PowerShell and Microsoft Graph API scripting (automation is a daily activity) 
• Proven track record in resolving complex, enterprise-scale Modern Workplace incidents 
• Deep understanding of Entra ID Conditional Access, MFA, identity protection, and privileged identity management 
• Hands-on experience with Defender for Endpoint advanced hunting, attack surface reduction, and ASR rules 
• Strong knowledge of Microsoft Teams administration (including Teams Phone / Direct Routing if certified) 
• Experience with large SharePoint Online migrations, sensitivity labels, and retention policies 
• Relevant Microsoft certifications required (at minimum two of the following): – MS-102: Microsoft 365 Administrator – MS-700: Managing Microsoft Teams – MD-102: Endpoint Administrator – SC-300: Identity and Access Administrator 
• Excellent communication skills and prior client-facing consulting or enterprise support experience 

Preferred Experience

• Previous employment at a top-tier Microsoft Cloud Solution Provider (CSP) or large enterprise 
• Experience supporting regulated industries (finance, healthcare, government) 
• Familiarity with Microsoft Priva, Purview, and Lighthouse