Job description
Job Title:
Intune Architect
Job Description
We're Concentrix.
The intelligent transformation partner.
Solution-focused.
Tech-powered.
Intelligence-fueled.
The global technology and services leader that powers the world’s best brands, today and into the future.
We’re solution-focused, tech-powered, intelligence-fueled.
With unique data and insights, deep industry expertise, and advanced technology solutions, we’re the intelligent transformation partner that powers a world that works, helping companies become refreshingly simple to work, interact, and transact with.
We shape new game-changing careers in over 70 countries, attracting the best talent.
In our Information Technology and Global Security team, you will deliver the latest technology infrastructure, transformative software solutions and industry-leading global security for our staff and clients.
You will work with the best in the world to design, implement and strategize IT, security, application development, innovation, and solutions in today’s hyperconnected world.
You will be part of the technology team that is core to our vision of develop, build and run the future of Integrated Services.
Our game-changers around the world have devoted their careers to ensuring every relationship is exceptional.
And we’re proud to be recognized with awards such as World's Best Workplaces, “Best Companies for Career Growth,” and “Best Company Culture,” year after year.
We embrace our game-changers with open arms, people from diverse backgrounds, who are curious and willing to learn.
Your natural talent to help others and go beyond WOW for our customers will fit right in with what we do and who we are.
Join us and be part of this journey towards greater opportunities and brighter futures.
**Role requirements:**
Fluent French / English oral and written communication.
Strong technical writing, presentation and training skills.
**Technical requirements:**
Microsoft Intune: Deep hands-on experience with device compliance, application deployment, software updates, endpoint protection, and policy management.
· Device enrolment, corporate and personal/BYOD device scenarios, automated provisioning for Windows, IoS, Android, including zero-touch enrolments for IoS and Android platforms, web-based device enrolment for IoS
· Device configuration including creating custom configuration profiles
· Shared and Kiosk device scenarios, Windows and mobile device platforms
· Certificate deployments, PKCS and SCEP.
Deploying VPN, email and Wi-Fi profile
· Device Compliance, including custom compliance and integration with Defender for Endpoint for device risk, ConfigMgr compliance.
Compliance with Conditional Access
· Assignment filters for managed apps and devices
· Applications,
o Store apps, M365 apps, Edge, LoB and Win32.
o Integration with Apple Business Manager and Google Play store
· Intune Diagnostics
o Creating Log Analytics Workspaces
o Using KQL to create custom reports from Log Analytics data
· Connectors and tokens
o Configuration Manager
o Apple VPP tokens
o Managed Google Play
o Firmware over-the-air update
o MDT connectors – (Windows Security and awareness of 3rd party capabilities)
o Certificate connectors
o Active Dir
· eSIM configuration, awareness of platform specific limitations
Autopilot & Provisioning: Expertise in configuring and validating Windows Autopilot profiles, OEM provisioning, and troubleshooting deployment issues.
· Entra and Hybrid Entra scenarios
· Experience with all Autopilot deployment scenarios, user-driven, pre-provisioning, self-deploying, Autopilot Reset and Autopilot for existing devices
· Enrolment Status Page – configurating and experience troubleshooting
· Autopilot Device Preperation
MDM/MAM Policies: Strong understanding of mobile device and application management, including conditional access, compliance policies, and certificate-based authentication.
· App configuration profiles
· App protection profiles
· Experience configuring Intune and Conditional Access for BYOD scenarios
Windows 10/11 Management: Proven experience with provisioning, servicing, and customising Windows installations using Intune
· Windows Updates, Update Rings, Feature Updates, Quality Updates and driver updates.
Monitoring and reporting including Windows Update for Business Reports
· Autopatch, Autopatch Groups, onboarding and monitoring
· Scripts and remediations
· Endpoint Analytics, Group Policy Analytics
· Endpoint Security
o Bitlocker management, including self-service recovery key options
o AV and Firewall configuration
o LAPS, automated and manual configuration
o Windows Hello for Business (client configuration)
o managing local admins group
o Configuring credential guard
o Endpoint detection and response, onboarding devices to MDE
o Application Control
· OneDrive for Business – configuration including integration with known folders, migration from file shares
· Experienced with utilizing Windows Configuration Service Providers and creating custom configuration profiles.
Intune Suite
Experience with configuring Intune add-ons including;
· Endpoint Privilege Management
· Remote Help
· Advanced Analytics
· Experience or awareness (ability to discuss at a high level) Microsoft Tunnel/Tunnel for MAM, Cloud PKI
Hybrid Cloud Management: Experience managing co-managed environments (Intune + ConfigMgr), including cloud management gateway setup and transition to cloud-only management.
Entra ID
Firm understanding of the identify and authentication services dependencies from an Intune SME perspective, including;
· Creating dynamic groups, familiar with extension attributes
· Experience with creating Conditional Access polities and creating inclusions/exclusions for filtered devices
· Using sign-in logs for reporting and conditional access evaluation
Graph API
· Experience with using Graph Explorer and PowerShell to address bespoke device management or reporting scenarios
RBAC
· Creating custom roles, permissions and scope tags based on principles of least privilege access.
· Understating roles and responsibilities and how these can be implemented with RBAC.
· Familiar with the Entra roles with Intune access and using Entra ID PIM for Intune role elevation
Location:
MAR - Work-At-Home
Language Requirements:
Time Type:
Full time
**If you are a California resident, by submitting your information, you acknowledge that you have read and have access to the Job Applicant Privacy Notice for California Residents (https://www.concentrix.com/resource/job-applicant-privacy-notice-for-california-residents/)**
Required Skill Profession
Other General