Microsoft intune

Immediate hiring for Microsoft Intune & Endpoint security

Work location : Chennai ( Oniste)

Expeirence : 5 to 9 yrs

This role will support a client transitioning from IBM MaaS360 to Intune, with a focus on:

· Enrolling iOS devices (user + corporate tablets via ABM)

· Enrolling Android phones and Zebra MC3300 handhelds (Android Enterprise / dedicated device mode)

· Conducting a health check of existing Windows 11 Intune enrollment

· Providing knowledge transfer and SOPs to client helpdesk

No direct migration from MaaS360 is possible – the role requires rebuilding configurations from scratch using modern best practices (Zero Trust, compliance baselines, Conditional Access).

Key Responsibilities

1. Discovery & Assessment

· Audit existing Intune environment (Windows 11 devices already enrolled)

· Review current MaaS360 policies, apps, and configurations for reference only

· Identify gaps, policy conflicts, and security improvement opportunities

· Document enrollment status, compliance rates, and Conditional Access rules

2. Intune Implementation (Multi-OS)

· Apple Business Manager (ABM): Validate and configure ABM-Intune integration, VPP tokens, enrollment profiles (user affinity vs. device-only)

· iOS / iPadOS: Deploy enrollment profiles, package and deploy ERP and line-of-business apps, test with pilot iPads

· Android Enterprise (work profile): Configure enrollment for corporate and BYOD Android phones

· Zebra MC3300 handhelds: Configure Android Enterprise dedicated device (kiosk) mode, enroll devices, deploy single or multi-app kiosk profile

3. Security & Compliance

· Create and deploy compliance policies for Windows, iOS, Android, and Zebra devices

· Configure and update Conditional Access policies (report only → enforce)

· Align configurations with Zero Trust principles and Microsoft security baselines

4. Windows Intune Health Check (Advisory)

· Review existing Windows configuration profiles, update rings, and app deployments

· Provide a written report with recommendations for improvement (no implementation unless separately scoped)

5. Documentation & Knowledge Transfer

· Create Standard Operating Procedures (SOPs) for:

 · iOS enrollment (user and corporate devices)

 · Android phone enrollment

 · Zebra dedicated device provisioning

 · ABM token management and VPP app deployment

 · Conditional Access troubleshooting

· Deliver training sessions (2 sessions) to client helpdesk

· Provide as-built architecture documentation and escalation matrix

Required Technical Skills

Skill Area Specific Requirements

Microsoft Intune 3+ years experience in design, implementation, and troubleshooting. Deep understanding of enrollment methods, configuration profiles, compliance policies, and app deployment.

Apple Business Manager (ABM) Hands-on experience integrating ABM with Intune, managing VPP tokens, creating enrollment profiles, and deploying apps to supervised devices.

Android Enterprise Experience configuring work profile (BYOD/corporate) and dedicated device (kiosk) mode for rugged devices (Zebra, Honeywell, etc.).

Conditional Access (CA) Proven ability to design, test (report only), and enforce CA policies based on device compliance, risk, and platform.

Microsoft Entra ID (Azure AD) Understanding of dynamic groups, device identities, hybrid join, and MDM auto-enrollment.

Endpoint Security Familiarity with Microsoft Defender for Endpoint integration, BitLocker, Firewall policies, and security baselines.

Scripting & Automation Proficiency in PowerShell (Intune Graph API, bulk enrollment, reporting) and understanding of Windows Configuration Designer (.ppkg).