** This role requires an active Secret Clearance for consideration **
ValidaTek is seeking a highly motivated, experienced Microsoft Intune Config & Migration Subject Matter Expert (SME) to lead the architectural design and execution of a large-scale endpoint modernization project. This role is highly hands-on and focused on migrating a multi-tenant enterprise environment from legacy management (MECM/MCM) to a modern, cloud-native framework using Microsoft Intune. The Intune Config & Migration SME will be responsible for engineering the core Intune environment, designing the end-to-end migration strategy, and ensuring a seamless and secure transition for all devices.
The ideal candidate will have direct experience in the following areas:
• Lead the architectural design and migration strategy for a large-scale transition to Microsoft Intune in a co-managed environment.
• Engineer and manage the end-to-end device lifecycle, from initial enrollment and configuration to compliance and retirement.
• Design, build, and troubleshoot the MECM/MCM task sequences required to migrate Windows endpoints to Intune management.
• Develop, configure, and deploy Intune policies, including Device Configuration Profiles, Compliance Policies, Security Baselines, and Conditional Access Rules.
• Implement and manage Windows Autopilot deployment profiles, including the Enrollment Status Page (ESP) for a zero-touch provisioning experience.
• Configure and manage the integration between Intune, Azure Active Directory (AAD), Microsoft Defender for Endpoint, and on-premises MECM infrastructure.
• Troubleshoot and resolve issues related to co-management workloads, device sync, and policy application.
• Track and report on migration progress, device compliance, and overall platform health.
• Active DoD Secret Clearance, with Top Secret eligibility
• BS degree and 8+ years of Windows systems administration/engineering experience. Experience can be substituted in lieu of degree
• CompTIA Security + CE or equivalent IAT Level II DoD 8570 certification
• Minimum of 5 years of enterprise endpoint management experience, with a primary focus on architectural design and migration.
• Deep hands-on expertise with Microsoft Intune and MECM/MCM, with proven experience designing and managing a co-managed environment.
• Understanding of DoD, DISA cybersecurity requirements
• Proven experience migrating a large portfolio of applications from a legacy platform (like MECM/MCM) to Microsoft Intune.
• Strong experience with MECM/MCM, including task sequences, collections, application deployments, and co-management.
• Strong experience with Azure Active Directory, including Hybrid Join, Conditional Access, and identity management.
• Advanced PowerShell scripting skills for automating application lifecycle and reporting tasks.
• Strong knowledge of Windows 11 operating systems, Group Policy Objects (GPOs), and modern policy management (CSPs).
• Ability to troubleshoot complex device enrollment, policy application, and migration issues in a large-scale enterprise.
* Must be able to commute onsite at least 3 days per week.
Preferred Skills:
• DevSecOps software delivery model - Understanding of Agile methodology: CMMI, ITIL.
• Microsoft certifications such as MD-102 (Endpoint Administrator Associate), AZ-104 (Azure Administrator Associate), or equivalent.
• Strong organizational and execution skills with attention to detail.
• Ability to operate effectively under tight timelines and high-volume workloads.
• Excellent communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.
• Self-directed, proactive, and comfortable owning critical migration components.
Software Powered by iCIMS
www.icims.com