IT Consulting Services, Recruitment Services | Fremont | USA - Triune Infomatics

Endpoint Automation Engineer (Intune, Entra ID, PowerShell)

Job Type: Contract
Work Flexibility: On-site
Location: Santa Clara CA
Required Skills: Autopilot Defender EntraID Intune PowerShell Windows11

Role: Endpoint Automation Engineer (Intune, Entra ID, PowerShell)
Duration: 3-6 Months
Location: Onsite Santa Clara 5 days/week
Pay Rate: $60 to $65

Summary: We are seeking an experienced and highly technical Endpoint Automation Engineer to lead the modernization and automation of our enterprise endpoint environment. This role requires advanced hands-on experience with PowerShell scripting, Microsoft Intune deployment and packaging, Microsoft Entra ID administration, and endpoint lifecycle automation. You will drive the implementation of zero-touch provisioning, security compliance, and operational efficiency while working closely with IT End User Services.

IMPORTANT:

  • This is NOT a Desktop Support or IT Help Desk role.
  • This position is ONLY for experienced End User Computing (EUC) automation engineers.
  • Applicants must have advanced, hands-on expertise in PowerShell automation, Microsoft Intune (including workflows and application packaging), Microsoft Entra ID administration, and endpoint lifecycle automation.

Key Responsibilities

  • Endpoint Automation & Intune Management
    • Lead end-to-end deployment and configuration of Microsoft Intune in large-scale enterprise environments.
    • Build automated workflows for device provisioning, compliance enforcement, and lifecycle management.
    • Package and deploy applications using Win32, MSIX, and Line-of-Business app formats.
    • Oversee Windows Autopilot deployments using custom PPKG and PSADT scripts for zero-touch provisioning.
    • Design and maintain configuration profiles, compliance policies, and security baselines.
  • Microsoft Entra ID Administration
    • Provide expert-level administration of Microsoft Entra ID (Azure AD).
    • Migrate LDAP-based applications to Entra SCIM for modern identity lifecycle management.
    • Implement Conditional Access policies, RBAC, and identity governance features.
    • Ensure compliance and identity security posture through proactive policy management.
  • PowerShell Scripting & Workflow Automation
    • Design, build, and maintain advanced PowerShell scripts for EUC automation.
    • Automate tasks such as device onboarding, application deployment, compliance remediation, and reporting.
    • Develop and maintain a secure, version-controlled PowerShell repository and contribute to CI/CD pipelines.
  • M365, Azure Cloud, and Infrastructure as Code (IaC)
    • Utilize advanced experience with Microsoft 365 services (Teams, SharePoint, Exchange, Defender, etc.) for endpoint integration and automation.
    • Work with Azure cloud infrastructure to support device registration, automation, and security configurations.
    • Leverage Infrastructure as Code (IaC) principles and tools (e.g., ARM templates, Bicep, Terraform) for scalable and repeatable infrastructure deployment and management. (IaC experience is preferred.)
  • Endpoint Security & Compliance
    • Align endpoint configurations to the CIS Benchmark for Windows 11 Enterprise.
    • Ensure compliance across encryption (BitLocker), antivirus, firewall, anti-malware, and endpoint protection.
    • Monitor and remediate non-compliant devices using automated and policy-based solutions.
  • Collaboration with IT End User Services
    • Serve as a Tier-3 escalation point for IT End User Services (EUS) for complex endpoint and automation issues.
    • Partner with EUS to identify automation opportunities and streamline manual support tasks.
    • Deliver guidance, documentation, and support workflows to enhance service delivery.

Required Skills and Qualifications:

  • 5+ years of experience in modern endpoint management, automation, and cloud infrastructure.
  • Deep, hands-on expertise in Microsoft Intune (including application packaging, compliance, and workflows).
  • Strong experience with PowerShell scripting for enterprise-scale automation.
  • Advanced knowledge of Microsoft Entra ID (Azure AD) including identity lifecycle, SCIM, RBAC, and Conditional Access.
  • Solid experience with Windows 10/11 configuration, security, and management tools.
  • Exposure to Microsoft 365 services in endpoint scenarios (e.g., Defender for Endpoint, M365 Security Center).
  • Familiarity with Azure services is relevant to endpoint and automation.
  • Experience with PPKG, PSADT, and Autopilot provisioning.

Preferred Qualifications:

  • Microsoft Certifications: MD-102, AZ-104, SC-300, or AZ-400.
  • Experience with Infrastructure as Code (IaC) using tools like ARM, Bicep, or Terraform.
  • Familiarity with DevOps tools such as GitHub Actions, Azure DevOps, or equivalent for script deployment and version control.
  • Knowledge of Microsoft Defender for Endpoint, Log Analytics, Sentinel, or similar platforms for monitoring and security automation.

Apply for this position

Allowed Type(s): .pdf, .doc, .docx