UK | Cyber Security Engineer ECO L4
Intune Endpoint Privilege Management (EPM) Specialist – Endpoint Security Engineer
Remote / Hybrid
We are seeking a highly skilled Endpoint Privilege Management (EPM) Specialist to lead the design and implementation of Microsoft Intune’s least privilege and Just-in-Time (JIT) elevation framework across a large enterprise environment.
This role is central to strengthening endpoint security, eliminating local admin rights, and enabling secure, auditable privilege elevation aligned to Zero Trust principles.
What You’ll Be Doing You will take ownership of the enterprise EPM capability, including:
Remote / Hybrid
We are seeking a highly skilled Endpoint Privilege Management (EPM) Specialist to lead the design and implementation of Microsoft Intune’s least privilege and Just-in-Time (JIT) elevation framework across a large enterprise environment.
This role is central to strengthening endpoint security, eliminating local admin rights, and enabling secure, auditable privilege elevation aligned to Zero Trust principles.
What You’ll Be Doing You will take ownership of the enterprise EPM capability, including:
- Designing and deploying Microsoft Intune Endpoint Privilege Management (EPM) at scale
- Defining and managing elevation rules, approval workflows, and automation models
- Implementing Just Enough Access (JEA) and Just-in-Time (JIT) privilege elevation
- Eliminating permanent local admin rights across Windows 10/11 estate
- Integrating EPM into broader Zero Trust and Microsoft Defender security architecture
- Build dashboards for elevation activity, risk trends, and anomalous behaviour
- Use Log Analytics (KQL), Microsoft Defender, and Graph API for automation and insights
- Provide regular reporting to security governance and risk forums
- Support audit and compliance requirements with clear privilege reporting
- Work closely with Security, Identity, Endpoint, and Application teams
- Act as the SME for application elevation requirements and security exceptions
- Deliver documentation, runbooks, and operational guidance
- Lead training sessions for IT support and security operations teams
- Strong hands-on experience with Microsoft Intune Endpoint Privilege Management (EPM)
- Deep understanding of:
- Least privilege / Zero Trust security models
- Windows endpoint security and hardening
- Application analysis for privilege requirements
- Microsoft Defender for Endpoint (ASR policies)
- Log Analytics / KQL for security monitoring
- Strong PowerShell scripting and automation experience
- Experience integrating with Microsoft Graph API
- Microsoft Defender XDR / vulnerability management
- Conditional Access / Identity Protection
- AppLocker or Windows Defender Application Control
- Certifications such as:
- MD-102 Endpoint Administrator
- SC-200 Security Operations Analyst
- SC-300 Identity & Access Administrator
- Strong communication skills with technical and non-technical stakeholders
- Analytical mindset with excellent root cause analysis ability
- Structured and process-driven approach to security governance
- Ability to simplify complex endpoint security concepts
- Enterprise-wide rollout of Microsoft Intune Endpoint Privilege Management
- Elimination of local admin rights across all endpoints
- Secure, frictionless JIT elevation experience for end users
- Strong governance, auditability, and compliance reporting
- Continuous improvement of endpoint privilege and security automation