UK | Cyber Security Engineer ECO L4
Intune Endpoint Privilege Management (EPM) Specialist – Endpoint Security Engineer Remote / Hybrid We are seeking a highly skilled Endpoint Privilege Management (EPM) Specialist to lead the design and implementation of Microsoft Intune’s least privilege and Just-in-Time (JIT) elevation framework across a large enterprise environment.
This role is central to strengthening endpoint security, eliminating local admin rights, and enabling secure, auditable privilege elevation aligned to Zero Trust principles . What You’ll Be Doing You will take ownership of the enterprise EPM capability, including:
This role is central to strengthening endpoint security, eliminating local admin rights, and enabling secure, auditable privilege elevation aligned to Zero Trust principles . What You’ll Be Doing You will take ownership of the enterprise EPM capability, including:
- Designing and deploying Microsoft Intune Endpoint Privilege Management (EPM) at scale
- Defining and managing elevation rules, approval workflows, and automation models
- Implementing Just Enough Access (JEA) and Just-in-Time (JIT) privilege elevation
- Eliminating permanent local admin rights across Windows 10/11 estate
- Integrating EPM into broader Zero Trust and Microsoft Defender security architecture
- Build dashboards for elevation activity, risk trends, and anomalous behaviour
- Use Log Analytics (KQL), Microsoft Defender, and Graph API for automation and insights
- Provide regular reporting to security governance and risk forums
- Support audit and compliance requirements with clear privilege reporting
- Work closely with Security, Identity, Endpoint, and Application teams
- Act as the SME for application elevation requirements and security exceptions
- Deliver documentation, runbooks, and operational guidance
- Lead training sessions for IT support and security operations teams
- Strong hands-on experience with Microsoft Intune Endpoint Privilege Management (EPM)
- Deep understanding of:
- Least privilege / Zero Trust security models
- Windows endpoint security and hardening
- Application analysis for privilege requirements
- Microsoft Defender for Endpoint (ASR policies)
- Log Analytics / KQL for security monitoring
- Strong PowerShell scripting and automation experience
- Experience integrating with Microsoft Graph API
- Microsoft Defender XDR / vulnerability management
- Conditional Access / Identity Protection
- AppLocker or Windows Defender Application Control
- Certifications such as:
- MD-102 Endpoint Administrator
- SC-200 Security Operations Analyst
- SC-300 Identity & Access Administrator
- Strong communication skills with technical and non-technical stakeholders
- Analytical mindset with excellent root cause analysis ability
- Structured and process-driven approach to security governance
- Ability to simplify complex endpoint security concepts
- Enterprise-wide rollout of Microsoft Intune Endpoint Privilege Management
- Elimination of local admin rights across all endpoints
- Secure, frictionless JIT elevation experience for end users
- Strong governance, auditability, and compliance reporting
- Continuous improvement of endpoint privilege and security automation