Endpoint Management Engineer

Intune & Endpoint Security Engineer (SC Eligible)

Overview
We're looking for an experienced Intune & Endpoint Security Engineer to secure and manage Windows endpoints in a regulated environment. Candidates must be eligible for BPSS and SC clearance.

Key Responsibilities

Create secure Intune policies (BitLocker, firewall, passwords, screen lock)
Deploy security baselines (Microsoft, MDM, CIS)
Configure Defender, ASR rules, and WDAC
Manage Windows Firewall and device compliance policies
Align Intune RBAC roles to security best practice
Oversee patching (Autopatch) and resolve update issues
Package and deploy apps via Intune
Use Defender to identify and remediate vulnerabilities
Support MSIX App Attach
Develop scripts using PowerShell / VBScript
Follow structured change management processes

Skills & Experience
Strong Intune / Endpoint Manager experience
Knowledge of Microsoft Defender & endpoint security controls
Application deployment and patching experience
Scripting (PowerShell essential)
Experience in controlled change environments

Security Requirement

Must be eligible for BPSS and SC clearance

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)