Senior Administrator - MDM Intune,Intune

Job Summary

Intune, SCCM & SOTI (MDM) Technical Specialist (L2) The Intune, SCCM & SOTI (MDM) Technical Specialist (L2) is a senior operational role responsible for the stability, security, and day‑to‑day management of enterprise endpoint and device management platforms in a global environment. The role provides advanced (L2) support for Microsoft Intune, SCCM (Config Mgr), and SOTI Mobi Control, covering modern workplace, co‑managed, and factory Android device landscapes. This position serves as a key escalation point for complex device, application, and OS‑related incidents, delivering in‑depth troubleshooting, resolution, and operational stability across Windows, iOS, and Android platforms. The role supports device provisioning, compliance enforcement, application deployment, patching, OS updates, and endpoint analytics while ensuring alignment with security policies and operational standards. In addition to operational support, the L2 specialist actively contributes to service optimization, upgrades, and lifecycle activities across endpoint platforms. The role supports SOTI device configuration and lifecycle management for factory environments, collaborates with vendors and internal teams, and maintains technical documentation and SOPs. The position also assists in mentoring L1 teams and supports continuous improvement initiatives to enhance endpoint reliability, security posture, and user experience.

Key Responsibilities

• Managing Device compliance and configuration profiles in Intune.
• End to end knowledge on Intune and Endpoint Manager Admin Centre Console.
• Providing technical / architectural support and driving successful user adoption Technical experience with Microsoft 365 security (Windows Defender/Advanced Threat Protection, Security and Compliance Centre, EMS suite Maintain and update the Security Hardening parameters for installed On-Prem or Customer cloud tenant • Enforce MAM policies and procedures in the Intune environment. Mobile Application Management or MAM, Allow/block/quarantine access to blacklisted applications.
• Application packaging via Intune App Wrapper, Application Deployment via Intune on Windows 11 Devices, Should have knowledge on VPP application management.
• Provide support for publishing applications into the Company Portal catalog and help with the deployment of those applications.
• Should have expertise on Application Deploy, Upgrades and Application removal on all major platforms.
• Monitor for application compliance and configure auto enforcement policy to fix.
• Distribute Software and apps over -the air on all platforms & OS. Enable employee self-activation of corporate and BYODs.
• Knowledge of Systems Administration for Components installed in Customer environment like: Application Proxy Connector Knowledge of Enterprise Mobility Security features covered under Modern workplace offering’s Mobile device management Intune • Expertise on Windows Autopilot for Hybrid and Azure AD scenarios.
• Experience on user driver, white glove Autopilot scenarios.
• Good knowledge on win32/MSI Apps deployment troubleshooting.
• Knowledge on co-management workload scenarios.
• Managing Windows 11 update rings via Intune.
• Managing M365 pro plus client install and workloads.
• Knowledge of Endpoint Analytics to assist with device/enterprise health.
• Knowledge of Group policy Analytics to assist with migration of policies to Intune.
• Knowledge of handling KIOSK PCs & their image management.
• Good Knowledge of OSD via SCCM, MDT, WDS. Customizations in SCCM Task Sequence related to OSD.
• SQL Reporting Skills • Should be well versed with managing Hardware Drivers in SCCM for OSD Task Sequence • Hands on experience in PowerShell scripting for automating the tasks in Intune/SCCM.
• Experience of OS migrations via SCCM. Subject-matter expert knowledge of Windows technologies.
• Managing configuration items & baselines in Configuration Manager (SCCM).
• Antivirus: Working knowledge of antivirus management tools, Virus definitions/signature update, etc. Knowledge about Virus, spam, Trojans, spyware, etc. Setup and Configuration.
• Designing and architecting SCCM infrastructure, including site hierarchy, boundaries, and distribution points, to meet the organization's requirements.
• Leading the implementation and configuration of SCCM components such as software distribution, patch management, operating system deployment, and inventory management.
• Monitoring and optimizing SCCM infrastructure and client health, identifying and resolving performance or availability issues.
• Collaborating with other IT teams to integrate SCCM with other systems and applications, ensuring seamless operation and data exchange.
• Implementing SCCM security policies and best practices to protect the organization's systems and data.
• Creating and maintaining documentation related to SCCM infrastructure, processes, and procedures.
• Mentoring and providing technical guidance to junior SCCM engineers and administrators.
• Keeping up to date with the latest SCCM features, best practices, and industry trends, and recommending improvements to the SCCM infrastructure.
• Supporting Hybrid and co-management infrastructu. Support audits, factory comp

Skill Requirements

Microsoft Intune – Knowledge on device compliance, configuration profiles, MDM/MAM, Autopilot • SCCM (Config Mgr) – Experience working with OSD, patching, application deployment, co management • Endpoint Management – Experience working with Windows, iOS, Android, BYOD, Kiosk devices • Application Management – Experience working with Win32/MSI, mobile apps, app packaging & deployment • Windows OS Expertise – Experience working with Windows 10/11 administration, troubleshooting, migrations • Device Provisioning – Knowledge on Autopilot, ABM, VPP, Android Enterprise enrollment • Monitoring & Analytics – Endpoint Analytics, health reporting, compliance • Incident & Problem Management (L2) – Routine incidents troubleshooting Nice to have Skills – • SOTI Mobi Control – Android Enterprise & factory device management • Security & Endpoint Protection – Defender, EMS, compliance & hardening policies • Automation & Scripting – PowerShell, Graph/API-based automation

Other Requirements

1. Optional But Valuable: Microsoft Certified: Modern Desktop Administrator Associate.

2. Optional But Valuable: Microsoft Certified: Security, Compliance, And Identity Fundamentals