Modern Desktop Engineer IV (Remote)

We’re looking for a Senior level Intune & Azure Engineer to lead the design, implementation, and scaling of our modern endpoint and identity platforms. You will be the technical authority for Microsoft Intune (Microsoft Endpoint Manager), Microsoft Entra ID (Azure AD / Entra Connect), Windows OS enterprise management, and the supporting Azure ecosystem. This role blends architecture, automation, security, and operational excellence to deliver a secure and seamless digital workspace experience across Windows.

You will own complex initiatives end-to-end, mentor engineers, set standards, and partner across Security, Networking, and Enterprise Apps to drive measurable outcomes in device compliance, zero trust, and user productivity. 

Sponsorship, in any form, is not available for this position.

Location: Remote, US

Role qualifications:

• Bachelor’s degree in Computer Science, Information Systems, or equivalent experience. 
• 8+ years in enterprise endpoint engineering or cloud infrastructure, with 5+ years dedicated to Intune/Entra ID in environments of 5,000+ devices (or comparable complexity). 
• Advanced expertise in Microsoft Intune, Windows Update for Business and device lifecycle management: Includes device compliance, configuration profiles, security baselines, Autopilot, enrollment, delivery optimization, update policies, and application packaging (Win32/MSIX). 
• Comprehensive security and identity management skills: Microsoft Defender for Endpoint, Conditional Access policies, Certificates/PHI, and hybrid identity solutions (Entra ID, Entra Connect), PIM, SSO (SAML/OIDC/OAuth) including policy design, deployment and troubleshooting. 
• Proficiency in automation and cloud technologies: Demonstrated skill with PowerShell, Microsoft Graph API, KQL, Azure automation, Functions and infrastructure-as-code practices for scalable device and identity management.  
• Strong grasp of Zero Trust, least privilege, RBAC, and secure-by-default design. 
• Proven experience with Log Analytics, diagnostics, Workbooks, and building executive-ready dashboards. 
• ITIL-aware change, incident, and problem management; excellent documentation & stakeholder communication. 

To differentiate yourself, you:

• Relevant certifications (strongly preferred): 
  • Microsoft: SC-300, MD-102, AZ-104/305, SC-200, MS-102, MDM fundamentals 
  • Security: CISSP, GIAC, or CompTIA Security+ (nice to have) 
• Exposure to security and compliance tools, including Microsoft Sentinel, Defender for Cloud Apps, Purview, insider risk management, and regulated industry standards (SOX, HIPAA, PCI, CJIS). 
• Proficiency in automation and scripting (PowerShell, Python, C#, REST), and use of modern DevOps and ITSM tools (Git/GitHub, Azure DevOps, ServiceNow, Confluence). 
• Network-aware endpoint design: NAC, split-tunnel VPN, proxy/pac, ZTNA integration. 
• Familiarity with advanced administration strategies (LAPS, Local Administrator, JEA). 
• Experience in regulated industries (e.g., SOX, HIPAA, PCI, CJIS). 
• Practice with Intune Suite (Advanced Analytics, Endpoint Privilege Management, Remote Help, App Control, Enterprise App Management). 
• Tooling: Git/GitHub, Azure DevOps, ServiceNow, Confluence, Visio/diagrams.net. 

What you will be doing:

• Own the enterprise modern desktop architecture roadmap: Intune, Entra cloud, tenant strategy, RBAC, security baselines, platform hardening and policy governance. 
• Lead modernization initiatives: Autopilot at scale, co-management transitions, Windows Update for Business (WUfB) deployment service, application lifecycle, and identity-driven zero trust. 
• Define and enforce configuration standards, change control, Windows lifecycle (update rings, feature updates, delivery optimization, etc.) and best practices for global device management. 
• Engineer and support security and device management policies such as: Conditional access policies, app enforced restrictions, Microsoft Defender for Endpoint, certificate-based authentication (SCEP/PKCS), endpoint firewall, and Zero Trust Network access. 
• Drive automation, monitoring and reliability by building scalable solutions with PowerShell, Graph API, Azure Automation and Git; delivering actional reporting via Log Analytics and Power BI. Lead proactive remediations and analytics, participating in incident management and root cause analysis. 
• Provide advanced expertise and mentorship, collaborate with Security on policy design and integration and deliver clear documentation to align stakeholders and achieve measurable results. 
• Participate in On-Call rotation and assist in incident troubleshooting for prompt mitigation of issues. 
• Understands and complies with ethical, legal and regulatory requirements applicable to our business.  

Availity culture and benefits:

• Availity is a certified “Great Place to Work”, a “Best Workplaces for Technology Companies”, a “Best Workplaces for Women” and a “Best Workplaces for Millennials”!
• Culture is important to us and there are many ways for you to make your mark here!
• We have several Diversity & Inclusion teams and various ways to engage with fellow Availity associates. “AvaiLadies”, “Beyond Black”, “HOLA”, “Availity Pride”, “VetAvaility” a Young Professionals Group and “She Can Code IT” a group for women in tech are some of the groups you can get involved in.
• Availity is a culture of continuous learning. We have many resources and experts in our tech stack and in our industry that can help get you there too!
• We offer a competitive salary, bonus structure, generous HSA company contribution, healthcare, vision, dental benefits and a 401k match program that you can take advantage of on day one!
• We offer unlimited PTO for salaried associates + 9 paid holidays. Hourly associates start at 19 days of PTO and go up from there with all the same holiday benefits.
• Interested in wellness? We allow our associates to reimburse up to $250/year for gym memberships, participation in racing events, weight management programs, etc.
• Interested in furthering your education? We offer education reimbursement!
• Availity offers Paid Parental Leave for both moms and dads, both birth parents and adoptive parents.
• Want to work for an organization that gives back to the community? You’re at the right place! Availity partners with various organizations, both locally and nationally, to raise awareness, funds and morale as our staff members volunteer their time and funds to engage the organizations campaign.

Next steps:

After you apply, you will receive text/email messages thanking you for applying and then you will continue to receive more text/email messages alerting you as to where you are in the recruitment process.

Interview process:

• Recruiter resume review
• Recruiter video interview
• Manager resume review
• Manager video interview
• Team video interview
• Senior Leadership video interview