Position Details

Type Full-Time

Experience mid

Exp. Years Not specified

Education Not specified

Category Cloud & Infrastructure

About this role

Design and implement a standardized IT platform for identity, device management, security, and monitoring across multiple companies. Build and deploy Microsoft Intune and Autopilot, implement Entra Conditional Access, and configure the Kaseya RMM/monitoring layer.

Key Responsibilities

Configure and deploy Microsoft Intune and device compliance
Implement Autopilot for zero-touch provisioning
Design and apply device configuration profiles and security baselines
Set up Microsoft Entra Conditional Access policies and identity controls
Deploy and configure Kaseya (Datto RMM / K365) monitoring policies, patching, and alerting

Technical Overview

This role focuses on platform engineering for endpoint management and access control using Microsoft Intune, Microsoft Autopilot, and Microsoft Entra (Azure AD) Conditional Access. It also includes deploying and tuning Kaseya (Datto RMM / K365) monitoring, patching, and alerting, plus creating automation/remediation scripts and operational runbooks.

Ideal Candidate

The ideal candidate is a mid-level platform engineer focused on building standardized endpoint management environments using Microsoft Intune and Microsoft Autopilot. They have hands-on experience implementing Microsoft Entra / Azure AD Conditional Access and endpoint compliance baselines, plus experience deploying and tuning an RMM/monitoring layer such as Kaseya (Datto RMM / K365).

Must-Have Skills

Microsoft IntuneAutopilot deploymentMicrosoft Entra / Azure ADConditional Access and security policiesEndpoint compliance and device configuration

Nice-to-Have Skills

Kaseya / Datto RMMMicrosoft Defender ecosystemmulti-tenant or multi-company environmentscompliance frameworks (PCISOC2etc.)

Tools & Platforms

Microsoft IntuneMicrosoft EntraAzure Active DirectoryMicrosoft AutopilotKaseyaDatto RMMK365Microsoft Defender

Required Skills

Microsoft IntuneAutopilot deploymentMicrosoft Entra / Azure ADConditional Access and security policiesEndpoint compliance and device configurationKaseya / Datto RMM (or similar RMM tools)

Hard Skills

Microsoft IntuneAutopilot deploymentMicrosoft EntraAzure Active DirectoryConditional Accesssecurity policiesendpoint compliancedevice configuration profilessecurity baselinesrole-based access groupsMFAleast privilegeadministrative controlsKaseyaDatto RMMK365patchingalertingmonitoring policiesautomation scriptsremediation scriptsdevice enrollment into Intunecompliance policies across endpointsdocumentation of configurations and standardsrunbooks

Soft Skills

build cleanscalable environment from the ground upcross-functional collaborationdocumentation and handoff communicationreduce noise and improve signalavoid policy conflicts and configuration driftsupport transition to monitoring / operations teamcoordination during business hours

Industry & Role

Industry Consulting

Job Function Build and standardize Microsoft endpoint management and RMM monitoring platform

Role Subtype Platform Engineer

Tech Domains Microsoft 365, Cybersecurity, Azure

Keywords for Your Resume

Platform EngineerMicrosoft Endpoint & RMMMicrosoft IntuneAutopilotMicrosoft EntraAzure ADConditional Accessendpoint compliancedevice configuration profilessecurity baselinesrole-based access groupsMFAleast privilegeKaseyaDatto RMMK365patchingalertingmonitoring policiesautomation scriptsremediation scriptsrunbookssecurity policiesdevice managementsecurity and monitoringIntune + Autopilot deployment

Deal Breakers

Must be strong in Microsoft Intune, Must be strong in Autopilot deployment, Must have Microsoft Entra / Azure AD Conditional Access and security policy experience, Not a helpdesk role: must have build-focused engineering experience

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile

Platform Engineer (Microsoft Endpoint & RMM)

Get matched to jobs like this