Job Summary
Job Title – Intune, SCCM, Action 1 and Matrix 42 (Imaging) Subject Matter Expert (L3) Years of Experience – 10+ Years Candidate should have minimum 10+ years of experience in Intune, SCCM and Action 1 Primary Skills — Intune & SCCM & Action 1
Key Responsibilities
Microsoft Intune – device compliance, configuration profiles, MDM/MAM, Autopilot • SCCM (ConfigMgr) – architecture, OSD, patching, application deployment, co management • Action 1 – Software distribution and patch management • Endpoint Management – Windows, iOS, Android, BYOD, Kiosk devices • Application Management – Win32/MSI, mobile apps, app packaging & deployment • Windows OS Expertise – Windows 10/11 administration, troubleshooting, migrations • Security & Endpoint Protection – Defender, EMS, compliance & hardening policies • Automation & Scripting – PowerShell, Graph/API-based automation • Device Provisioning – Autopilot, ABM, VPP, Android Enterprise enrollment • Monitoring & Analytics – Endpoint Analytics, health reporting, compliance • Incident & Problem Management (L3) – RCA, escalations, complex troubleshooting • Enterprise Mobility Architecture – scalable, hybrid, co-managed environments Responsibilities for Intune and SCCM: • Managing Device compliance and configuration profiles in Intune. • End to end knowledge on Intune and Endpoint Manager Admin Centre Console. • Providing technical / architectural support and driving successful user adoption Technical experience with Microsoft 365 security (Windows Defender/Advanced Threat Protection, Security and Compliance Centre, EMS suite Maintain and update the Security Hardening parameters for installed On-Prem or Customer cloud tenant • Enforce MAM policies and procedures in the Intune environment. Mobile Application Management or MAM, Allow/block/quarantine access to blacklisted applications. • Application packaging via Intune App Wrapper, Application Deployment via Intune on Windows 11 Devices, Should have knowledge on VPP application management. • Provide support for publishing applications into the Company Portal catalog and help with the deployment of those applications. • Should have expertise on Application Deploy, Upgrades and Application removal on all major platforms. • Monitor for application compliance and configure auto enforcement policy to fix. • Provide a platform for Mobile device environment including coordination with third parties and other teams within client ecosystem as needed. • Distribute Software and apps over -the air on all platforms & OS. Enable employee self-activation of corporate and BYODs. • Knowledge of Systems Administration for Components installed in Customer environment like: Application Proxy Connector Knowledge of Enterprise Mobility Security features covered under Modern workplace offering’s Mobile device management Intune • Expertise on Windows Autopilot for Hybrid and Azure AD scenarios. • Experience on user driver, white glove Autopilot scenarios. • Advanced level knowledge on win32/MSI Apps deployment troubleshooting. • Knowledge on co-management workload scenarios. • Managing Windows 11 update rings via Intune. • Managing M365 pro plus client install and workloads. • Knowledge of Endpoint Analytics to assist with device/enterprise health. • Knowledge of Group policy Analytics to assist with migration of policies to Intune. • Knowledge of MS Graph to help automate/troubleshoot daily tasks. • Windows Administration: Working knowledge on multiple Windows OS platforms, OS configuration on different roles - Domain, WINS, DNS, DHCP, IIS, WSUS. • Knowledge of handling KIOSK PCs & their image management. • Good Knowledge of OSD via SCCM, MDT, WDS. Customizations in SCCM Task Sequence related to OSD. • SQL Reporting Skills • Should be well versed with certifying new hardware within environment and m
Skill Requirements
Platform Ownership & Architecture • Plan and execute OS and third-party patch deployments • Monitor: o Patch compliance o Vulnerability exposure • Handle: o Emergency patching (zero-day vulnerabilities) • Generate patch compliance reports for audit & governance • Manage application packaging and deployment • Execute: o Software installation / upgrades / removals • Maintain approved software baseline • Validate software compatibility before deployment Advanced Device Management & Configuration • Design and govern advanced Android device profiles, including: o Kiosk / Lockdown modes o Application whitelisting / blacklisting o System-level restrictions and custom policies • Manage Android Enterprise (AE) enrollment strategies, including fully managed, dedicated, and corporate-owned device scenarios. • Resolve complex issues related to firmware compatibility, OEM constraints, and Android OS behavior. • Approve and implement device lifecycle standards (enrollment, replacement, refurbishment, decommissioning). Application Management & Distribution • Own and define application packaging, versioning, deployment, and rollback strategies. • Handle complex or failed application deployments, app crashes, and performance issues in production environments. • Manage and optimize enterprise app stores, silent installs, and dependency handling. • Coordinate with development teams for custom APK testing, validation, and rollout. Security, Compliance & Risk Management • Define and enforce device security baselines, including encryption, authentication, certificate usage, and OS hardening. • Govern factory data protection, preventing data leakage from production devices. • Review and remediate security vulnerabilities, risky configurations, and compliance gaps. • Define standards for device access control, debug settings, USB restrictions, and network usage. Incident Management & Advanced Troubleshooting • Act as final escalation point (L3) for critical or systemic SOTI and Android device incidents. • Lead root cause analysis (RCA) for recurring or major device and platform issues. • Troubleshoot complex scenarios involving: o Device enrollment failures o Unstable kiosk behavior o OS/app conflicts o Remote control or device communication issues • Coordinate vendor escalations with SOTI support and device manufacturers. Integration & Automation • Drive automation initiatives for device enrollment, configuration, monitoring, and remediation. • Approve and oversee the use of SOTI APIs, scripting, and workflows. Monitoring, Reporting & Optimization • Define KPIs and health metrics for device availability, app stability, and platform performance. • Analyze trends across incidents, device performance, and usage data to identify improvement opportunities. • Provide strategic reporting on fleet health, risks, and optimization recommendations. • Proactively improve operational efficiency and device uptime in factory environments. Change, Release & Upgrade Management • Own SOTI platform upgrades, Android OS updates, and major configuration changes. • Validate changes in test or pilot environments before production rollout. • Approve and oversee mass device updates, ensuring minimal impact on factory operations. • Define rollback and contingency strategies for critical releases. Governance, Documentation & Standards • Define and maintain device management standards, policies, and operational guidelines. • Review and approve L2 procedures, SOPs, and runbooks. • Ensure accurate documentation of: o Architecture diagrams o Configuration baselines o Known issues and workarounds • Support audits, factory compliance reviews, and internal governance requirements. Leadership & Knowledge Enablement • Provide te
Other Requirements
Provide technical leadership and mentoring to L2 support teams. • Act as a key technical advisor to factory stakeholders, IT leadership, and security teams. • Support onboarding of new factories, device types, or production use cases. • Drive continuous improvement and innovation in device management practices.