Intune Architect (NCS/Job/ 3474)

Act as Architect and SME for Microsoft Intune across device and application management.

·                Design and implement application protection policies (MAM/MAM-WE) for enterprise workloads.

·                Design device compliance and health checks for Office 365 access.

·                Implement and manage all endpoint and app-related policies in Intune and Microsoft 365.

Application, Browser & Data Protection

·                Roll out browser and application protection policies (Edge, mobile apps, managed apps) to applicable user groups.

·                Enforce secure access to corporate data using app-level controls and device-based trust.

·                Close security control gaps across:

o        App Virtualization solutions

o        Virtual Desktop / AVD / VDI environments

Identity & Access Integration (with Entra ID)

·                Design Conditional Access policies tightly integrated with Intune device state and app protection.

·                Implement Entra ID–based controls to restrict privileged access and sensitive data to managed and compliant devices.

·                Build and enforce controls using Entra ID and Defender for Cloud Apps.

·                Enable phishing-resistant MFA and Continuous Access Evaluation (CAE) for internal and external users.

Cloud & Virtual Desktop Security

·                Evaluate Windows 365 (W365) fitment from an endpoint, identity, and security perspective.

·                Ensure secure device and app access in hybrid, cloud-only, and virtual desktop scenarios.

Governance & Best Practices

·                Support Entra Application Registration governance from a device and access control perspective.

·                Drive adoption of overall Entra ID and Office 365 security best practices.

·                Continuously review and enhance endpoint and access security posture.