Systems Engineer - Cloud Focused

Overview

The Systems Engineer is responsible for designing, implementing, and supporting modern endpoint and identity solutions for SMB clients, with a primary focus on Microsoft Intune, Microsoft 365, and Entra  (Azure AD). This role leads device management and identity modernization initiatives, including migrations from on-premises Active Directory and Group Policy to Intune-based management in cloud-only and hybrid environments.

This position functions as a core Systems Engineer within a managed services environment while also serving as the organization’s primary subject matter expert for Intune and modern endpoint management. While Azure knowledge is required to support identity, security, and cloud integrations, this role is not primarily focused on traditional infrastructure or IaaS design. Work will span Intune leadership, project delivery, and general MSP engineering responsibilities based on client and business needs.

While this role serves as the organization’s primary Intune subject matter expert and helps define endpoint standards and reference architecture, it is not a dedicated or isolated position. Workload will vary based on client needs and project demand. The Systems Engineer is expected to contribute as a well-rounded MSP engineer, balancing Intune leadership with general systems support, troubleshooting, and cross-functional project work.

• Serve as a Systems Engineer within a managed services environment, providing support through service tickets, escalations, and project work across a range of client technologies
• Lead the design, deployment, and ongoing management of Microsoft Intune across multiple client environments, including device enrollment, configuration profiles, compliance policies, security baselines, and application management
• Design and execute migrations from on-premises Active Directory and Group Policy to Intune and Entra , supporting both hybrid and cloud-only identity models
• Establish, document, and maintain standardized Intune architectures, device profiles, and security baselines for SMB clients
• Implement and manage endpoint security controls, including Conditional Access, MFA enforcement, device compliance, and integration with Microsoft Defender
• Support Microsoft 365 workloads including Exchange Online, SharePoint Online, One Drive, and Teams as part of broader modernization and migration initiatives
• Evaluate legacy dependencies (applications, authentication methods, network requirements) that impact endpoint and identity modernization and recommend remediation strategies
• Provide technical leadership during projects and escalated service tickets related to Intune, identity, and modern workplace solutions
• Assist with client onboarding, tenant assessments, and modernization planning with a focus on endpoint, identity, and security readiness
• Participate in pre-sales discussions to assess client needs related to Intune, identity, and Microsoft 365 modernization, collaborating with Solutions Architects to help define scope and Statements of Work (SOWs)
• Ensure adherence to security best practices across cloud and hybrid environments
• Maintain accurate technical documentation, standards, and internal knowledge base articles
• Participate in on-call rotation

This role establishes the design, implementation, and enforcement of Intune policies and standards across client environments. The Systems Engineer is responsible for establishing best practices, maintaining consistency across tenants, and guiding both clients and internal teams in adopting standardized, secure configurations. This role has the authority to recommend changes, remediate non-standard configurations, and ensure long-term maintainability of endpoint and identity solutions.

The Systems Engineer plays a key role in defining, maintaining, and evolving the organization’s Intune reference architecture. This includes device enrollment models, baseline security policies, compliance standards, application deployment strategies, and identity integration patterns. The role collaborates with other engineers and…