Senior Microsoft Intune Architect (macOS & Apple Specialist)

• *Senior Microsoft Intune Architect (macOS & Apple Specialist)** • *Remote (Strictly EST) |** • *12 Months+ | 40,000+ Devices** We are seeking a hands-on • *Architect** to lead the design and implementation of an enterprise-grade Apple management environment within Microsoft Intune. You will own the technical strategy for a massive macOS fleet (alongside iOS and Windows), ensuring seamless integration with Apple Business Manager and modern deployment workflows. • * Key Responsibilities** • **Apple-First Architecture:** Design and lead the technical architecture for macOS, iOS, and iPadOS within Intune, leveraging • *Apple Business Manager (ABM)** and • *Automated Device Enrollment (ADE)** . • **Modern Management:** Implement • *Declarative Device Management (DDM)** and Platform SSO to modernize the Mac user experience and security posture. • **Policy & Profile Engineering:** Design configuration profiles (system extensions, kernel extensions, TCC) and • *Shell Scripts** to manage complex macOS settings not natively in the Intune UI. • **Application Lifecycle:** Drive the end-to-end strategy for Mac app deployment using • *PKG, DMG, VPP (Volume Purchase Program),** and third-party patching tools. • **Identity & Security Integration:** Integrate Intune with • *Azure AD (Entra ID)** and • *Conditional Access** to enforce compliance-based access for Apple endpoints. • **Security Posture:** Establish endpoint security controls including • *FileVault encryption** , Microsoft Defender for Endpoint (macOS), and Gatekeeper management. • **Automation & Graph API:** Utilize • *PowerShell, Bash, and Microsoft Graph API** to automate device lifecycle tasks, reporting, and custom remediation. • **Hybrid Fleet Support:** Oversee the integration of Windows (Autopilot) and Mobile (Android Enterprise) into a unified, secure, and scalable global tenant. • **Compliance Governance:** Define RBAC, tenant design, and • *Compliance Policies** to ensure all Apple devices meet strict enterprise and manufacturing-sector standards. • **Technical Leadership:** Mentor deployment engineers and collaborate with Networking/Security teams to ensure a seamless "Zero Touch" rollout. • *Qualifications** • **Expertise:** 5+ years of experience architecting • *Microsoft Intune** specifically for • *macOS** at an enterprise scale (10,000+ nodes). • **Deep Knowledge:** Expert-level understanding of Apple-specific frameworks (APNs, ADE, VPP, and Configuration Profiles). • **Scripting:** Proficient in • *Bash** and • *Zsh** for macOS customization and • *PowerShell** for Intune/Graph API automation. • **Security:** Strong background in Microsoft Defender for Endpoint and Conditional Access. • **Environment:** Experience in Manufacturing/Lab environments is a plus.