Senior EUC / Endpoint Security Engineer (Intune & Essential Eight)

Insighture is a leading technology consultancy that drives digital transformation for businesses worldwide. With a team of over 85 expert consultants, the company delivers tailored, high-impact strategies and solutions, enabling scalable product engineering. As an AWS partner, Insighture excels in co-integrated cloud services. It has collaborated with more than 50 clients globally, guiding them through cloud adoption, DevOps transformation, enterprise modernisation, and more.

The team’s expertise spans Cloud-Native Development, Solutions Architecture, UI/UX, Quality Engineering, Data Engineering, AI/ML, and DevSecOps. These capabilities empower businesses to achieve impactful and innovative outcomes.

In 2024, Insighture achieved ISO certification and was recognised as a Great Place to Work, earning three prestigious awards: Best Workplace in Sri Lanka, Best Workplace for Technology, and Best Workplace for Young People. Insighture's technology and expertise are embedded in the work of internationally recognised care providers, global freight operations, child protection systems, and health tech platforms across Australia, the UK, and Singapore.

We are seeking a motivated and detail-oriented Senior EUC / Endpoint Security Engineer (Intune & Essential Eight) for a 6 months contract to join our growing team.

Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Cyber Security, or a related field
• 6–11 years of experience in EUC / Endpoint Engineering with strong security hardening focus
• Proven hands-on experience with Microsoft Intune, WDAC, Endpoint Security, and Essential Eight compliance uplift
• Strong hands-on experience with Microsoft Intune / Endpoint Manager
• End-to-end management of Windows 10/11 devices
• Expertise in Endpoint Security hardening, including:
• Windows Defender Application Control (WDAC) – policy creation, staging, allow/deny lists, signing
• Microsoft Defender for Endpoint, Defender Antivirus, Firewall, ASR rules
• Solid experience with Essential Eight (E8) controls, including: Application Control, patch management and application updates, Hardening baselines and MFA enforcement and admin privilege restriction
• Strong Azure AD / Entra ID skills (Conditional Access, device trust, hybrid join)
• Advanced troubleshooting skills across OS, identity, security controls, and applications
• Strong PowerShell scripting skills for automation and validation

Responsibilities:

• Manage and support Intune-based endpoint environments for Windows 10/11
• Design, implement, and maintain compliance policies, configuration profiles, and proactive remediations
• Deploy and manage applications (Win32/MSI), Autopilot provisioning, and lifecycle management
• Implement and operationalize WDAC policies aligned to Essential Eight maturity uplift
• Configure and maintain Defender security controls, ASR rules, firewall, and vulnerability reduction measures
• Implement Azure AD Conditional Access and identity hardening strategies
• Map existing endpoint policies to Essential Eight maturity uplift activities
• Troubleshoot complex endpoint issues using event logs, Defender logs, WDAC audit logs, and Intune diagnostics
• Develop PowerShell scripts for automation, reporting, and policy validation
• Create and maintain SOPs, security baselines, and implementation documentation
• Work closely with client SMEs, security architects, and stakeholders, providing clear communication and guidance