WDAC Implementation Specialist

Insighture is a leading technology consultancy that drives digital transformation for businesses worldwide. With a team of over 85 expert consultants, the company delivers tailored, high-impact strategies and solutions, enabling scalable product engineering. As an AWS partner, Insighture excels in co-integrated cloud services. It has collaborated with more than 50 clients globally, guiding them through cloud adoption, DevOps transformation, enterprise modernisation, and more.

The team’s expertise spans Cloud-Native Development, Solutions Architecture, UI/UX, Quality Engineering, Data Engineering, AI/ML, and DevSecOps. These capabilities empower businesses to achieve impactful and innovative outcomes.

In 2024, Insighture achieved ISO certification and was recognised as a Great Place to Work, earning three prestigious awards: Best Workplace in Sri Lanka, Best Workplace for Technology, and Best Workplace for Young People. Insighture's technology and expertise are embedded in the work of internationally recognised care providers, global freight operations, child protection systems, and health tech platforms across Australia, the UK, and Singapore.

Requirements

• Strong knowledge of Windows security architecture, application control, and endpoint protection.
• Hands-on experience with Microsoft Intune, ConfigMgr, and PowerShell scripting.
• Familiarity with Code Integrity policies, audit vs enforcement modes, and policy signing.
• Ability to manage large-scale deployments and troubleshoot complex WDAC issues.
• Previous experience implementing WDAC in enterprise environments.
• Ivanti application control understanding
• Understanding of Zero Trust security models and compliance frameworks.
• Knowledge of ASD Essential Eight or similar security hardening guidelines.

Responsibilities

• Design and implement WDAC policies using XML and convert them to binary for enforcement.
• Deploy WDAC policies via Microsoft Intune, Endpoint Configuration Manager (ConfigMgr), or PowerShell.
• Configure audit mode before enforcement to minimize disruption and validate policy effectiveness.
• Enforce application control to prevent unauthorized code execution, including kernel-level protection.
• Align WDAC implementation with regulatory requirements and organizational security frameworks.
• Integrate WDAC with Microsoft Defender Antivirus and other endpoint security tools.
• Enable managed installer functionality for automated trust of Intune-deployed applications.
• Analyze WDAC logs using Microsoft Security tools (e.g., Advanced Hunting) to refine policies.
• Resolve application blockage issues and maintain policy updates for evolving business needs.
• Maintain detailed documentation of WDAC configurations and deployment processes.
• Provide training and support for IT teams and end-users on WDAC policies.