Azure Endpoint And Automation Engineer

Job Description

Help us keep thousands of Windows, iOS, and Android devices healthy, secure, and productive. You’ll be the engineer who closes the loop between Intune, Azure Monitor/Log Analytics, KQL, and Power BI—turning raw telemetry into actions that prevent issues before users ever notice them.

Responsibilities

• Route and operationalize Intune logs in Azure: configure Intune Diagnostic Settings to send audit/operational/compliance/device logs to Azure Monitor / Log Analytics, then author KQL queries, alerts, and workbooks for proactive monitoring.
• Build executive‑ready insights: create Power BI dashboards fed by the Intune Data Warehouse and/or Log Analytics queries to trend compliance, deployments, and device health.
• Run multi‑device queries at scale: use Intune Advanced Analytics – Device query for multiple devices (KQL) to answer fleet‑wide questions (e.g., drivers, firmware, crash patterns) and drive remediations.
• Measure update compliance: implement Windows Update for Business reports (Azure Monitor Logs) and craft KQL queries/Workbooks that track patch deployments, failures, and safeguards.
• Deploy and optimize Endpoint analytics: enable data collection, interpret startup/sign‑in scores, and turn insights into configuration changes that reduce help‑desk tickets.
• Automate with Microsoft Graph: build secure automations and data exports using Graph (PowerShell/REST) for device, app, and policy operations; manage app permissions and throttling considerations.
• Create and manage Microsoft Entra app registrations: design least‑privilege application permissions/secrets/certificates for Graph integrations; document consent flows and lifecycle.
• Design & develop Azure Workflows: Design, build, and maintain server-less integration workflows using Azure Logic Apps and Azure Function apps to automate business processes.
• Manage Azure substrate for analytics: create and govern Log Analytics workspaces, access control, data retention, and (where needed) data export.
• Secure access with Device Compliance: integrate Intune compliance with Conditional Access to enforce “require compliant device” for key apps while supporting exceptions and staged rollouts.
• Document and mentor: publish runbooks, standards, and KQL/Power BI templates; coach analysts and support engineers.
  
  
  

• Own outcomes end‑to‑end: define the signal, build the query, ship the dashboard, and land the fix.
• Partner closely with Security, Networking, and Collaboration teams on Conditional Access, device risk, and rollout strategies.
• Continuously improve: baseline with Endpoint analytics; A/B changes; measure and iterate.
  
  
  

• - Microsoft Intune, Endpoint analytics, Advanced Analytics – Device query, Windows Autopilot.
• Azure Monitor / Log Analytics, Power BI (datasets from Log Analytics + OData).
• Microsoft Graph API, Microsoft Entra ID app registrations.
  
  
  

• Hands‑on with Azure Monitor / Log Analytics, KQL, and Power BI.
• Strong coding skills in languages relevant to Azure automation – C#, PowerShell, Graph API, KQL functions, and automation run books.
• Proven experience building Intune Data Warehouse and/or Log Analytics‑backed dashboards that drive decisions.
• Comfort with Intune Advanced Analytics – Device query for multiple devices and writing efficient KQL.
• Practical knowledge of Windows Update for Business reports and update compliance troubleshooting.
• Ability to create and maintain Microsoft Entra app registrations (secrets/certs) and build automations with Microsoft Graph (PowerShell or REST).
• Solid understanding of RBAC for Log Analytics workspaces and least‑privilege access patterns.
• 4-6 years experience with Azure Integration Experience
  
  
  

• Experience with Windows Autopilot end‑to‑end, Endpoint analytics tuning, and Azure Workbooks.
• Depth with Android Enterprise and iOS/iPadOS Automated Device Enrollment (ABM/ASM).
• Certifications such as Endpoint Administrator Associate, Identity and Access Administrator, Azure Administrator Associate, Enterprise Data Analyst Associate.
• Experience with Azure AI Foundry & Security Copilot to build models for analyzing trends from log analytics.