Key skills
CloudMacOSPowerShellAIEntra ID
About this role
Role Overview
- Act as the primary escalation point for 2nd and 3rd line technical issues across the business
- Manage and maintain endpoint fleet (~150 devices) using Microsoft Intune, including compliance policies, configuration profiles, and application deployment
- Administer and optimise the Microsoft 365 environment (Entra ID, Exchange Online, SharePoint, Teams)
- Own the device lifecycle from provisioning through to retirement, working with our chosen logistics partner
- Maintain and improve the IT service desk, including workflows, automations, and SLA reporting
- Manage Microsoft Defender for Endpoint — investigate alerts, tune policies, respond to incidents
- Support the Head of IT in delivering and maintaining ISO 27001 alignment
- Administer Entra Suite (Private Access, Internet Access, ID Governance) and support zero-trust network access initiatives
- Manage Endpoint Privilege Management policies to enforce least-privilege access
- Contribute to security awareness initiatives and support Cyber Essentials certification
- Monitor and improve Microsoft Secure Score and overall security posture
- Design and build automations using Power Automate, PowerShell, and Graph API to eliminate manual IT processes
- Automate joiner/mover/leaver workflows, licence assignment, device provisioning, and reporting
- Lead or contribute to IT projects across security, infrastructure, and tooling
- Evaluate and implement new tools and technologies that improve IT service delivery
- Define and maintain hardware personas (developer, standard user, etc.) and ensure the fleet meets business needs
- Manage hardware procurement relationships and coordinate with the logistics vendor for deployment, retrieval, and recycling
- Plan and execute device refresh programmes as part of ongoing fleet management
Requirements
- Strong hands-on experience with Microsoft 365 administration (Entra ID, Exchange Online, Intune, Defender)
- Demonstrable experience managing endpoint fleets at scale using Intune (compliance, configuration profiles, app deployment, Autopilot)
- Solid understanding of identity and access management, conditional access, and zero-trust principles
- Experience with PowerShell scripting and Microsoft Graph API for automation
- expect those but willing to consider other automation technologies.
- Familiarity with service desk workflows
- Comfortable working autonomously in a fully remote environment with a small team
- Excellent troubleshooting and diagnostic skills across Windows, macOS, and cloud services
- Interest in or experience with AI tools and their application to IT operations (e.g. AI-assisted automation, copilots, prompt engineering)
Tech Stack
- Cloud
- MacOS
Benefits
- 27 days of holiday per year plus bank holidays (with a buy option up to an additional 5 days)
- Enhance Maternity and Paternity leave
- AXA Health insurance including dental, optical and mental health
- Broadband allowance
- Home office stipend
- Life assurance (4 x basic salary)
- Encouraged and funded CPD