Endpoint Engineer, Microsoft Intune & Tanium

• Design, configure, and maintain endpoint management policies across Windows, macOS, iOS, Android, and ChromeOS using Microsoft Intune and Tanium.
• Own Intune configurations, including enrollment profiles, compliance policies, configuration profiles, application deployment, Autopilot, and Conditional Access integration.
• Use Tanium to provide real-time endpoint visibility, support investigation, remediation, patching, software deployment, and operational health monitoring.
• Manage the end-to-end patch management lifecycle for operating systems and applications, including critical vulnerability remediation and compliance tracking.
• Implement and improve endpoint security controls, including BitLocker, Microsoft Defender for Endpoint, Zero Trust policies, and certificate-based authentication.
• Build automation with PowerShell, Intune remediation scripts, Tanium packages, sensors, and deployment workflows.
• Support modernization of legacy endpoint management processes, including migration from tools such as SCCM / ConfigMgr, HPDM, manual imaging, or similar platforms.
• Collaborate with cybersecurity, infrastructure, network, and service desk teams to ensure secure, reliable, and well-documented endpoint operations.

• 5+ years of experience in endpoint engineering, end-user computing, workplace engineering, infrastructure engineering, or security operations in an enterprise environment.
• Strong hands-on expertise with Microsoft Intune, including Autopilot, compliance policies, configuration profiles, app deployment, and Entra ID / Conditional Access integration.
• Production-level experience with Tanium, including relevant modules such as Interact, Patch, Deploy, Protect, and Tanium Connector for Microsoft Intune.
• Strong PowerShell scripting skills and the ability to automate real operational tasks.
• Experience managing Windows 10/11, macOS, iOS, and Android device fleets.
• Solid understanding of endpoint security, Zero Trust principles, endpoint compliance, patch management, and vulnerability remediation.
• Experience with BitLocker, Microsoft Defender for Endpoint, and certificate-based authentication.
• Ability to work with complex enterprise environments where security, reliability, auditability, and operational discipline are essential.
• Strong ownership mindset and ability to act as a senior hands-on engineer, not only as an administrator or support specialist.

• Experience in financial services, fintech, banking, investment management, or another regulated environment.
• Experience migrating from SCCM / ConfigMgr, HPDM, Ivanti, MobileIron, or other legacy endpoint management tools to Intune, Tanium, or other modern UEM platforms.
• Microsoft certifications such as MD-102, SC-300, or AZ-500.
• Tanium Certified Operator or Tanium Certified Administrator certification.
• Experience with HP thin client environments, HPDM, or Windows IoT Enterprise management.
• Familiarity with SysTrack Lakeside DEX or similar endpoint analytics platforms.
• Experience with ServiceNow ITSM integration.
• Exposure to CI/CD practices for endpoint configuration and deployment automation.

• Flexible work setup: remote or a hybrid model
• Health insurance coverage for those based in Cyprus or Poland.
• 50% coverage of health insurance for spouses and children in Cyprus or Poland.
• 24 days of paid vacation.
• 10 days of paid sick leave.
• 50% reimbursement for professional training, education, conferences.
• Work alongside a highly professional team.
• Engaging teambuilding events and activities.

In case of relocation to Poland or Cyprus, we offer

• Flight tickets, accommodation rent for 1st month for our relocated employee and his/her official family.
• Support in visa application and issue process, entry permit and residence permit processing