Senior Microsoft Intune Architect (macOS & Apple Specialist)

• *Senior Microsoft Intune Architect (macOS & Apple Specialist)**
• *Remote (Strictly EST) |**
• *12 Months+ | 40,000+ Devices**

We are seeking a hands-on
• *Architect**

to lead the design and implementation of an enterprise-grade Apple management environment within Microsoft Intune. You will own the technical strategy for a massive macOS fleet (alongside iOS and Windows), ensuring seamless integration with Apple Business Manager and modern deployment workflows.
• * Key Responsibilities**
• **Apple-First Architecture:**

Design and lead the technical architecture for macOS, iOS, and iPadOS within Intune, leveraging
• *Apple Business Manager (ABM)**

and
• *Automated Device Enrollment (ADE)**

.
• **Modern Management:**

Implement
• *Declarative Device Management (DDM)**

and Platform SSO to modernize the Mac user experience and security posture.
• **Policy & Profile Engineering:**

Design configuration profiles (system extensions, kernel extensions, TCC) and
• *Shell Scripts**

to manage complex macOS settings not natively in the Intune UI.
• **Application Lifecycle:**

Drive the end-to-end strategy for Mac app deployment using
• *PKG, DMG, VPP (Volume Purchase Program),**

and third-party patching tools.
• **Identity & Security Integration:**

Integrate Intune with
• *Azure AD (Entra ID)**

and
• *Conditional Access**

to enforce compliance-based access for Apple endpoints.
• **Security Posture:**

Establish endpoint security controls including
• *FileVault encryption**

, Microsoft Defender for Endpoint (macOS), and Gatekeeper management.
• **Automation & Graph API:**

Utilize
• *PowerShell, Bash, and Microsoft Graph API**

to automate device lifecycle tasks, reporting, and custom remediation.
• **Hybrid Fleet Support:**

Oversee the integration of Windows (Autopilot) and Mobile (Android Enterprise) into a unified, secure, and scalable global tenant.
• **Compliance Governance:**

Define RBAC, tenant design, and
• *Compliance Policies**

to ensure all Apple devices meet strict enterprise and manufacturing-sector standards.
• **Technical Leadership:**

Mentor deployment engineers and collaborate with Networking/Security teams to ensure a seamless "Zero Touch" rollout.
• *Qualifications**
• **Expertise:**

5+ years of experience architecting
• *Microsoft Intune**

specifically for
• *macOS**

at an enterprise scale (10,000+ nodes).
• **Deep Knowledge:**

Expert-level understanding of Apple-specific frameworks (APNs, ADE, VPP, and Configuration Profiles).
• **Scripting:**

Proficient in
• *Bash**

and
• *Zsh**

for macOS customization and
• *PowerShell**

for Intune/Graph API automation.
• **Security:**

Strong background in Microsoft Defender for Endpoint and Conditional Access.
• **Environment:**

Experience in Manufacturing/Lab environments is a plus.