Skip to main content

Senior Endpoint Management Engineer

SAP Fioneer

MunichOn-siteFull-Time1w ago

Description

We are looking for a Senior Endpoint Management Engineer to own, maintain, and evolve the platforms that manage our entire device fleet. You will be the technical authority for two complementary MDM ecosystems — Microsoft Intune (Windows laptops, iPhones, and iPads) and Kandji / IRU (Apple MacBooks) — making sure every device is secure, compliant, and effortless to use from day one.

This is a hands-on engineering role for someone who treats endpoint management as a product: automated, measurable, and built around the end-user experience. As a financial-services technology (fintech) company operating in a highly regulated industry, we adopt cutting-edge technology to support rapid business growth without compromising on security. You will sit at the center of that mission — helping shift IT from a reactive, manual support model toward a proactive, automation-driven platform.

Key Responsibilities****Endpoint & MDM platform ownership

  • Administer, maintain, and continuously improve Microsoft Intune (Windows laptops, iPhones, iPads) and Kandji / IRU (Apple MacBooks).
  • Own the full device lifecycle: zero-touch enrollment via Apple Business Manager (ADE) and Windows Autopilot, configuration, app deployment, patching, and retirement.
  • Define and enforce configuration profiles, compliance policies, and baseline standards across all platforms and OS versions.
  • Maintain integrations across the wider stack: Microsoft 365, Microsoft Azure / Entra ID, Microsoft Defender, Cisco Meraki, and Zscaler.

Automation & AI

  • Identify repetitive, manual, and error-prone tasks and replace them with automation (e.g., Intune Proactive Remediations, scripting, Microsoft Graph API, Kandji automation).
  • Champion and implement AI-driven automations — self-service, self-healing, automated remediation, and assisted support — to improve the end-user experience and reduce service desk workload.
  • Deliver measurable impact: fewer tickets, faster resolution, and less manual intervention.

Security & compliance (fintech-grade)

  • Implement and maintain Zero Trust controls: Conditional Access, device compliance gating, encryption (BitLocker / FileVault), and least-privilege access.
  • Manage endpoint threat protection through Microsoft Defender and ensure secure connectivity via Zscaler.
  • Align endpoint configuration and evidence with regulatory and audit requirements — ISO 27001, SOC 2, DORA, and GDPR — and support internal and external audits.

End-user experience

  • Deliver fast, reliable, zero-touch onboarding so new joiners are productive on day one.
  • Proactively monitor device health and performance; resolve issues before users notice them.
  • Act as the senior escalation point for complex endpoint issues raised by the service desk.

Collaboration & continuous improvement

  • Partner with IT Support, IT Operations, Security, and Infrastructure teams, keeping ownership boundaries and escalation paths clear.
  • Document standards, runbooks, and knowledge-base articles to enable the wider team.
  • Track and report on endpoint KPIs (compliance rate, patch coverage, enrollment success, ticket deflection) and drive continual improvement.

Requirements Must Have

  • 3–5 years of hands-on experience administering MDM / endpoint management platforms in an enterprise environment.
  • Proven expertise with Microsoft Intune across Windows and iOS / iPadOS, and with macOS management via Kandji (or a comparable Apple MDM such as Jamf).
  • Strong working knowledge of Apple Business Manager, Automated Device Enrollment (ADE), and Windows Autopilot.
  • Solid grounding in Microsoft 365 and Microsoft Entra ID (Azure AD), including Conditional Access and compliance policies.
  • Scripting and automation skills (PowerShell, Bash, and/or Microsoft Graph API).
  • Practical understanding of endpoint security and compliance in a regulated environment.

Preferred / Nice to Have

  • Relevant certifications: Microsoft 365 Certified:

More jobs in Munich