Job Description
Job DescriptionCLOUD DELIVERY ENGINEER
HYBRID - NEW YORK CITY
FULL TIME ONLY
PERMANENT RESIDENTS ONLY
Responsibilities:
- Lead the design and implementation of Intune policies tied to MAM and MDM for BYOD and Corporate Devices
- Design, implement, and manage Microsoft Intune for iOS/iPadOS and Android Enterprise
- Define and enforce mobile data protection controls through Intune App Protection Policies and Devices Restrictions
- Manage data sharing access between managed apps
- Implement and maintain device configuration profiles, compliance policies, and security baselines aligned to the firm’s security and regulatory requirements.
- Act as the escalation point for Mobile Intune Applications, MAM, and Conditional Access issues, Exchange Online
- Must be comfortable with other Azure services that directly affect Mobile devices Authentication, Authorization, Application Deployment and Exchange Online Connectivity
- Conditional Access Policies
- Azure App Proxy
- Azure VPN for iOS and Android
- Entra Sign-in Logs
- Define and troubleshoot Entra Conditional Access Policies
- Multifactor Authentication and Certificate Base Authentication
- Entra application registrations
- Have a solid understanding of Exchange Online, including mail flow, security, and coexistence with any on-premises or legacy systems
- On-premises to Exchange Online Migration
- High level of comfort with Entra ID (Azure AD) identity services, including MFA, SSO, application registrations, access governance, and privileged identity management.
- Work closely with Information Security, Risk, and Compliance teams to ensure Microsoft 365 and Azure services support client obligations, including confidentiality and data residency.
- Comfortable with Microsoft Defender solutions (Endpoint, Office 365) as part of the firm’s security posture.
- Lead or act as senior engineer on global projects involving Microsoft 365, Intune, and related infrastructure.
- Develop and maintain technical standards, documentation, diagrams, and runbooks for operational teams.
- Provide escalation support for complex incidents and problems related to Microsoft 365, Intune, and Azure services.
- Mentor junior engineers and service desk analysts, sharing knowledge and best practices.
- Monitor platform health, performance, and capacity; recommend and implement improvements for availability, resilience, and cost optimization.
- Stay current with the Microsoft roadmap; assess new features and changes and lead their adoption within the firm where appropriate.
- Perform additional tasks as needed.
Qualifications:
- Bachelor’s degree in computer science, Information Systems, or equivalent field required.
- 5 - 7 years of experience required.
- Microsoft certifications are highly desirable.
- Extensive hands-on experience administering large enterprise Microsoft 365 tenants, including Intune, Exchange Online, SharePoint/OneDrive, and Entra ID (Azure AD).
- Proven experience building and managing Intune-based endpoint management at scale, including Autopilot, app deployment, and cross-platform device management.
- Strong expertise in Conditional Access, App Protection Policies, and compliance policies for secure hybrid/BYOD access.
- Solid understanding of security and compliance features in Microsoft Defender solutions.
- Proficient in PowerShell scripting and automation for Microsoft 365 and Azure.
- Experience working in a law firm or similarly regulated environment strongly preferred.
- Demonstrated ability to lead complex technical projects, manage stakeholders, and drive outcomes in a global organization.