Role Summary :

The Endpoint Management, Patching & MDM Associate is responsible for managing, securing, and maintaining enterprise endpoints through modern device management solutions. This includes Microsoft Intune (MDM/MAM), OS and application patching, third party patching, device enrollment, compliance, and endpoint health. The role works closely with EUC, Security, Infrastructure, and Service Desk teams to ensure a stable, updated, and secure end user computing environment.

Key Responsibilities :

Endpoint Management (Windows, macOS, Mobile) :

- Manage endpoint lifecycle across Windows 10/11, macOS, iOS, and Android devices.

- Support device enrollment and configuration via Intune (corporate and BYOD).

- Maintain device compliance, security baselines, configuration profiles, and health monitoring.

- Assist in troubleshooting device performance, login, Wi Fi/VPN, certificate, and encryption issues.

MDM Operations (Microsoft Intune / MAM) :

- Apply and validate MDM/MAM policies including device restrictions, PIN/encryption rules, and App Protection Policies.

- Troubleshoot Intune enrollment failures, policy conflicts, Company Portal issues, and Conditional Access blockers.

- Manage Autopilot provisioning support (profile assignment, ESP issues, device readiness).

OS & Application Patching :

- Configure and maintain update rings for Windows quality and feature updates.

- Monitor OS patch compliance, initiate remediation actions, and coordinate patch cycles.

- Troubleshoot update failures and maintain patch health dashboards.

Third Party Application Patching (Nice to have : Patch My PC) :

- Support third party application updates through Patch My PC or Intune's app catalog.

- Maintain packaging notes, publish updates, and troubleshoot failed deployments.

- Coordinate with application teams for critical update rollouts.

Support & Operational Excellence :

- Provide L2 support for endpoint issues escalated from Service Desk.

- Collaborate with Security on endpoint protection (AV/EDR), BitLocker/FileVault, Defender policies, and compliance drift.

- Participate in patching windows, upgrade cycles, pilot rollouts, and post deployment validations.

- Maintain accurate documentation, SOPs, KB articles, and change records.

Reporting & Compliance :

- Generate monthly reports for compliance, patch status, encryption posture, and device health.

- Track non compliant devices; perform follow ups and corrective actions.

- Support internal/external audits with logs, reports, and evidence.

Continuous Improvement :

- Identify opportunities to automate tasks using PowerShell, Graph API, or Intune built ins.

- Suggest improvements in patching success, device performance, and end user experience.

- Stay updated with new Intune, Windows, macOS, and MDM features