0001

Role & responsibilities

Performance Engineering & Troubleshooting

o   Perform advanced diagnostics for boot/login delays, application slowness, memory/CPU bottlenecks, and storage I/O issues

o   Utilize tools such as Windows Performance Analyzer (WPA), Windows Performance Recorder (WPR), Sysinternals Suite, PerfMon, ProcMon, and ETW tracing

o   Define and maintain endpoint performance baselines and implement proactive monitoring strategies

o   Conduct root cause analysis of recurring endpoint performance issues and recommend long-term solutions

Endpoint Imaging & Deployment Automation

o   Design, maintain, and optimize Windows 11 golden images for large-scale enterprise deployment.

o   Automate OS and application deployments using Intune (Autopilot) and Azure AD

o   Develop and maintain PowerShell scripts for image updates, driver integration, and application packaging

o   Implement zero-touch provisioning and streamline device onboarding processes

Intune & Security Policy Management

o   Configure and manage Intune endpoint policies, compliance rules, and Autopilot deployments

o   Implement and maintain Windows Defender Application Control (WDAC) policies to enforce application security and compliance without compromising performance

o   Align endpoint configurations with enterprise security baselines (BitLocker, Microsoft Defender, CIS, and MDM policies)

o   Collaborate with Security teams to ensure balance between performance, optimization and compliance

Digital Employee Experience (DEX) Monitoring

o   Use DEX tools (e.g., Aternity, Nexthink, or equivalent) to monitor user experience, identify performance gaps, and improve endpoint reliability

o   Analyze telemetry and feedback to drive continuous improvement in end-user productivity and satisfaction

o   Integrate DEX insights with automation to create proactive remediation and self-healing solutions

Knowledge and Experience requirements

Required Qualifications

o years of experience in Windows endpoint engineering, imaging, and performance optimization

o   Strong expertise in Windows 11 internals (boot process, registry, kernel processes, OS servicing)

o   Hands-on experience with Microsoft Intune (Autopilot, Endpoint Security, Compliance, Analytics)

o   Proven experience implementing and managing Windows Defender Application Control (WDAC)

o   Proficiency in automation and scripting (PowerShell required; Python a plus)

o   Skilled in using performance diagnostics tools (WPA, WPR, Sysinternals, ProcMon, ETW, PerfMon)

o   Working knowledge of Active Directory, Group Policy, Azure AD, and hybrid identity models

o   Familiarity with DEX tools for endpoint experience monitoring

Preferred Skills

o   Experience with application packaging and distribution

o   Exposure to endpoint CI/CD pipelines (Azure DevOps, GitHub Actions)

o   Understanding of network performance tuning for endpoints

o   Knowledge of VDI/AVD environments and Windows 11 performance in virtualized contexts

Soft Skills

o   Strong problem-solving and analytical skills with a structured, detail-oriented approach

o   Ability to work independently while collaborating across IT, Security, and Operations teams

o   Excellent documentation and communication skills

o   Passion for automation, security, and improving end-user experiences