L2 Endpoint Security Engineer (Intune & Defender)

Job Description Job Title: Endpoint Security Engineer (Intune & Defender) Location: Pune Department: Infra Security Experience: 5 to 7 years Reporting To: Technical Lead Manager Joining: Within a week or two Job Summary We are seeking a skilled and proactive Level 2 M365 Security Engineer with deep expertise in Microsoft Intune and Microsoft Defender for Endpoint. The ideal candidate will be responsible for managing, supporting, and optimizing endpoint security and device management solutions across the organization. This role requires hands-on experience with M365 technologies, strong troubleshooting skills, and the ability to collaborate with cross-functional teams. You will be responsible for, • Providing L2 support for issues related to Microsoft Intune and Microsoft Defender. • Managing and maintaining device compliance policies, configuration profiles, and application deployments via Intune. • Monitor and respond to security alerts and threat detections from Microsoft Defender. • Assist in onboarding devices (Windows, iOS, Android) into Intune and ensure proper policy enforcement. • Endpoint Management & Security (Intune) • Configure and enforce security policies using Microsoft Intune for endpoint compliance. • Act as an escalation point for security incidents and vulnerabilities affecting infrastructure. • Design and implement patch management strategies for servers, workstations, and cloud infrastructure. • Perform root cause analysis and resolve escalated incidents and service requests. • Collaborate with L3 engineers and security teams to implement best practices and improve security posture. • Maintain documentation for configurations, procedures, and troubleshooting guides. • Participate in change management, patching, and system upgrades. • Ensure adherence to compliance and security standards. • Work closely with IT Operations, Cloud, and Security teams to drive security initiatives. • Participate in security infrastructure upgrades and optimizations. Requirements About you • Hands-on experience with EDR/XDR platforms such as Microsoft Defender for Endpoint or Sentinel One.-must have • Familiarity with vulnerability management tools.- must have • 46 years of experience in IT support, with at least 3 years in M365 ecosystem. • Strong hands-on experience with Microsoft Intune (Endpoint Manager). • BitLocker (encryption)- good to have • Application control- good to have • Endpoint privilege management- good to have • Windows Defender Firewall- must have • Mobile Device Management (MDM), particularly Intune- must have • Understanding of endpoint threat intelligence and ability to analyze threat data.- must have • Scripting or automation experience using PowerShell or other scripting languages.- must have • Solid understanding of Microsoft Defender for Endpoint and threat protection mechanisms. • Experience with PowerShell scripting for automation and troubleshooting. • Familiarity with Azure AD, Conditional Access, and Group Policies. • Excellent problem-solving and communication skills. • Microsoft certifications (e.g., MS-101, MD-102, SC-200) are a plus. Education & Certifications • Bachelor's degree in Computer Science, Cybersecurity, Engineering, or Telecommunications (or equivalent experience). • Security-related certifications and ITIL are a plus.