Microsoft Windows Engineer (Remote) at Tier One Technologies | Torre
warning

Heads-up

The job you’re trying to post already exists in Torre:

Microsoft Windows Engineer (Remote)

You'll engineer secure Windows ecosystems, safeguarding critical infrastructure through advanced endpoint solutions.
Emma highlights
This highlight was written by Emma’s AI. Ask Emma to edit it.
Freelance
Recurrent

USD75.4K - 100K/year

~COP150M - 200M/year

+ Equity

+ Bonuses

location_on
Remote (for United States residents)
Match
skeleton-gauges
You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Review preferences
Shared by
Emma of Torre.ai
1 day ago

Requirements and responsibilities


OverviewThe Microsoft Windows Engineer serves as the lead technical specialist for the Microsoft endpoint and identity ecosystem supporting this effort, including Windows workstation engineering, Intune, Windows Autopilot, Group Policy, Entra ID/Active Directory integration, passwordless authentication, hardware-backed credentials, and Windows endpoint telemetry.This role is responsible for engineering secure Windows endpoint baselines, device provisioning and compliance workflows, authentication and access controls, and the operational integration of Windows devices into the company's security monitoring and incident response framework.ResponsibilitiesDesign, maintain, and secure Windows workstation images supporting both on-site and remote/VDI users.Engineer Windows endpoint baselines, policy settings, compliance configurations, and patch orchestration mechanisms using approved Microsoft technologies.Administer and optimize Microsoft Intune, Windows Autopilot, Group Policy, and associated endpoint compliance and configuration controls.Support implementation of passwordless authentication, hardware-backed credentials (e.g., YubiKeys, CAC, software keys), and other protections for privileged and sensitive accounts.Integrate endpoint enrollment and conditional access controls with Entra ID / Active Directory to ensure devices are securely configured before receiving access.Support device lifecycle operations including provisioning, compliance enforcement, reassignment, and decommissioning for Windows endpoints.Engineer and validate Windows endpoint logging, monitoring, and telemetry, including Windows Event Logs, endpoint agents, and SIEM/EDR forwarding.Coordinate Intune/GPO-based patch orchestration, policy enforcement, and remediation of Windows configuration drift.Produce documentation, standards, runbooks, validation artifacts, and technical guidance related to the Microsoft endpoint environment.Support escalated incident response, troubleshooting, and audit activities involving Windows devices and Microsoft-managed endpoint services.QualificationsCore Qualifications:Bachelor’s degree in IT, Cybersecurity, or related field preferred; equivalent experience acceptableMust possess an active or interim Top Secret security clearance8 years of experience in IT, Endpoint Engineering, or Cybersecurity6 years of experience performing engineering functions in enterprise environmentsExperience working under formal change control, audit, and security governance processesAdditional Qualifications:Experience with Microsoft Intune for provisioning, compliance, configuration profiles, and security policy enforcementExperience with Windows Autopilot for automated provisioning and device lifecycle managementExperience with Group Policy Objects (GPO) for Windows configuration and policy deliveryExperience with Entra ID / Active Directory integration, conditional access, and device/user association workflowsExperience building and maintaining Windows workstation imagesExperience integrating Windows images with VDI, EDR, authentication tools, and logging agentsExperience managing Windows patch orchestration, baseline enforcement, and configuration drift remediationExperience validating patch deployments and supporting rollback proceduresExperience implementing passwordless authentication and hardware-backed credentialsExperience configuring and maintaining Windows Event Logs and forwarding telemetry to SIEM/EDR platforms such as Microsoft SentinelExperience monitoring enrollment, patch status, compliance posture, and operational failures across Windows endpointsExperience supporting audit readiness, forensic support, and technical validation reporting
Optionally, you can add more information later (benefits, pre-screening questions, etc.)
check_circle

Payment confirmed

A member of the Torre team will contact you shortly

In the meantime, continue adding information to your job opening.