Cloud Delivery Engineer

Cloud Delivery Engineer

NYC hybrid

holders

• Lead the design and implementation of Intune policies tied to MAM and MDM for BYOD and Corporate Devices
• Design, implement, and manage Microsoft Intune for iOS/iPadOS and Android Enterprise
• Define and enforce mobile data protection controls through Intune App Protection Policies and Devices Restrictions
• Manage data sharing access between managed apps
• Implement and maintain device configuration profiles, compliance policies, and security baselines aligned to the firm’s security and regulatory requirements.
• Act as the escalation point for Mobile Intune Applications, MAM, and Conditional Access issues, Exchange Online
• Must be comfortable with other Azure services that directly affect Mobile devices Authentication, Authorization, Application Deployment and Exchange Online Connectivity
• Conditional Access Policies
• Azure App Proxy
• Azure VPN for iOS and Android
• Entra Sign-in Logs
• Define and troubleshoot Entra Conditional Access Policies
• Multifactor Authentication and Certificate Base Authentication
• Entra application registrations
• Have a solid understanding of Exchange Online, including mail flow, security, and coexistence with any on-premises or legacy systems
• On-premises to Exchange Online Migration
• High level of comfort with Entra ID (Azure AD) identity services, including MFA, SSO, application registrations, access governance, and privileged identity management.
• Work closely with Information Security, Risk, and Compliance teams to ensure Microsoft 365 and Azure services support client obligations, including confidentiality and data residency.
• Comfortable with Microsoft Defender solutions (Endpoint, Office 365) as part of the firm’s security posture.
• Lead or act as senior engineer on global projects involving Microsoft 365, Intune, and related infrastructure.
• Develop and maintain technical standards, documentation, diagrams, and runbooks for operational teams.
• Provide escalation support for complex incidents and problems related to Microsoft 365, Intune, and Azure services.
• Mentor junior engineers and service desk analysts, sharing knowledge and best practices.
• Monitor platform health, performance, and capacity; recommend and implement improvements for availability, resilience, and cost optimization.
• Stay current with the Microsoft roadmap; assess new features and changes and lead their adoption within the firm where appropriate.
• Perform additional tasks as needed. 

Qualifications:

• Bachelor’s degree in computer science, Information Systems, or equivalent field required. 
• 5 - 7 years of experience required.
• Microsoft certifications are highly desirable.
• Extensive hands-on experience administering large enterprise Microsoft 365 tenants, including Intune, Exchange Online, SharePoint/OneDrive, and Entra ID (Azure AD).
• Proven experience building and managing Intune-based endpoint management at scale, including Autopilot, app deployment, and cross-platform device management.
• Strong expertise in Conditional Access, App Protection Policies, and compliance policies for secure hybrid/BYOD access.
• Solid understanding of security and compliance features in Microsoft Defender solutions.
• Proficient in PowerShell scripting and automation for Microsoft 365 and Azure.
• Experience working in a law firm or similarly regulated environment strongly preferred.
• Demonstrated ability to lead complex technical projects, manage stakeholders, and drive outcomes in a global organization.

Salary : $150,000 - $180,000