At a Glance
- Tasks: Lead the design and implementation of Microsoft Intune's endpoint security framework.
- Company: Join a forward-thinking company focused on modern endpoint security.
- Benefits: Flexible remote/hybrid work, competitive salary, and opportunities for professional growth.
- Other info: Collaborative environment with a focus on continuous improvement and innovation.
- Why this job: Make a real impact in enhancing enterprise security with cutting-edge technology.
- Qualifications: Experience with Microsoft Intune EPM and strong PowerShell scripting skills.
The predicted salary is between 60000 - 80000 € per year.
We are seeking a highly skilled Endpoint Privilege Management (EPM) Specialist to lead the design and implementation of Microsoft Intune’s least privilege and Just-in-Time (JIT) elevation framework across a large enterprise environment. This role is central to strengthening endpoint security, eliminating local admin rights, and enabling secure, auditable privilege elevation aligned to Zero Trust principles.
What You’ll Be Doing
- Take ownership of the enterprise EPM capability, including:
- Designing and deploying Microsoft Intune Endpoint Privilege Management (EPM) at scale
- Defining and managing elevation rules, approval workflows, and automation models
- Implementing Just Enough Access (JEA) and Just-in-Time (JIT) privilege elevation
- Eliminating permanent local admin rights across Windows 10/11 estate
- Integrating EPM into broader Zero Trust and Microsoft Defender security architecture
Monitoring, Security & Reporting
- Build dashboards for elevation activity, risk trends, and anomalous behaviour
- Use Log Analytics (KQL), Microsoft Defender, and Graph API for automation and insights
- Provide regular reporting to security governance and risk forums
- Support audit and compliance requirements with clear privilege reporting
Collaboration & Stakeholder Engagement
- Work closely with Security, Identity, Endpoint, and Application teams
- Act as the SME for application elevation requirements and security exceptions
- Deliver documentation, runbooks, and operational guidance
- Lead training sessions for IT support and security operations teams
What We’re Looking For
Technical Expertise
- Strong hands-on experience with Microsoft Intune Endpoint Privilege Management (EPM)
- Deep understanding of:
- Least privilege / Zero Trust security models
- Windows endpoint security and hardening
- Application analysis for privilege requirements
- Microsoft Defender for Endpoint (ASR policies)
- Log Analytics / KQL for security monitoring
- Strong PowerShell scripting and automation experience
- Experience integrating with Microsoft Graph API
Desirable Experience
- Microsoft Defender XDR / vulnerability management
- Conditional Access / Identity Protection
- AppLocker or Windows Defender Application Control
- Certifications such as:
- MD-102 Endpoint Administrator
- SC-200 Security Operations Analyst
- SC-300 Identity & Access Administrator
Soft Skills
- Strong communication skills with technical and non-technical stakeholders
- Analytical mindset with excellent root cause analysis ability
- Structured and process-driven approach to security governance
- Ability to simplify complex endpoint security concepts
Key Outcomes of the Role
- Enterprise-wide rollout of Microsoft Intune Endpoint Privilege Management
- Elimination of local admin rights across all endpoints
- Secure, frictionless JIT elevation experience for end users
- Strong governance, auditability, and compliance reporting
- Continuous improvement of endpoint privilege and security automation
If you’re passionate about modern endpoint security, least privilege enforcement, and Microsoft security ecosystems, this is a high-impact role driving enterprise-wide transformation.
Cyber Security Engineer - Remote / Hybrid. in City of London employer: Brookwood Recruitment Ltd
Join a forward-thinking company that prioritises innovation and security in the digital landscape. As a Cyber Security Engineer, you will thrive in a collaborative remote/hybrid work environment that fosters professional growth and offers extensive training opportunities. With a commitment to employee well-being and a culture that values diversity and inclusion, this role provides a unique chance to make a significant impact on enterprise security while enjoying a flexible work-life balance.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security Engineer - Remote / Hybrid. in City of London
✨Tip Number 1
Network, network, network! Get out there and connect with people in the cyber security field. Attend meetups, webinars, or even online forums. You never know who might have a lead on your dream job!
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects related to Microsoft Intune and endpoint security. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on your technical knowledge and soft skills. Be ready to discuss your experience with least privilege models and JIT elevation. Practice common interview questions and scenarios to boost your confidence.
✨Tip Number 4
Don’t forget to apply through our website! We’re always on the lookout for passionate individuals like you. Tailor your application to highlight your relevant experience with Microsoft Defender and endpoint security to catch our eye.
We think you need these skills to ace Cyber Security Engineer - Remote / Hybrid. in City of London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of Endpoint Privilege Management (EPM) Specialist. Highlight your experience with Microsoft Intune and any relevant security frameworks, as we want to see how you can contribute to our Zero Trust principles.
Showcase Your Skills:Don’t just list your skills; demonstrate them! Use specific examples from your past work that show your hands-on experience with EPM, PowerShell scripting, and security monitoring. We love seeing how you've tackled challenges in the past.
Be Clear and Concise:When writing your application, keep it clear and to the point. We appreciate straightforward communication, especially when it comes to complex topics like endpoint security. Make it easy for us to see your qualifications!
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Brookwood Recruitment Ltd
✨Know Your Tech Inside Out
Make sure you brush up on your knowledge of Microsoft Intune and Endpoint Privilege Management. Be ready to discuss how you've implemented least privilege and Just-in-Time elevation in past roles. The more specific examples you can provide, the better!
✨Showcase Your Problem-Solving Skills
Prepare to demonstrate your analytical mindset by discussing how you've tackled complex security challenges. Think about a time when you simplified a complicated endpoint security concept for a non-technical audience – this will show your communication skills and ability to engage with various stakeholders.
✨Familiarise Yourself with Zero Trust Principles
Since this role is all about Zero Trust, make sure you understand its core principles. Be ready to explain how you would integrate EPM into a broader Zero Trust architecture and why it’s crucial for modern endpoint security.
✨Prepare Questions for Them
Interviews are a two-way street! Prepare insightful questions about their current security challenges or how they envision the future of endpoint security. This shows your genuine interest in the role and helps you assess if the company is the right fit for you.
