At a Glance
- Tasks: Lead the design and implementation of Microsoft Intune's endpoint security framework.
- Company: Join a forward-thinking company focused on modern endpoint security.
- Benefits: Remote/hybrid work, competitive salary, and opportunities for professional growth.
- Other info: Collaborative environment with a focus on continuous improvement and innovation.
- Why this job: Make a real impact in enhancing enterprise security with cutting-edge technology.
- Qualifications: Experience with Microsoft Intune EPM and strong PowerShell scripting skills.
The predicted salary is between 60000 - 80000 € per year.
We are seeking a highly skilled Endpoint Privilege Management (EPM) Specialist to lead the design and implementation of Microsoft Intune’s least privilege and Just-in-Time (JIT) elevation framework across a large enterprise environment. This role is central to strengthening endpoint security, eliminating local admin rights, and enabling secure, auditable privilege elevation aligned to Zero Trust principles.
What You’ll Be Doing
- Take ownership of the enterprise EPM capability, including:
- Designing and deploying Microsoft Intune Endpoint Privilege Management (EPM) at scale
- Defining and managing elevation rules, approval workflows, and automation models
- Implementing Just Enough Access (JEA) and Just-in-Time (JIT) privilege elevation
- Eliminating permanent local admin rights across Windows 10/11 estate
- Integrating EPM into broader Zero Trust and Microsoft Defender security architecture
- Monitoring, Security & Reporting
- Build dashboards for elevation activity, risk trends, and anomalous behaviour
- Use Log Analytics (KQL), Microsoft Defender, and Graph API for automation and insights
- Provide regular reporting to security governance and risk forums
- Support audit and compliance requirements with clear privilege reporting
- Collaboration & Stakeholder Engagement
- Work closely with Security, Identity, Endpoint, and Application teams
- Act as the SME for application elevation requirements and security exceptions
- Deliver documentation, runbooks, and operational guidance
- Lead training sessions for IT support and security operations teams
What We’re Looking For
- Technical Expertise
- Strong hands-on experience with Microsoft Intune Endpoint Privilege Management (EPM)
- Deep understanding of least privilege / Zero Trust security models
- Windows endpoint security and hardening
- Application analysis for privilege requirements
- Microsoft Defender for Endpoint (ASR policies)
- Log Analytics / KQL for security monitoring
- Strong PowerShell scripting and automation experience
- Experience integrating with Microsoft Graph API
- Desirable Experience
- Microsoft Defender XDR / vulnerability management
- Conditional Access / Identity Protection
- AppLocker or Windows Defender Application Control
- Certifications such as: MD-102 Endpoint Administrator, SC-200 Security Operations Analyst, SC-300 Identity & Access Administrator
- Soft Skills
- Strong communication skills with technical and non-technical stakeholders
- Analytical mindset with excellent root cause analysis ability
- Structured and process-driven approach to security governance
- Ability to simplify complex endpoint security concepts
Key Outcomes of the Role
- Enterprise-wide rollout of Microsoft Intune Endpoint Privilege Management
- Elimination of local admin rights across all endpoints
- Secure, frictionless JIT elevation experience for end users
- Strong governance, auditability, and compliance reporting
- Continuous improvement of endpoint privilege and security automation
If you’re passionate about modern endpoint security, least privilege enforcement, and Microsoft security ecosystems, this is a high-impact role driving enterprise-wide transformation.
UK | Cyber Security Engineer_ECO_L4 in City of London employer: Brookwood Recruitment Ltd
Join a forward-thinking company that prioritises innovation and security in the ever-evolving landscape of cyber threats. As a Cyber Security Engineer, you will thrive in a collaborative work culture that values continuous learning and professional development, offering you the chance to lead impactful projects while enjoying the flexibility of remote or hybrid working arrangements. With a strong commitment to employee growth and a focus on cutting-edge technologies, this role provides a unique opportunity to make a significant difference in endpoint security across a large enterprise environment.
StudySmarter Expert Advice🤫
We think this is how you could land UK | Cyber Security Engineer_ECO_L4 in City of London
✨Tip Number 1
Network, network, network! Get out there and connect with folks in the cyber security field. Attend meetups, webinars, or even local events. You never know who might have a lead on that perfect Endpoint Privilege Management role!
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your PowerShell scripts or any projects related to Microsoft Intune. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Don’t just apply blindly! Tailor your approach for each job. Research the company’s current security practices and mention how your experience with Zero Trust principles can help them strengthen their endpoint security.
✨Tip Number 4
Apply through our website! We’ve got a streamlined process that makes it easy for you to showcase your skills and experience. Plus, it shows us you’re genuinely interested in joining our team!
We think you need these skills to ace UK | Cyber Security Engineer_ECO_L4 in City of London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of Endpoint Privilege Management Specialist. Highlight your experience with Microsoft Intune, least privilege models, and any relevant certifications. We want to see how your skills align with what we’re looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about endpoint security and how your background makes you a perfect fit for this role. Don’t forget to mention your hands-on experience with EPM and Zero Trust principles.
Showcase Your Technical Skills:In your application, be sure to highlight your technical expertise, especially in PowerShell scripting and automation. We love seeing candidates who can demonstrate their knowledge of Microsoft Defender and Log Analytics, so don’t hold back!
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of your application and ensures you don’t miss out on any important updates. Plus, it’s super easy to do!
How to prepare for a job interview at Brookwood Recruitment Ltd
✨Know Your Tech Inside Out
Make sure you’re well-versed in Microsoft Intune and Endpoint Privilege Management. Brush up on least privilege and Zero Trust security models, as well as your PowerShell scripting skills. Being able to discuss these topics confidently will show that you’re the right fit for the role.
✨Showcase Your Problem-Solving Skills
Prepare to discuss specific examples where you've tackled endpoint security challenges. Think about how you’ve implemented Just-in-Time (JIT) elevation or eliminated local admin rights in previous roles. This will demonstrate your analytical mindset and ability to simplify complex concepts.
✨Engage with Stakeholders
Since collaboration is key in this role, be ready to talk about your experience working with different teams. Highlight instances where you’ve acted as a Subject Matter Expert (SME) or led training sessions. This will showcase your strong communication skills and ability to engage with both technical and non-technical stakeholders.
✨Prepare Questions That Matter
Have insightful questions ready about the company’s approach to endpoint security and their integration of Microsoft Defender. This shows your genuine interest in the role and helps you assess if the company aligns with your career goals. Plus, it gives you a chance to demonstrate your knowledge of the field.
