Leidos is seeking an experienced Intune Engineer to join our Defense Enclave Services (DES) team, who will support an extensive digital modernization program critical to Defense Information Systems Agency (DISA) and Department of Defense (DoD) Fourth Estate Agencies. The Intune Engineer will be responsible for designing, implementing, and optimizing Microsoft Intune solutions, for migration from MECM and AD joined devices to Azure AD joined and Intune Managed. They will develop Intune policies, utilizing existing Active Directory group policies and work closely with cross-functional teams to architect and deliver robust, scalable, and secure solutions.

CLEARANCE REQUIRMENT: Must possess an active DoD Secret or above. (US Citizenship required)

This position requires 2-3 days of onsite work per week, with additional onsite days possible based on mission requirement.

Primary Responsibilities

Assist design and implement Microsoft Intune solutions that meet end user requirements

Create and manage Intune policies for application deployment, device compliance, and security configurations. Ensure seamless integration with other Microsoft 365 services

Assist design and deploy Windows 11 provisioning processes using Intune Autopilot

Configure and manage Windows Update for Business policies

Develop and maintain standardized Windows 11 deployment images and Task Sequences

Implement security best practices and compliance policies within Intune

Monitor and respond to security incidents related to mobile devices and endpoints

Create detailed documentation of Intune configurations, Windows provisioning processes, and Intune Policy settings

Microsoft Product Knowledge: In-depth knowledge of Microsoft products, including Windows, Office, and System Center.

MECM Expertise: Experience with MECM, including installation, configuration, and management.

Scripting and Automation: Familiarity with scripting languages, such as PowerShell, and automation tools, like Microsoft Intune.

Networking and Security: Understanding of networking and security concepts, including firewalls, antivirus software, and encryption.

Communication: Strong interpersonal and communication skills to interact with stakeholders at all levels.

The Intune Engineer will focus on managing and maintaining Intune Configuration Profiles within a GCC High tenant environment to control user and computer configurations, security settings based on NIST 800-53 controls and DoDIN security best practices, and software deployments.

Involves designing, implementing, and troubleshooting Intune configuration profiles, ensuring they align with organizational policies and security best practices.

Creating, modifying, and deploying Intune Policies to manage various aspects of user and computer environments, such as password policies, logon hours, software restrictions, and desktop configurations.

Experience automating tasks using PowerShell scripting and managing the Active Directory structure, including domains, organizational units (OUs), and user/computer objects, to ensure efficient policy application.

Knowledge of domains, forests, trusts, replication, and other AD components.

Implementing security policies related to password complexity, account lockout, and access control.

Creating and deploying Intune configuration profiles to manage Windows 11 device settings, security policies, and application deployments. 

Configuring settings related to device restrictions, Wi-Fi, VPN, email, certificates, and other features.

 Implementing security baselines and compliance policies to meet organizational security standards and best practices.

Packaging, deploying, and managing applications through Intune or Microsoft Configuration Manager (MCM), ensuring proper distribution and version control.

Creating documentation for Intune configurations, standard operating procedures and implementing Change Requests through our ITSM solution, ServiceNow.

Working with other IT and security teams to integrate Intune with existing infrastructure and systems.

Design and manage Group Policy Objects (GPOs) in Active Directory to enforce security and configuration policies.

Basic Qualifications

Bachelor’s degree and 4-8 years of prior relevant experience or Master’s degree with 2-6 years of prior relevant experience

Ability to maintain a DoD Secret clearance. (US Citizenship required)

Experience designing, implementing, and maintaining Microsoft Intune solutions

Excellent written and verbal communication skills, a demonstrated ability to meet deadlines, and a strong problem-solving mindset

Familiarity with the ITSM+ suite and/or Service Now

Current IAT Level II (or higher) Certification such as Security +

Preferred Qualifications

Relevant certifications, such as:

Microsoft Certified Intune Expert

Microsoft 365 Certified: Endpoint Administrator Associate

AZ-104 - Microsoft Azure Administrator Associate

SC-900 - Security, Compliance and Identity Fundamentals

Original Posting:July 17, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:Pay Range $85,150.00 - $153,925.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.