Microsoft Active Directory & Intune Specialist (only Phoenix AZ)
TexcelVision Inc., Phoenix, Arizona, United States, 85003
The
Microsoft Active Directory & Intune Migration Specialist
is responsible for conducting a comprehensive analysis of the agency's existing
Active Directory
Group Policy environment, identifying and documenting all active, inactive, and redundant policies, and presenting findings and recommendations to IT leadership. This role will lead the effort to rationalize the
GPO
landscape by removing unused or unnecessary policies and executing the migration of remaining applicable policies to
Microsoft Intune for modern endpoint management . The specialist will design and implement
Intune configuration profiles , compliance policies, application deployments,
Windows Update management , and remediation scripts to replace legacy Group Policy configurations. This position requires
deep expertise in Active Directory, Group Policy, PowerShell scripting, and Microsoft Intun e, along with strong analytical and communication skills.
ESSENTIAL DUTIES AND RESPONSIBILITIES • Conduct a comprehensive audit and analysis of the existing
Active Directory Group Policy Object (GPO) environment , identifying all policies, their scope, linked OUs, and current enforcement status. • Document findings and present detailed reports to IT leadership with recommendations for policy retention, modification, removal, or migration to Microsoft Intune. • Identify and remove unused, redundant, orphaned, or
conflicting Group Policy Objects
to streamline the AD environment and improve security posture. • Design and execute a phased migration plan to transition applicable GPO settings to
Microsoft Intune configuration
profiles, compliance policies, and device management policies. • Create and manage Intune
Win32 app packages, Windows application deployments, and application configuration
policies to replace software deployment GPOs. • Develop and maintain
Intune remediation scripts and proactive
remediations (Endpoint Analytics) to replace legacy logon/startup scripts currently managed through Group Policy. • Configure and manage
Windows Update
for Business policies and Windows Update rings within Intune, migrating from WSUS or GPO-based update management. • Design and implement Intune PowerShell scripts and remediation packages for endpoint configuration, compliance enforcement, and automated troubleshooting. • Maintain, optimize, and reorganize Active Directory organizational unit (OU) structure, security group memberships, and delegation models as policies are consolidated or migrated. • Collaborate with cybersecurity, compliance, and infrastructure teams to ensure all policy changes meet regulatory requirements and organizational security standards. • Create and maintain comprehensive documentation including migration runbooks, policy mappings (GPO-to-Intune), rollback procedures, and standard operating procedures.
MINIMUM QUALIFICATIONS • Minimum of five (5) years of hands-on experience administering
Microsoft Active Directory and Group Policy Objects in
an
enterprise environment (500+ endpoints). • Minimum of five (5) years of experience
designing, implementing, and troubleshooting Group Policy Objects
including administrative templates, security settings, software installation, and preference items. • Minimum of three (3) years of experience with
Microsoft Intune (Endpoint Manager ) including
device enrollment, configuration profiles, compliance policies, and application deployment. • Demonstrated experience
creating and deploying Intune Win32 applications, Windows LOB apps, and Microsoft Store apps. • Proven experience developing and deploying
PowerShell scripts for endpoint management, automation, and remediation
within
both GPO and Intune environments. • Experience configuring and managing
Windows Update for Business policies , update rings, and feature update deployments through Intune. • Strong experience with Intune
proactive remediations (Endpoint Analytics)
including
detection and remediation script development. • Experience conducting GPO audits, producing executive-level reports, and presenting technical findings to non-technical leadership. • Working knowledge of
Azure Active Directory (Entra ID), hybrid identity environments, and Azure AD Connect synchronization.
KNOWLEDGE, SKILLS, AND ABILITIES • Expert-level knowledge of Active Directory Domain Services including forest/domain architecture, sites and services, replication, trusts, and schema. • Expert-level knowledge of Group Policy processing order (LSDO), inheritance, enforcement, loopback processing, WMI filtering, and security filtering. • Advanced proficiency in PowerShell scripting for Active Directory management, Intune Graph API interactions, and endpoint automation. • Strong understanding of Windows 11 operating system internals, registry, and configuration management. • Ability to analyze complex technical environments, identify risks and inefficiencies, and develop actionable remediation plans. • Excellent written and verbal communication skills with the ability to translate technical concepts for executive-level audiences. • Analytical mindset with strong attention to detail and a commitment to thorough documentation. • Ability to work independently with minimal supervision while exercising sound judgment on escalation decisions.
Required Skills
5+ years as an
Active Directory Specialist Microsoft System Center Configuration Manager (SCCM) Preferred Skills
Intune
experience Microsoft Entra Microsoft Certified : Endpoint Administrator Associate (MD-102) Powershell Group Policy
Microsoft Active Directory & Intune Migration Specialist
is responsible for conducting a comprehensive analysis of the agency's existing
Active Directory
Group Policy environment, identifying and documenting all active, inactive, and redundant policies, and presenting findings and recommendations to IT leadership. This role will lead the effort to rationalize the
GPO
landscape by removing unused or unnecessary policies and executing the migration of remaining applicable policies to
Microsoft Intune for modern endpoint management . The specialist will design and implement
Intune configuration profiles , compliance policies, application deployments,
Windows Update management , and remediation scripts to replace legacy Group Policy configurations. This position requires
deep expertise in Active Directory, Group Policy, PowerShell scripting, and Microsoft Intun e, along with strong analytical and communication skills.
ESSENTIAL DUTIES AND RESPONSIBILITIES • Conduct a comprehensive audit and analysis of the existing
Active Directory Group Policy Object (GPO) environment , identifying all policies, their scope, linked OUs, and current enforcement status. • Document findings and present detailed reports to IT leadership with recommendations for policy retention, modification, removal, or migration to Microsoft Intune. • Identify and remove unused, redundant, orphaned, or
conflicting Group Policy Objects
to streamline the AD environment and improve security posture. • Design and execute a phased migration plan to transition applicable GPO settings to
Microsoft Intune configuration
profiles, compliance policies, and device management policies. • Create and manage Intune
Win32 app packages, Windows application deployments, and application configuration
policies to replace software deployment GPOs. • Develop and maintain
Intune remediation scripts and proactive
remediations (Endpoint Analytics) to replace legacy logon/startup scripts currently managed through Group Policy. • Configure and manage
Windows Update
for Business policies and Windows Update rings within Intune, migrating from WSUS or GPO-based update management. • Design and implement Intune PowerShell scripts and remediation packages for endpoint configuration, compliance enforcement, and automated troubleshooting. • Maintain, optimize, and reorganize Active Directory organizational unit (OU) structure, security group memberships, and delegation models as policies are consolidated or migrated. • Collaborate with cybersecurity, compliance, and infrastructure teams to ensure all policy changes meet regulatory requirements and organizational security standards. • Create and maintain comprehensive documentation including migration runbooks, policy mappings (GPO-to-Intune), rollback procedures, and standard operating procedures.
MINIMUM QUALIFICATIONS • Minimum of five (5) years of hands-on experience administering
Microsoft Active Directory and Group Policy Objects in
an
enterprise environment (500+ endpoints). • Minimum of five (5) years of experience
designing, implementing, and troubleshooting Group Policy Objects
including administrative templates, security settings, software installation, and preference items. • Minimum of three (3) years of experience with
Microsoft Intune (Endpoint Manager ) including
device enrollment, configuration profiles, compliance policies, and application deployment. • Demonstrated experience
creating and deploying Intune Win32 applications, Windows LOB apps, and Microsoft Store apps. • Proven experience developing and deploying
PowerShell scripts for endpoint management, automation, and remediation
within
both GPO and Intune environments. • Experience configuring and managing
Windows Update for Business policies , update rings, and feature update deployments through Intune. • Strong experience with Intune
proactive remediations (Endpoint Analytics)
including
detection and remediation script development. • Experience conducting GPO audits, producing executive-level reports, and presenting technical findings to non-technical leadership. • Working knowledge of
Azure Active Directory (Entra ID), hybrid identity environments, and Azure AD Connect synchronization.
KNOWLEDGE, SKILLS, AND ABILITIES • Expert-level knowledge of Active Directory Domain Services including forest/domain architecture, sites and services, replication, trusts, and schema. • Expert-level knowledge of Group Policy processing order (LSDO), inheritance, enforcement, loopback processing, WMI filtering, and security filtering. • Advanced proficiency in PowerShell scripting for Active Directory management, Intune Graph API interactions, and endpoint automation. • Strong understanding of Windows 11 operating system internals, registry, and configuration management. • Ability to analyze complex technical environments, identify risks and inefficiencies, and develop actionable remediation plans. • Excellent written and verbal communication skills with the ability to translate technical concepts for executive-level audiences. • Analytical mindset with strong attention to detail and a commitment to thorough documentation. • Ability to work independently with minimal supervision while exercising sound judgment on escalation decisions.
Required Skills
5+ years as an
Active Directory Specialist Microsoft System Center Configuration Manager (SCCM) Preferred Skills
Intune
experience Microsoft Entra Microsoft Certified : Endpoint Administrator Associate (MD-102) Powershell Group Policy