Information Technology Technical Manager

The IT Technical Manager will focus on Windows and macOS Platform and is responsible for the design, configuration, management, and support of the organization's desktop platforms, with a focus on both Windows and macOS environments. This technical role will ensure that all systems and endpoints are secure, optimized, and provide a seamless user experience. The Technical Manager will manage the entire lifecycle of operating systems across a diverse range of endpoints, focusing on standardization, automation, and security. This role is hands-on and involves deep technical troubleshooting and collaboration with various teams to ensure platform integrity and stability.

Windows Platform:

• Manage Windows client operating systems (Windows 10, 11) through Microsoft Endpoint Manager (Intune) and System Center Configuration Manager (SCCM), focusing on configuration management, software deployment, and updates.
• Develop and manage Windows Autopilot for seamless device deployment and provisioning.
• Implement, monitor, and troubleshoot Windows Group Policies (GPOs) to ensure standardized configurations and policies across all endpoints.
• Ensure the timely deployment of Windows patches, hotfixes, and security updates to all machines, using WSUS or Intune.

macOS Platform:

• Manage macOS devices using Jamf Pro or equivalent Mobile Device Management (MDM) solutions, focusing on automated deployment, configuration, and compliance.
• Deploy and manage macOS enrollment profiles via Apple Business Manager and ensure devices are properly configured for security and performance.
• Maintain consistent macOS profiles and policies for application deployment, security, and OS updates.
• Oversee the deployment and management of macOS patches and software updates, ensuring compatibility and security compliance.

Application Packaging & Deployment:

• Package, test, and deploy software applications across both Windows and macOS environments using SCCM, Intune, and Jamf Pro.
• Automate application deployment workflows and ensure seamless updates and patching of critical applications like Microsoft Office, Adobe Suite, and specialized software.

Cross-Platform Consistency:

• Develop and implement cross-platform solutions to ensure consistent user experiences, regardless of operating system. This includes standardizing access to core services, printers, network drives, and collaboration tools.

Identity & Access Management:

• Active Directory & Azure AD:
• Manage user access through Active Directory (AD) and Azure Active Directory (AAD), ensuring that proper group memberships, permissions, and policies are applied consistently across Windows and macOS endpoints.
• Support the implementation of Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Conditional Access policies for both Windows and macOS systems.

User Profile & Data Management:

• Implement and support roaming profiles and user profile management across both platforms, ensuring data consistency and a unified experience for users across devices.
• Ensure proper management of OneDrive, iCloud, and network home directories for data storage and backup.

Endpoint Security:

• Ensure comprehensive endpoint protection using tools like Microsoft Defender (Windows), BitLocker, and FileVault (macOS) to encrypt data and prevent unauthorized access.
• Monitor and maintain compliance with security standards such as ISO 27001, GDPR, or industry-specific regulations.

Device Hardening & DLP:

• Implement security policies for device hardening, such as USB restrictions, application whitelisting, and device control.
• Deploy and manage Data Loss Prevention (DLP) policies to safeguard sensitive data on both Windows and macOS devices.

Vulnerability Management:

• Perform regular security audits and vulnerability assessments for both platforms, ensuring patches and updates are applied proactively.
• Collaborate with the security team to ensure that endpoints comply with the organization's security policies and industry best practices.

Endpoint Monitoring:

• Implement monitoring tools like SCOM, SolarWinds, or Nagios to track endpoint performance, health, and availability.
• Provide detailed reporting on patch compliance, security vulnerabilities, software inventory, and system performance across both platforms.

Advanced Troubleshooting:

• Act as the Tier 3 escalation point for advanced technical issues related to Windows and macOS platforms.
• Diagnose and resolve hardware and software conflicts, system crashes, and performance issues with a focus on reducing downtime and improving user satisfaction.

M365 Integration:

• Ensure both Windows and macOS devices integrate seamlessly with Microsoft 365 services, including Teams, Outlook, SharePoint, and OneDrive.
• Configure and troubleshoot issues related to Teams Rooms, video conferencing setups, and VoIP services across both platforms.

Collaboration Hardware & Peripherals:

• Oversee and maintain collaboration hardware such as Microsoft Teams Rooms systems, conference room AV setups, and printer/scanner configurations to ensure smooth operations.

Automation:

• Use scripting languages like PowerShell, Bash, and Python to automate routine administrative tasks, from user provisioning to patching and application deployment.
• Develop automation scripts for monitoring, reporting, and managing both Windows and macOS devices.

Process Optimization:

• Identify opportunities for automation and process improvement in areas such as OS deployments, patching, software management, and system configurations.

Project & Change Management:

• Platform Upgrades & Migrations:
• Lead or support projects related to OS migrations, new technology rollouts (e.g., transitioning to Windows 11 or macOS Sonoma), and large-scale application upgrades.

Continuous Improvement:

• Participate in Change Advisory Board (CAB) meetings and provide technical input on changes affecting Windows and macOS platforms.
• Drive improvements in end-user experience through performance tuning, process automation, and cross-platform consistency.

Collaboration with Cross-Functional Teams:

• Interdepartmental Collaboration:
• Work closely with the infrastructure, network, and security teams to ensure proper integration of endpoints with back-end systems and network services.
• Partner with EUC engineers, service desk, and O365/collaboration engineers to ensure alignment across technical teams.

Required Qualifications:

Experience:

• 5+ years of experience managing both Windows and macOS platforms in a corporate environment.
• Proven experience with Microsoft Endpoint Manager (Intune), SCCM, and Jamf Pro for large-scale device management.
• Hands-on experience with Microsoft Autopilot, Apple Business Manager, and Zero-touch deployment.
• Strong expertise in Windows Group Policy, macOS configuration profiles, and MDM solutions.
• Proficiency in scripting and automation (e.g., PowerShell, Bash, Python) to streamline processes and reduce manual workload.
• Advanced knowledge of Active Directory, Azure AD, SSO, and MFA integration for both Windows and macOS.
• Deep understanding of endpoint security principles, including encryption, endpoint protection, and DLP.
• Knowledge of security frameworks like ISO 27001, NIST, or GDPR, and how they apply to endpoint management.

Desirable Skills:

• Certifications like Microsoft Certified: Modern Desktop Administrator, Jamf 200/300, CompTIA A+, or Apple Certified Support Professional (ACSP).
• Familiarity with Zero Trust Security concepts and practices.
• Knowledge of Azure Virtual Desktop (AVD) or Windows 365.

Additional information

• The role may require working outside of normal business hours, and will actively participate on an on-call rota