IT Service Specialist

Responsibilities

Device & Endpoint Management:

• Windows & macOS Device Management:
• Manage, deploy, and troubleshoot end-user devices (Windows and macOS) using tools like Microsoft Intune, SCCM, and Jamf Pro for automated management and configuration.
• Implement and oversee Windows Autopilot and Apple Device Enrollment Program (DEP) for zero-touch provisioning.
• Ensure that devices are kept up to date with OS updates, security patches, and application versions via automated processes (SCCM, Intune, Jamf).
• Application Packaging & Deployment:
• Develop and maintain processes for application packaging and deployment, ensuring consistent and reliable software delivery across devices.
• Deploy and manage key applications like Microsoft Office, collaboration tools, and specialized software used within the organization.
• Automate software deployment processes using tools like Intune, SCCM, and Jamf to improve speed and efficiency.
• User Profile Management:
• Implement and manage user profiles, settings, and access using group policies, Azure AD, Intune and enterprise mobility solutions to ensure consistent user experiences across devices.
• Support roaming profiles and ensure data is seamlessly accessible regardless of the device or location.

Collaboration & Productivity Tools:

• Microsoft 365 & Collaboration Tools:
• Provide second-line support for Microsoft 365 services including Teams, OneDrive, Outlook, and SharePoint Online, working closely with the O365 and Collaboration team to ensure smooth integration on endpoints.
• Ensure optimal setup and management of Microsoft Teams collaboration hardware (Teams Rooms, phones, peripherals) and VOIP solutions for users.
• Support end-user productivity with M365 suite tools and troubleshoot any access or performance issues related to these tools.
• Identity & Access Management:
• Ensure devices are properly configured with identity management solutions, including integration with Azure Active Directory (AAD) and Multi-Factor Authentication (MFA).
• Collaborate with security and network teams to ensure access policies and privileged access are correctly implemented on all devices.

Security & Compliance:

• Endpoint Security:
• Ensure endpoint protection is effectively implemented using Windows Defender, BitLocker, FileVault, Sophos, or other security software to prevent malware and data breaches.
• Regularly audit device encryption status and security configurations to meet corporate compliance policies (including GDPR, ISO 27001, etc.).
• Device & Data Loss Prevention:
• Configure and manage Data Loss Prevention (DLP) policies and ensure compliance on all devices to prevent unauthorized data transfers.
• Implement and manage remote device wipe and mobile device management (MDM) policies to secure data on mobile devices and laptops in case of loss or theft.
• Endpoint Configuration Management:
• Develop, implement, and maintain group policies (GPOs) and other configuration standards for Windows and macOS devices, ensuring all devices are properly configured for security and performance.
• Ensure adherence to device management policies such as USB restrictions, file sharing, and network security configurations.

Incident & Problem Management:

• Incident Response & Escalation:
• Serve as the second-line support for complex technical issues, troubleshooting hardware and software incidents that cannot be resolved by first-line support.
• Work closely with Service Desk and IT support teams to ensure timely resolution of end-user issues.
• Root Cause Analysis & Problem Management:
• Investigate root causes for recurring issues and develop long-term solutions to enhance the stability and performance of end-user systems.

Collaboration with Other Teams:

• Work closely with infrastructure, network, and security teams to ensure that end-user devices are aligned with broader technology and security objectives.
• Collaborate with the O365 and Collaboration Engineer to ensure all devices integrate seamlessly with cloud-based services and collaboration platforms.
• Partner with service delivery and helpdesk teams to ensure smooth onboarding of new employees and timely resolution of user issues.

Continuous Improvement & Innovation:

• Automation & Scripting:
• Use scripting languages such as PowerShell, Bash, or Python to automate routine administrative tasks, improve efficiency, and reduce manual effort.
• Explore opportunities to leverage emerging technologies, like AI-driven endpoint management, to streamline operations and improve the end-user experience.
• Monitoring & Reporting:
• Monitor device health, usage patterns, and performance metrics to proactively address potential issues before they impact users.
• Provide regular reports on endpoint security compliance, device health, and software deployment status to senior management.

Project Work:

• Participate in and lead projects focused on the modernization of end-user technology and infrastructure, including Windows 11 migrations, macOS upgrades, and implementation of new collaboration tools.
• Lead EUC-related rollouts and updates for the organization's devices and services, ensuring all changes are tested, documented, and communicated to the relevant teams and end users.

Knowledge and Skill

Required Qualifications:

• Experience:
• Minimum of 5 years of experience in EUC roles managing both Windows and macOS environments, with a strong focus on automation and endpoint management.
• Extensive experience in Microsoft Intune, SCCM, Jamf Pro, Active Directory (on-premise and Azure AD), and MDM technologies.
• Proven expertise in M365 collaboration tools and their deployment on end-user devices, including troubleshooting Teams, Outlook, and OneDrive issues.
• Hands-on experience managing security tools like Windows Defender, BitLocker, Sophos, and equivalent solutions for macOS.
• Technical Expertise:
• In-depth knowledge of Windows Autopilot, macOS Device Enrollment, and mobile device management (MDM).
• Proficiency in PowerShell, Bash, or other scripting languages for task automation and device management.
• Strong understanding of networking fundamentals, including WiFi, VPNs, and VoIP, as it pertains to end-user devices.
• ITSM Tools:
• Experience using ITSM tools like Assyst (or similar) for tracking incidents, service requests, and change management.

Desirable Skills:

• Certifications such as Microsoft 365 Certified: Modern Desktop Administrator Associate, Jamf 200 or 300, CompTIA A+, or equivalent.
• Experience with zero-trust network security concepts and their application in device management.
• Understanding of Azure Virtual Desktop (AVD) or Windows 365 Cloud PC technologies.

Key Competencies:

• Technical Leadership: Hands-on experience in deploying and managing a wide range of end-user technologies with a proactive approach to problem-solving.
• Security-Conscious Mindset: A focus on securing endpoints, preventing data loss, and ensuring compliance with corporate security policies.
• Collaboration: Strong collaboration skills to work across technical teams and communicate effectively with stakeholders of all levels.
• Continuous Improvement: A mindset focused on constant refinement of processes, introducing automation where possible, and staying ahead of technology trends.
• Effective decision-making skills, especially under time-sensitive conditions.
• A collaborative team player who can work across diverse functions and geographies.