Endpoint & Patch Management Engineer

Position Summary We are seeking an experienced IT professional to support enterprise endpoint security, patching, and vulnerability management operations across a mixed Microsoft and Apple device environment. This individual will play a key role in maintaining endpoint compliance, remediating vulnerabilities, supporting patch deployment activities, and administering modern device management solutions. The ideal candidate will have strong hands-on experience with Microsoft Intune, Microsoft Entra, Patch My PC, Windows, macOS, and iOS, along with a solid understanding of endpoint management, application packaging and deployment, patch governance, and operational support within Microsoft Azure. This resource will also assist with server patching, backup operations, storage account cleanup, and general Azure maintenance activities. Key Responsibilities • Support day-to-day IT security patching and vulnerability management activities across endpoints and servers. • Administer and maintain Microsoft Intune for device configuration, compliance, application deployment, update rings, and endpoint policy management. • Create, package, deploy, troubleshoot, and maintain applications within Microsoft Intune. • Utilise Intune / Patch My PC to manage third-party application patching, publishing, and update deployment. • Support endpoint lifecycle and management activities for Windows, macOS, and iOS devices. • Assist with vulnerability remediation efforts by reviewing findings, identifying impacted systems, coordinating patching, and validating resolution. • Support and maintain Microsoft Entra administration, including user/device identity-related tasks, group management, access-related support, and general tenant administration. • Assist with Microsoft Azure operational tasks, including: ◦ Server patching coordination and maintenance ◦ Backup monitoring and support ◦ Storage account cleanup and maintenance ◦ General Azure administrative and operational support • Monitor patch compliance and endpoint health; assist in generating operational status reports and remediation tracking. • Troubleshoot issues related to patch deployments, application installations, device compliance, enrollment, and endpoint configuration. • Partner with internal IT and security teams to improve patching processes, reduce vulnerability exposure, and maintain endpoint hygiene. • Follow documented change management, operational, and security procedures. • Maintain clear technical documentation, procedures, and knowledge transfer artefacts. Required Qualifications • 3+ years of hands-on experience in endpoint management, patch management, or IT infrastructure/security operations. • Strong practical experience supporting Windows, macOS, and iOS platforms. • Strong experience with Microsoft Intune administration and support. • Experience with Patch My PC for third-party patching and application publishing. • Experience creating and deploying applications in Intune, including installation logic, detection methods, requirements, dependencies, and troubleshooting. • Working knowledge of Microsoft Entra administration and identity-related support. • Experience supporting Microsoft Azure infrastructure and operational activities. • Familiarity with server patching, backup processes, and storage account maintenance. • Strong understanding of endpoint management concepts, device compliance and configuration policies, application deployment methods, patch remediation workflows, and vulnerability management processes. • Strong troubleshooting, documentation, and communication skills. • Ability to work independently and effectively within an outsourced support model. Preferred Qualifications • Experience in a mid-size or enterprise IT environment. • Experience supporting Microsoft 365 and cloud-managed endpoints. • Familiarity with security and vulnerability management platforms such as Tenable, Defender, or similar tools. • Experience with scripting and automation using PowerShell. • Understanding of Azure storage, virtual machines, backup services, and general cloud operations. Core Competencies • Endpoint security and compliance mindset • Strong ownership and follow-through • Organised and process-driven • Able to prioritise remediation activities based on operational and security impact • Strong cross-platform endpoint administration skills • Effective collaboration with infrastructure, security, and service desk teams