Role: Device Management Infrastructure Engineer
The Device Management Engineer is responsible for the technical ownership and management of the organisation’s end-user device estate, including operating system deployments, application management, security, and centralised device management platforms.
This role requires a proactive, self-driven engineer with strong experience in enterprise environments and modern endpoint management technologies, with a focus on improving services, optimising processes, and enhancing user experience.
Reporting to the IT Infrastructure Manager, the role provides senior technical support and escalation for device-related incidents, working closely with the IT Service Desk and wider IT teams. It is accountable for the operational delivery and continuous improvement of device management services.
Responsibilities include day-to-day device administration, project delivery, service requests, and software and security deployments across a large-scale estate of 30,000+ Windows, Android, and Apple devices.
Responsibilities and requirements
Build and maintain effective working relationships with business users and Group IT teams, acting as a key liaison between technical and non-technical stakeholders.
Facilitate communication and knowledge sharing between IT and the wider business to improve adoption of services and solutions.
Attend weekly team meetings and project progress meetings as required, providing updates on operational and project activities inline with the technical roadmap.
Liaise with third-party suppliers and service providers where required to support operational and project delivery.
Adhere to standard change control procedures, including preparing and presenting proposed changes to the Change Advisory Board (CAB).
Stakeholder Collaboration
Coordinate with Device Management, Infrastructure, and Service Desk Team Leaders on device standards, support models, and escalation paths.
Support project rollouts involving new hardware models, OS deployments, or enterprise application deliveries.
Assist with pilot phases, UAT device builds, and phased rollouts, feeding back issues and recommendations.
Operational Support
Drive continuous improvement in operational support processes for end‑user devices, ensuring efficiency, consistency, and scalability.
Improve service quality by developing internal capability through structured documentation, technical guidance, and support enablement.
Maintain accurate, well‑structured operational documentation to support device management platforms, deployment processes, and common support as a subject matter expert for technologies supporting the central management of end‑user devices, including endpoint security, application deployment, and device configuration platforms.
• Key Skills & Experience – Essential
Endpoint & Device Management
* Strong hands‑on experience supporting Microsoft Intune for Windows device enrolment, configuration profiles, compliance policies, application deployment, and reporting.
* Proven experience administering Jamf Pro for Apple macOS and iOS/iPadOS device management, including device enrolment, configuration profiles, application deployment, and security controls.
* Experience managing Android devices using SOTI MobiControl, including policy enforcement, remote actions, device lockdown modes, and enterprise application deployment.
* Solid understanding of modern device management (MDM/MAM) principles across Windows, Apple, and Android platforms.
Patching & Update Management
* Experience managing OS and application patching for end‑user devices, including:
o Windows Update for Business (WUfB)
o macOS and iOS update management
o Android OS updates via MDM
* Understanding of patch compliance reporting, risk‑based patching, and remediation workflows.
* Ability to assess patch impact, support testing, and coordinate deployments to minimise business disruption.
Application Packaging & Security
* Experience packaging, deploying, and maintaining enterprise applications across Windows, macOS, iOS, and Android platforms.
* Understanding of application security controls, including managing permissions, update channels, and enforcing secure configuration baselines.
* Ability to work with application owners and vendors to resolve deployment or compatibility issues.
Endpoint Security
* Hands‑on experience supporting Microsoft Defender (including Defender for Endpoint and relevant components within Microsoft Defender for Cloud) for device protection, alerting, and security posture monitoring.
* Experience integrating endpoint security L1 CIS standards.
* Understanding of endpoint security concepts and associated risks with InfoSec such as:
o Malware protection
o Device compliance
o Conditional access integration
o Threat detection and response
Desirable
Experience supporting additional endpoint platforms or tooling such as MECM/SCCM, Workspace ONE, or other enterprise MDM solutions beyond Intune, Jamf, and SOTI.
Exposure to shared or kiosk device scenarios, including retail, frontline, or task‑based device deployments.
Experience with Windows Autopilot, Apple Automated Device Enrolment (ADE), or Android Zero‑touch beyond basic enrolment use.
• Personal Attributes• Highly organised, punctual, and detail-oriented• Strong communicator able to engage both technical and non-technical audiences• Proactive and capable of working independently• Analytical mindset with the ability to identify repeated faults or improvement areas• Strong sense of ownership and accountability