PGI is a global consultancy that helps organisations build digital resilience. We deploy our people to implement solutions on behalf of clients or to support them in developing their own capabilities. Our vision is a world resilient to digital threats and online harm. To achieve this, we need to grow our team of talented and passionate people. Our clients include some of the most well-known global brands, national governments, and innovative growing businesses. We operate in an exciting, fast-growing sector that bears increasing relevance and importance to nation-states, corporates, universities, and NGOs.

We are seeking an experienced Senior Engineer to design, implement, and manage secure, scalable endpoint solutions across Windows and mobile (iOS and Android). The role focuses on modern device management using Microsoft technologies, including Autopilot, Intune, and Entra ID, while ensuring strong security controls through Conditional Access and application control policies.

You will act as a technical lead and escalation point for complex endpoint issues, contributing to continuous improvement initiatives and supporting the wider IT team through knowledge sharing and collaboration. This role will play a crucial part in ensuring the stability, security, and scalability of PGI’s IT infrastructure. The position combines technical expertise with hands-on implementation, proactive systems management, and a strong commitment to continuous improvement, working closely with IT colleagues and business stakeholders to deliver robust infrastructure solutions that align with organisational goals.

What you'll be doing:

• ·Design, implement and maintain Windows Autopilot deployments for corporate laptops, transitioning and optimising from SCCM

• ·Manage and secure endpoints using Microsoft Intune, Entra ID, and Conditional Access policies including update and driver management

• Administer and enhance MDM & MAM (iOS & Android), ensuring secure access to corporate data

• Maintain and improve endpoint security controls, including AppLocker and/or App Control for Business, BitLocker, Defender XDR

• Act as an escalation point for complex support issues, troubleshooting root causes and driving resolution, including IP networking, poor performance, stop codes

• Collaborate with the IT team to design, implement, and document solutions, ensuring consistency and maintainability

• Support and mentor team members, explaining technical concepts clearly and improving overall team capability

• Identify opportunities to automate, standardise, and improve endpoint management and security posture

• Ensure endpoint solutions align with ISO 27001, Cyber Essentials+, DCC, and organisational security policies

  On day one you will bring:

• A minimum of 7 years’ experience in Microsoft-based on-prem and SaaS infrastructure engineering, including Windows 11 endpoint management and modern workplace technologies such as Microsoft Intune, Entra ID, Conditional Access, Microsoft Defender XDR, and Microsoft 365

• Experience with SCCM-based operating system deployment (OSD) and the transition to modern endpoint management using Windows Autopilot

• Hands-on experience implementing and managing Windows Autopilot, Conditional Access policies, Mobile Device Management (MDM), Mobile Application Management (MAM) for iOS and Android, and Universal Print or equivalent solutions

• Experience with application control technologies such as AppLocker or Microsoft Defender Application Control (App Control for Business preferred)

• Strong troubleshooting and root cause analysis skills, with the ability to resolve complex infrastructure and endpoint issues

• Experience working within secure, compliance-driven environments

• Excellent communication and stakeholder management skills, with the ability to explain technical concepts to non-technical audiences, collaborate effectively across teams, and provide technical leadership and guidance

Desirable

• Building and managing environments with Windows 365 and/or Azure Virtual Desktop

• PowerShell and/or other automation experience

• Familiarity with endpoint security baselining and monitoring

Key Behaviours

• Proactive and security-focused mindset

• Structured, methodical approach to problem-solving

• Collaborative, with a willingness to share knowledge and improve team capability

• Able to balance technical depth with clear communication across the business

Diversity, Equity and Inclusion at PGI

As a British company which operates internationally, we draw strength from the diversity of our people. Without our diverse team, we couldn’t do the work we do. We are involved in projects across 80+ geographies, our people speak 25+ languages and come from a variety of backgrounds. By hiring and cultivating a diverse, equitable and inclusive workforce, we can uphold values that enable every member of the team to thrive, while delivering novel solutions to novel problems.

Accessibility at PGI

Every individual has different requirements, so we are committed to implementing reasonable adjustments to mitigate physical and non-physical barriers in the workplace.

We strive to make the recruitment process as accessible as possible, but if you have any questions or concerns, please get in touch.

Please note: We are not accepting applications or speculative profiles from any recruitment agencies. If we require additional resource, we will reach out to you.