Job Title CSA– Security (Endpoint & Identity) (Microsoft Intune / Microsoft Entra ID / Zero Trust) Role Summary The Customer Success Architect (CSA) – Security (Endpoint & Identity) is a customerfacing, deliveryfocused technical role responsible for helping enterprise customers design, secure, deploy, and optimize endpoint and identity security solutions using Microsoft Intune and Microsoft Entra ID. This role combines deep technical expertise, handson delivery, and trusted advisory, enabling customers to adopt Zero Trust security principles while ensuring secure access to devices, applications, and data across cloud and hybrid environments. Key Responsibilities Endpoint Security – Microsoft Intune Act as a technical authority for Microsoft Intune within CSA delivery engagements Design, implement, and troubleshoot Intune enrollment, device configuration, compliance, and application management Configure Endpoint Security policies (device hardening, compliance, reporting) Support Windows, macOS, iOS, and Android endpoint management scenarios Lead endpoint security optimization and migration initiatives (e.g. legacy MDM or comanagement to Intune) Identity & Access Security – Microsoft Entra ID Design and operate Microsoft Entra ID architectures aligned with security and business requirements Implement and optimize Conditional Access, MFA, and Zero Trust access controls Support Hybrid Identity scenarios (Entra Connect, Cloud Sync, Entra Join / Hybrid Join) Diagnose authentication, authorization, and signin issues using Entra logs and reports Zero Trust & Security Integration Design devicebased Conditional Access using Intune compliance and Entra ID policies Integrate endpoint and identity security controls to protect Microsoft 365 and SaaS applications Advise customers on identity governance, lifecycle management, and security posture improvement Support security incidents related to identity or endpoint access and drive remediation plans CSA Delivery & Customer Engagement Act as a trusted security advisor to customer IT and security stakeholders Partner with CSAMs, Infra CSAs, and Security teams to deliver customer success outcomes Own technical delivery, documentation, and knowledge sharing aligned with CSA best practices Required Technical Skills (Core) Endpoint & Device Security Strong handson experience with Microsoft Intune (MDM/MAM) Windows 10/11, macOS, iOS, Android device management Intune compliance, configuration profiles, endpoint security policies Identity & Access Management Deep knowledge of Microsoft Entra ID (Azure AD) Conditional Access, MFA, RBAC, PIM (nice to have) Understanding of Zero Trust identity principles Nice to Have Skills Windows Autopilot, Windows Hello for Business Comanagement with SCCM PowerShell / Graph API for automation Defender for Endpoint or Microsoft 365 Defender exposure Soft Skills & CSA Expectations Strong customerfacing communication and advisory skills Ability to explain security concepts to technical and nontechnical audiences Comfortable handling securityrelated escalations and complex scenarios Continuous learner mindset aligned with CSA security expectations

Qualifications Bachelor’s degree in Computer Science, IT, or equivalent experience 10+ years experience in Endpoint, Identity, or Security roles Experience in customerfacing delivery or consulting preferred Certifications (Preferred) SC300 (Identity and Access Administrator) MD102 (Endpoint Administrator) AZ500 / MS102 – nice to have