Modern Workplace Engineer

<h2>Overview</h2> <p>At Wrench Group we’re scaling fast through aggressive growth — and we need a Modern Workplace Engineer who thrives in high-impact environments where automation, security, and innovation collide. You’ll own critical enterprise infrastructure supporting 7,000+ employees across a rapidly growing national organization. You’ll serve as the technical powerhouse behind cloud identity, endpoint management, automation, and Microsoft ecosystem security. </p> <p> </p> <p>You’re not “just” an admin. You’re the architect. The automator. The escalation point nobody else can solve. You’ll operate as the definitive technical “Number 2” to IT Operations leadership.</p> <p> </p> <ul> <li>If your first instinct is to open PowerShell instead of clicking through a GUI</li> <li>If you know your way around Microsoft Entra ID, Intune, Conditional Access, and the Microsoft Graph API…</li> <li>If you’ve executed tenant-to-tenant migrations, secured enterprise identities, and built automation that eliminates manual work…</li> </ul> <p>This is the role people wait years to find.</p> <p> </p> <p><strong><em>Please note:  We are interested in every qualified candidate who is eligible to work in the United States. However, we are not able to sponsor visas needed now or in the future. </em></strong></p> <p> </p> <p><strong>What's In It For You?</strong></p> <ul> <li>$85K–$90K base salary</li> <li>Robust bonus potential</li> <li>Unlimited PTO</li> <li>Comprehensive medical, dental & vision coverage</li> <li>401(k) with company match</li> <li>Career growth through Wrench University</li> <li>Remote!</li> </ul> <h2>Responsibilities</h2> <p><strong>What Will I Do?</strong></p> <h3>Identity & Security Architecture</h3> <ul> <li>Own and optimize Microsoft Entra ID (Azure AD)</li> <li>Design and manage Conditional Access Policies</li> <li>Configure PIM (Privileged Identity Management) and Azure RBAC</li> <li>Secure Enterprise Applications and B2B/guest environments</li> <li>Manage Microsoft Purview, DLP, retention policies, and eDiscovery</li> </ul> <h3>Automation & Infrastructure</h3> <ul> <li>Build enterprise automations using: <ul> <li>PowerShell (5.1 / 7.x)</li> <li>Microsoft Graph API</li> </ul></li> <li>Eliminate manual bottlenecks through scripting and automation</li> <li>Execute complex: <ul> <li>Tenant-to-tenant migrations</li> <li>Domain cutovers</li> <li>M&A integrations</li> </ul></li> <li>Utilize BitTitan MigrationWiz for enterprise migrations</li> </ul> <h3>Endpoint & Device Management</h3> <ul> <li>Architect and manage: <ul> <li>Microsoft Intune</li> <li>Windows Autopilot</li> <li>MDM/MAM policies</li> <li>Defender for Endpoint</li> </ul></li> <li>Serve as the highest-level escalation point for identity and endpoint challenges</li> </ul> <h2>Qualifications</h2> <p>Do I have What It Takes?</p> <ul> <li>Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field. </li> <li>5+ years of experience in data engineering or a related field, with a proven track record of delivering high-quality data solutions.</li> </ul> <p>We are specifically looking for candidates with proven proficiency in:</p> <ul> <li>PowerShell scripting</li> <li>Microsoft Graph API</li> <li>Microsoft Entra ID / Azure AD</li> <li>Conditional Access Policies</li> <li>PIM (Privileged Identity Management)</li> <li>Microsoft Intune</li> <li>Windows Autopilot</li> <li>Microsoft Defender for Endpoint</li> <li>Exchange Online & Microsoft 365 Administration</li> <li>Azure RBAC</li> <li>Enterprise Application Security</li> </ul> <p>Highly Desired</p> <ul> <li>Tenant-to-tenant migrations</li> <li>M&A integration experience</li> <li>BitTitan MigrationWiz</li> <li>Azure AD Connect / Cloud Sync</li> <li>Microsoft Purview</li> <li>SC-300 or AZ-104 Certifications</li> </ul> <p>This role is NOT ideal for candidates who rely heavily on GUI administration without scripting and automation experience.</p> <p> </p> <p>#LI-JA1</p>