Posted today
Top Secret/SCI
$160,000 - $180,000
Polygraph
Chantilly, VA (On-Site/Office)
**ACTIVE TS/SCI SECURITY CLEARANCE WITH POLYGRAPH REQUIRED**
Azure Desktop Engineer - Mid
Position Summary
The Azure Desktop Engineer will play a critical role in the modernization of the enterprise end-user computing (EUC) environment as the organization transitions from traditional on-premises desktop systems to a fully cloud-managed Azure ecosystem. This engineer will design, implement, and support Azure Virtual Desktop (AVD), Intune, and related Microsoft-native technologies to deliver secure, scalable, and high-performing desktop experiences to a global workforce of more than 10,000 users.
The ideal candidate has deep experience with Windows engineering, cloud architecture, modern device management, and migration strategies at scale.
Key Responsibilities
Azure Virtual Desktop (AVD) Architecture & Operations
• Design, deploy, and operationalize Azure Virtual Desktop for large-scale enterprise use.
• Build, maintain, and optimize AVD golden images using Azure Image Builder or equivalent native tools.
• Configure host pools, application groups, FSLogix profile containers, autoscaling, and monitoring solutions.
• Implement multi-region AVD deployments aligned to business continuity and disaster recovery needs.
• Optimize performance, availability, and cost across a global AVD footprint.
Modern Device Management & Endpoint Engineering
• Implement enterprise-wide Modern Management strategies using Microsoft Intune and Azure AD.
• Develop and maintain Windows Autopilot provisioning processes for 10k+ devices.
• Create and manage Intune configuration profiles, compliance policies, and security baselines.
• Migrate GPO-based configurations to Intune/MDM frameworks while ensuring operational continuity.
• Lead packaging, testing, and deployment of Win32 and UWP applications through Intune.
Azure & Identity Integration
• Integrate desktop infrastructure with Azure Active Directory, Conditional Access, MFA, Identity Protection, and RBAC.
• Collaborate with security teams to ensure Zero Trust alignment for all endpoint solutions.
• Implement device identity models including Azure AD Join and Hybrid Join as needed.
Migration & Modernization Initiatives
• Lead the migration from on-premises SCCM/ConfigMgr to cloud-native Intune management.
• Develop migration strategies for user profiles (FSLogix/OneDrive Known Folder Move), applications, and security policies.
• Partner with networking, infrastructure, and security teams to deliver a seamless cloud transition.
• Produce detailed architectural diagrams, runbooks, and operational documentation.
Automation & Continuous Improvement
• Automate image creation, application packaging, and deployment workflows using PowerShell, Graph API, and Azure Automation.
• Implement monitoring, alerting, and logging solutions with Azure Monitor, Log Analytics, and native dashboards.
• Drive continuous performance improvements and cost optimization across all cloud-managed EUC services.
End-User Experience & Support
• Evaluate and enhance the overall desktop experience, including login performance, application responsiveness, and security posture.
• Provide Tier 3/4 escalation support for AVD and Intune environments.
• Participate in enterprise change management and contribute to technical governance boards.
Required Qualifications
• 8+ years of experience in Windows Desktop Engineering or End User Computing (EUC).
• 5-6+ years of hands-on experience with Azure, including AVD, Azure AD, and relevant security components.
• Expert knowledge of Windows 10/11, image creation, and enterprise configuration management.
• Strong PowerShell scripting experience (automation, reporting, packaging workflows).
• Experience managing large enterprises (5,000+ devices; ideally 10,000+).
• Deep understanding of cloud networking (VNETs, VPN, routing, DNS, ExpressRoute).
• Hands-on experience with FSLogix, profile management, and cloud storage integrations.
• Proficiency with Microsoft Endpoint Manager (Intune) and Autopilot.
• Strong familiarity with Zero Trust concepts and enterprise security hardening.
---
Preferred Qualifications
• Microsoft certifications such as:
o AZ-104: Azure Administrator
o AZ-140: Azure Virtual Desktop Specialty
o MD-102: Modern Desktop Administrator
o AZ-305: Azure Solutions Architect
• Experience with hybrid SCCM/Intune co-management transitions.
• Understanding of Infrastructure-as-Code (Bicep, ARM templates, Terraform optional).
• Experience working in regulated or high-security environments.
Additional Information
D2 Consulting is committed to a merit-based recruitment process and encourages applications from all qualified individuals. As a Veteran-Owned Small Business, we particularly welcome applications from veterans who have the requisite skills and experience. Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.
Create a Job Alert
Interested in building your career at D2 Consulting? Get future opportunities sent straight to your email.
Create alert
Azure Desktop Engineer - Mid
Position Summary
The Azure Desktop Engineer will play a critical role in the modernization of the enterprise end-user computing (EUC) environment as the organization transitions from traditional on-premises desktop systems to a fully cloud-managed Azure ecosystem. This engineer will design, implement, and support Azure Virtual Desktop (AVD), Intune, and related Microsoft-native technologies to deliver secure, scalable, and high-performing desktop experiences to a global workforce of more than 10,000 users.
The ideal candidate has deep experience with Windows engineering, cloud architecture, modern device management, and migration strategies at scale.
Key Responsibilities
Azure Virtual Desktop (AVD) Architecture & Operations
• Design, deploy, and operationalize Azure Virtual Desktop for large-scale enterprise use.
• Build, maintain, and optimize AVD golden images using Azure Image Builder or equivalent native tools.
• Configure host pools, application groups, FSLogix profile containers, autoscaling, and monitoring solutions.
• Implement multi-region AVD deployments aligned to business continuity and disaster recovery needs.
• Optimize performance, availability, and cost across a global AVD footprint.
Modern Device Management & Endpoint Engineering
• Implement enterprise-wide Modern Management strategies using Microsoft Intune and Azure AD.
• Develop and maintain Windows Autopilot provisioning processes for 10k+ devices.
• Create and manage Intune configuration profiles, compliance policies, and security baselines.
• Migrate GPO-based configurations to Intune/MDM frameworks while ensuring operational continuity.
• Lead packaging, testing, and deployment of Win32 and UWP applications through Intune.
Azure & Identity Integration
• Integrate desktop infrastructure with Azure Active Directory, Conditional Access, MFA, Identity Protection, and RBAC.
• Collaborate with security teams to ensure Zero Trust alignment for all endpoint solutions.
• Implement device identity models including Azure AD Join and Hybrid Join as needed.
Migration & Modernization Initiatives
• Lead the migration from on-premises SCCM/ConfigMgr to cloud-native Intune management.
• Develop migration strategies for user profiles (FSLogix/OneDrive Known Folder Move), applications, and security policies.
• Partner with networking, infrastructure, and security teams to deliver a seamless cloud transition.
• Produce detailed architectural diagrams, runbooks, and operational documentation.
Automation & Continuous Improvement
• Automate image creation, application packaging, and deployment workflows using PowerShell, Graph API, and Azure Automation.
• Implement monitoring, alerting, and logging solutions with Azure Monitor, Log Analytics, and native dashboards.
• Drive continuous performance improvements and cost optimization across all cloud-managed EUC services.
End-User Experience & Support
• Evaluate and enhance the overall desktop experience, including login performance, application responsiveness, and security posture.
• Provide Tier 3/4 escalation support for AVD and Intune environments.
• Participate in enterprise change management and contribute to technical governance boards.
Required Qualifications
• 8+ years of experience in Windows Desktop Engineering or End User Computing (EUC).
• 5-6+ years of hands-on experience with Azure, including AVD, Azure AD, and relevant security components.
• Expert knowledge of Windows 10/11, image creation, and enterprise configuration management.
• Strong PowerShell scripting experience (automation, reporting, packaging workflows).
• Experience managing large enterprises (5,000+ devices; ideally 10,000+).
• Deep understanding of cloud networking (VNETs, VPN, routing, DNS, ExpressRoute).
• Hands-on experience with FSLogix, profile management, and cloud storage integrations.
• Proficiency with Microsoft Endpoint Manager (Intune) and Autopilot.
• Strong familiarity with Zero Trust concepts and enterprise security hardening.
---
Preferred Qualifications
• Microsoft certifications such as:
o AZ-104: Azure Administrator
o AZ-140: Azure Virtual Desktop Specialty
o MD-102: Modern Desktop Administrator
o AZ-305: Azure Solutions Architect
• Experience with hybrid SCCM/Intune co-management transitions.
• Understanding of Infrastructure-as-Code (Bicep, ARM templates, Terraform optional).
• Experience working in regulated or high-security environments.
Additional Information
- All your information will be kept confidential according to proper guidelines.
- Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $160k-180k. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
- Highlights of our benefits include Health/Dental/Vision, 401(k) match, Accrued PTO, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and more!
D2 Consulting is committed to a merit-based recruitment process and encourages applications from all qualified individuals. As a Veteran-Owned Small Business, we particularly welcome applications from veterans who have the requisite skills and experience. Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.
Create a Job Alert
Interested in building your career at D2 Consulting? Get future opportunities sent straight to your email.
Create alert
group id: 91093945
