ZainTECH logo

Microsoft 365 Endpoint & Identity Consultant

Posted 2 days ago

OfficeNew Cairo City, Cairo Governorate, Egypt

The Microsoft 365 Endpoint & Identity Consultant is responsible for the end-to-end implementation, configuration, and deployment of the identity and endpoint security foundation across the Microsoft 365 ecosystem. You will own the delivery of Microsoft Entra ID, Microsoft Intune, Microsoft Defender for Endpoint, Conditional Access, and Windows Autopilot solutions, ensuring secure, compliant, and well-governed Zero Trust environments for enterprise and public-sector clients.

This is a hands-on consulting and engineering role focused on delivering production-ready identity and endpoint management solutions, translating security and business requirements into secure Microsoft 365 configurations, and ensuring successful deployment, operational readiness, and knowledge transfer.

Responsibilities:

Microsoft 365 Identity & Endpoint Implementation

  • Solution Design & Deployment: Design, configure, and deploy Microsoft Entra ID, Microsoft Intune, Microsoft Defender for Endpoint, Conditional Access, and Windows Autopilot solutions based on client security and business requirements.
  • Identity & Access: Configure Conditional Access, Multi-Factor Authentication (MFA), passwordless authentication, Privileged Identity Management (PIM), Identity Governance, Entitlement Management, Self-Service Password Reset (SSPR), and B2B access.
  • Endpoint Management: Deploy and manage Microsoft Intune device enrollment, compliance policies, configuration profiles, mobile application management (MAM), Windows Autopilot, Windows 365, and Azure Virtual Desktop (where applicable).
  • Endpoint Protection: Deploy Microsoft Defender for Endpoint, configure attack surface reduction policies, endpoint detection and response (EDR), device risk management, and integrate security signals with Conditional Access.

Zero Trust & Security Implementation

  • Zero Trust Architecture: Implement Zero Trust principles by integrating identity, device compliance, and access controls to enforce least-privilege access.
  • Identity Governance: Configure Privileged Identity Management (PIM), access reviews, entitlement management, and identity lifecycle governance.
  • Conditional Access: Implement risk-based access policies using user, device, and sign-in risk signals to strengthen enterprise security.
  • Endpoint Security: Configure device compliance, application protection, endpoint hardening, and security baselines across Windows, macOS, iOS, and Android devices.

Deployment Ownership & Delivery Excellence

  • End-to-End Delivery: Own the complete deployment lifecycle from discovery workshops and security assessments through implementation, pilot deployments, production rollout, and operational handover.
  • Configuration Baselines: Develop reusable secure configuration baselines, deployment templates, PowerShell automation scripts, and operational runbooks.
  • Documentation: Produce technical design documents, secure configuration guides, implementation documentation, operational runbooks, and knowledge transfer materials.
  • Client Advisory: Act as a trusted advisor by translating client security objectives into Microsoft 365 Zero Trust solutions and recommending best practices.

Stakeholder Collaboration

  • Collaborate closely with Collaboration & Content, Data Security & Compliance, Copilot & AI, and Cybersecurity / Managed SOC teams to deliver integrated Microsoft 365 security solutions.
  • Conduct discovery workshops, security assessments, design reviews, and deployment planning sessions with client stakeholders.
  • Support operational readiness by ensuring deployed solutions align with enterprise governance, compliance, and security standards.

Our Culture & Code of Conduct:

At ZainTECH, we take pride in a culture built on collaboration, innovation, and uncompromising integrity. We are looking for individuals who share these values and are committed to customer-centricity and ethical excellence. All employees are expected to uphold our Code of Conduct, which serves as a guiding framework for responsible behavior across everything we do — from how we work with each other to how we engage with clients and partners globally.

Requirements

  • Hands-on experience with Microsoft Entra ID, Microsoft Intune, Microsoft Defender for Endpoint, Conditional Access, Windows Autopilot, Windows 365, and Azure Virtual Desktop.
  • Strong understanding of Microsoft 365 identity architecture, endpoint management, and Zero Trust security principles.
  • Expertise implementing Conditional Access, Multi-Factor Authentication (MFA), passwordless authentication, Privileged Identity Management (PIM), Identity Governance, Entitlement Management, and Self-Service Password Reset (SSPR).
  • Experience designing and implementing least-privilege access models and risk-based authentication.
  • Experience deploying Microsoft Intune device management, compliance policies, configuration profiles, application protection (MAM), and Windows Autopilot.
  • Experience implementing Microsoft Defender for Endpoint, endpoint detection and response (EDR), attack surface reduction, and device risk management.
  • Strong understanding of Zero Trust architecture, device compliance, identity protection, and risk-based access control.
  • Working knowledge of MENA regulatory and data residency requirements affecting Microsoft 365 deployments, including SAMA CSF, NCA ECC, SDAIA, and UAE/Saudi PDPL.
  • Experience with PowerShell scripting and automation for Microsoft 365 administration, deployment, and configuration management.
  • Strong requirements gathering, solution design, client workshop facilitation, and technical documentation skills.
  • Ability to translate business security objectives into scalable Microsoft 365 identity and endpoint solutions.
  • Produce clear solution designs, secure configuration documentation, deployment guides, operational runbooks, and knowledge transfer documentation.
  • 5+ years of hands-on experience deploying and configuring Microsoft identity and endpoint technologies within consulting, professional services, systems integration, or managed security environments.
  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related field (or equivalent practical experience).
  • Certifications (Preferred) : Microsoft Certified: Endpoint Administrator Associate (MD-102), Microsoft Certified: Identity and Access Administrator Associate (SC-300) , Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)
  • Additional Microsoft Security certifications are advantageous.
  • Must be fluent in English.
  • Working proficiency in Arabic is highly desirable.
  • Location: MENA region with flexibility to support client engagements across Saudi Arabia, UAE, Kuwait, Bahrain, Jordan, Iraq, Egypt, and Sudan.
  • Engagement: Full-time, responsible for the end-to-end delivery of Microsoft 365 identity, endpoint management, and Zero Trust solutions across enterprise and public sector clients.
Job details
Workplace
Office
Location
New Cairo City, Cairo Governorate, Egypt

Discover ZainTECH’s cutting-edge cloud, cybersecurity, and digital solutions to transform your business and drive growth. Explore industry-leading services tailored for success.

Key team members

Hesham Hussein

Hesham Hussein

Sabir Mustafa

Sabir Mustafa

Daniel Verma

Daniel Verma

Joelle Obeid Labaky

Joelle Obeid Labaky

Apply smarter with Jobr

Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

Direct from company career pages
AI-personalised cover letters
Human review before every submit
Application tracking & follow-ups