IT Infrastructure Team Lead (Workplace & Intune)

Zehnder Group is a global leader in indoor climate solutions. With innovation, sustainability, and quality at the heart of everything we do, our International Shared Services Center (ISSC) in Poland plays a vital role in delivering secure and scalable IT services across the enterprise. We are expanding our Workplace Infrastructure capabilities and seeking an IT Infrastructure professional with deep Intune expertise to lead our Workplace & Endpoint team

This role is primarily a hands-on technical position, complemented by focused team leadership responsibilities. The successful candidate will personally design, implement, and operate Zehnder’s modern workplace and endpoint management environment, with Microsoft Intune as the core platform. On a day-to-day basis, you will work directly in Intune, creating and maintaining configuration profiles, compliance and security policies, update and patching strategies, Autopilot deployment workflows, and endpoint standards across the organization. You will be expected to actively build and evolve the environment, not only define its architecture. In parallel, you will lead a small, senior Workplace team responsible for adjacent end-user services such as Teams telephony, Teams meeting room equipment, endpoint patching, device lifecycle management, mobile devices, and software installation. The team consists of experienced specialists and requires minimal day-to-day supervision; your leadership focus will be mostly on technical alignment, prioritization, standardization, with occasional people management topics.

Your responsibilities

Modern Workplace Platform (Intune – Core Ownership)

• Act as the technical owner and lead engineer of the global Microsoft Intune platform.

• Personally design, implement, and maintain device configuration and security baselines, compliance and conditional access–related policies and update and patch management strategies

• Design and operate modern provisioning and deployment processes, including Windows Autopilot.

• Ensure Intune serves as the central control plane for laptops, desktops, mobile devices, and other workplace endpoints where technically feasible.

• Oversee application packaging and distribution (Win32, MSIX, Microsoft Store apps).

• Ensure platform health, update hygiene, monitoring, and end-to-end service reliability.

  Endpoint Lifecycle, Security & Compliance

• Own the end-to-end lifecycle of endpoint devices: onboarding, operation, refresh, and retirement.

• Manage workplace-related aspects of Microsoft Entra ID device registration and identity integration.

• Ensure correct policy targeting, device compliance enforcement, and alignment with conditional access.

• Coordinate vulnerability remediation and endpoint hardening in collaboration with the Security team.

• Maintain and evolve endpoint protection and compliance configurations.

  Team Leadership & Coordination

• Lead, mentor, and develop a small Workplace team with responsibilities focused mostly but not limited on Teams telephony, Teams meeting room systems, Endpoint patching and operational maintenance, Device lifecycle and asset processes, Mobile devices and software installation

• Remain technically accountable for Intune, endpoint architecture, and workplace standards while delegating operational execution to the team.

• Manage task allocation, priorities, and workload balancing.

• Drive standardization, documentation, best practices, and continuous improvement across workplace services.

  Support, Operations & Documentation

• Provide 2nd and 3rd level support for Intune, endpoint platforms, and workplace services.

• Maintain high-quality documentation, SOPs, and operational runbooks.

• Ensure knowledge transfer and operational resilience across the Workplace team.

• Collaborate closely with Service Desk, Security, and other Infrastructure teams.

Our requirements

• 5+ years of experience in enterprise workplace or endpoint management roles.

• Expert-level, hands-on experience with Microsoft Intune and modern endpoint management.

• Strong knowledge of Windows 10/11, Autopilot, provisioning, and update management.

• Proven experience with application packaging and deployment (Win32, MSIX).

• Solid understanding of Microsoft Entra ID (Azure AD), device identity, and Conditional Access.

• Knowledge of endpoint security, compliance frameworks, and device hardening.

• PowerShell scripting skills for automation and operational efficiency.

• Experience mentoring or leading small technical teams.

• Strong spoken and written English for international collaboration and documentation.

Optional

• Preferred certifications (or equivalent experience):

• Microsoft Certified: MD-102

• SC-300

• Modern Desktop Administrator

What we offer

• A hands-on senior technical role shaping the future of Zehnder’s global workplace platform.

• Real ownership and influence over modern endpoint and workplace architecture.

• A modern, cloud-focused environment with strong emphasis on Intune.

• International collaboration within a global organization.

• Competitive salary and benefits package.

• Continuous training, and professional development opportunities.

• Continuous professional development.

• Package of benefits: multisport card ; private medical care; flexible working time; fruits; corporate products and services at discounted prices; holiday funds; christmas gifts