AIA Digital+ is a Technology, Digital and Analytics innovation hub dedicated to powering AIA to be more efficient, connected and innovative as it fulfils its Purpose to help millions of people across Asia-Pacific live Healthier, Longer, Better Lives. If you are hungry and driven to play an active role in shaping a better tomorrow, we want to hear from you. Because the work we do at AIA Digital+ makes a difference in the lives of millions of people, every day. We will equip you with the critical skills, tools and technology, and endless opportunities to learn, contribute and thrive in a dynamic and exciting environment. If you want to shape a brighter future at AIA Digital+, please read on. About the Role The role will include packaging SCCM applications, including Intune delivery platform, modernizing application deployment for Digital Workplace Environment. Understanding of BitLocker Encryption is preferable. The role ensures seamless integration with Microsoft services, maintains compliance and disaster recovery readiness, and collaborates closely with internal stakeholders to deliver secure, scalable, and business-aligned solutions. Roles and Responsibilities SCCM and Endpoint Device Management Responsible for deployment, configuration, and management of endpoint devices. Manage and maintain device lifecycle, including procurement, setup, patch management, and decommissioning. Ensure devices are compliant with security policies and regulations. Managing end user related technologies supporting 21 LBUs including Windows OS build management, Windows driver management, application packaging, patching using SCCM and Intune, Hard Disk Encryption, AD GPO management, etc. Deploy and manage software applications and updates across endpoint devices. Maintaining and managing SCCM infrastructure, setting up and maintenance of Distribution point Work along with 3rd party vendors to troubleshoot core applications and patch deployment issues. Provide third-level technical support for endpoint device issues. Diagnose and resolve hardware and software issues, including connectivity, performance, and application problems. Escalate complex issues to external vendors as necessary. Intune - Modern Endpoint Management Infrastructure design, architecture setup with Intune Setup and management of Policies in Intune Implement and monitor patch management processes to ensure devices are up-to-date and secure. Utilize Microsoft Endpoint ManagerIntune for software distribution and compliance monitoring. Implement and enforce security measures, including antivirus software, encryption, and endpoint protection solutions. Conduct regular security audits and vulnerability assessments on endpoint devices. Microsoft Endpoint Management - Responsible for device management, maintaining the Intune/Autopilot environment OSD creation/maintenance, application packaging/deployment, Windows patching, hardware specs, etc. Administer, integrate and co-management (Intune-SCCM) Platform Administration Create and maintain documentation for device configurations, troubleshooting procedures, and best practices. Conduct training sessions for end-users to enhance their understanding and effective use of endpoint devices. Performance Monitoring and Reporting Monitor endpoint device performance and usage metrics to identify trends and potential issues. Generate regular reports on device health, support ticket resolution times, and user satisfaction. Provide recommendations for system improvements based on performance data. Develop FAQs and knowledge base articles to support self-service and reduce support requests. Participate in regular team meetings and contribute to strategic planning for IT services. Innovation & Evaluation Continuously evaluate emerging Microsoft MEM technologies and assess their applicability within enterprise environment. Explore all solutions comply with industry standards, data protection regulations and internal governance policies Job Requirements More than 8 years' experience in IT and 5 years in end user workplace management (SCCM, GPO, Intune, etc). Sound knowledge in SCCM and Intune Infra management. Strong technical background in troubleshooting and issue resolution management. Experience in Intune for the Device Management. Application assessments and remediation. Workstation configuration and support. Prior experience with Transition, Transformation and Migration in wider level. Extensive experience in patching management (IntranetInternet). Motivated and committed individual. Ability to communicate effectively with stakeholders to understand their needs and address technical concerns. Understanding of LAN, WAN & voice network environments, routing protocols, and various technology architectures including TCP/IP, DHCP, DNS, LAN, WAN, Wireless, VPN Extensive hands-on support experience in supporting Windows 1011 Experience in SCCM Distribution Servers, and Site Servers Good experience in Microsoft Cloud/Hybrid Cloud Management. Experience with WSUS and Patch Management using SCCM Experience in handling, configuring and distributing PAC files In-depth expertise in Autopilot, Co-management, Conditional Access, device policies, In-depth understanding of Azure Active Directory and Office 365, Security (LAPS, Bit locker, Windows Hello for Business, Certificate 802.1X) Strong working experience with GPOs Ability to work on Package Distribution, Patch management and release management troubleshooting VBScript, Jscript and PowerShell experience is an advantage