IT Assistant Azure Active Directory (Azure AD) and Microsoft Intune Administrator

Result of ServiceThe primary objective is to manage and maintain Azure Active Directory and Microsoft Intune environments to support secure access to organizational resources, streamline device management, and enforce compliance policies within the organization’s Microsoft 365 and Azure environments. Work LocationUN House ESCWA Expected duration6 months Duties and ResponsibilitiesBackground The United Nations Economic and Social Commission for Western Asia (ESCWA) operates a hybrid ICT infrastructure consisting of an on-premises data center, local and wide area networks (LAN/WAN), and connectivity to UN global enterprise systems and public cloud environments. With increasing reliance on cloud-based identity and device management, the organization requires an experienced Azure AD and Intune Administrator to ensure secure, efficient, and compliant operations of our modern workplace environment. This role is vital for the implementation, configuration, and administration of identity, access, device compliance, and endpoint management The administrator will work closely with IT security, network, and support teams to ensure seamless integration and continuous improvement of cloud-based identity and endpoint management services. Duties and Responsibilities Under the supervision of the Head of the Customer Support Unit and the overall guidance of the Chief of DSDSD the AAD and Intune administrator should carry the following tasks: Identity and Access Management (Azure AD): • Administer Azure Active Directory including users, groups, roles, and policies. • Manage and configure Azure AD Connect synchronization. • Enforce Multi-Factor Authentication (MFA), Conditional Access, and security baselines. • Integrate third-party applications with Azure AD SSO. • Implement role-based access control (RBAC) and least privilege principles. • Monitor and respond to identity-related security alerts and audit logs. Device and Application Management (Microsoft Intune): • Configure and manage Intune policies for device enrollment, compliance, and configuration. • Manage Windows Autopilot deployments and provisioning. • Deploy and manage applications across enrolled devices (Windows, iOS, Android). • Enforce mobile application protection and conditional access policies. • Monitor compliance status and remediate non-compliant devices. • Create and maintain device security baselines. Operational and Support Tasks: • Provide Level 2/3 support for identity and device management issues. • Collaborate with security and infrastructure teams to align policies and incident response. • Document configurations, procedures, and standards. • Train and support IT staff and end-users as needed. Qualifications/special skillsA Bachelor’s degree in Computer Science, Information Technology, or a related area is required. All candidates must submit a copy of the required educational degree. Incomplete applications will not be reviewed. A minimum of 3 years of professional work experience administering Microsoft 365, Azure AD, and Intune is required. Strong understanding of cloud identity, security, device management, and MDM/MAM principles is required. Experience with PowerShell scripting for automation and reporting is required. Familiarity with Microsoft Defender for Endpoint and Endpoint Analytics is desirable. Microsoft certifications (e.g., MS-102, MD-102, AZ-104) is desirable. LanguagesEnglish and French are the working languages of the United Nations Secretariat; and Arabic is a working language of ESCWA. For this position, fluency in English is required. Note: “Fluency” equals a rating of ‘fluent’ in all four areas (speak, read, write, and understand) and “Knowledge of” equals a rating of ‘confident’ in two of the four areas. Additional InformationNot available. No FeeTHE UNITED NATIONS DOES NOT CHARGE A FEE AT ANY STAGE OF THE RECRUITMENT PROCESS (APPLICATION, INTERVIEW MEETING, PROCESSING, OR TRAINING). THE UNITED NATIONS DOES NOT CONCERN ITSELF WITH INFORMATION ON APPLICANTS’ BANK ACCOUNTS.