You will be responsible for the full lifecycle of device management across both Windows and Apple platforms — from provisioning and deployment through to maintenance, security, and decommissioning.

Working closely with our Head of Technology and Operations teams, you will ensure that every consultant has the right tools, the right access, and the right configuration before they step into an engagement. This is a hands-on, operationally critical role that sits at the heart of the business. You will bring structure to a fast-moving environment, maintain compliance and security standards across a varied estate, and be the first port of call when something needs to change quickly.

Windows Device Management (Microsoft Intune & Autopilot)

• Manage and maintain all Windows devices across the organisation using Microsoft Intune, ensuring devices are enrolled, compliant, and correctly configured at all times

• Use Windows Autopilot to automate the provisioning of new devices, reducing manual setup time and ensuring a consistent, repeatable deployment process

• Configure and manage Autopilot profiles and deployment groups to support varied client engagement requirements

• Manage device wipes and re-provisioning when consultants change client engagements, ensuring clean handover with no residual data or misconfiguration

• Monitor device health and compliance dashboards in Intune, resolving issues proactively before they impact consultants in delivery

Apple Device Management (ManageEngine MDM)

• Provision and distribute Apple devices (MacBooks, iPads, iPhones) using ManageEngine MDM, ensuring all devices are correctly enrolled and configured prior to deployment

• Manage device profiles, app deployments, and configuration policies across the Apple estate

• Conduct regular maintenance checks on Apple devices, identifying and resolving hardware, software, or connectivity issues

• Coordinate device returns, re-imaging, and redeployment when consultants change engagements or leave the business

• Maintain an accurate, up-to-date asset register for all Apple hardware

Security Policy Management

• Create, maintain, and enforce endpoint security policies across both Windows and Apple device fleets in line with company and client requirements

• Manage conditional access policies, device compliance baselines, and data protection settings via Intune and ManageEngine

• Respond to security alerts and non-compliance events, investigating and remediating issues in a timely manner

• Support periodic security audits and contribute to internal reviews of our device management posture

• Ensure all devices meet client-specific security requirements where applicable, including encryption, patch levels, and configuration standards

Software Licence Management & New Starter Onboarding

• Manage the allocation and distribution of software licences for new starters, ensuring the right tools are provisioned before day one

• Maintain an accurate licence inventory, tracking usage and flagging renewals or overuse to the relevant stakeholders

• Coordinate with HR and People Operations to ensure onboarding checklists are completed and all equipment is ready ahead of start dates

• Manage software deployment via Intune and MDM tooling, ensuring consistent installation across the estate

Identity & Access Management (IDM)

• Administer user accounts across identity management systems, including provisioning, modification, and deprovisioning of access

• Manage group memberships, role-based access controls, and permissions in line with principle of least privilege

• Process joiners, movers, and leavers efficiently to ensure access is granted and revoked in a timely, auditable manner

• Liaise with stakeholders across the business to ensure correct access is granted for varied client engagement requirements

• Maintain accurate documentation of access policies, user accounts, and IDM processes

Experience & Background

• 2+ years of hands-on experience in an IT support, device management, or endpoint engineering role

• Demonstrable experience managing Windows devices using Microsoft Intune and Autopilot in a corporate environment

• Experience with Apple MDM tooling (ManageEngine, Jamf, or equivalent) for provisioning and managing macOS and iOS devices

• Prior experience in a consultancy, professional services, or high-growth scale-up environment is advantageous

• Comfortable supporting a technically diverse user base with varied hardware and software requirements

Technical

• Solid understanding of Microsoft Intune — device enrolment, compliance policies, configuration profiles, and Autopilot deployment

• Working knowledge of Apple MDM — device supervision, profile management, app deployment, and remote wipe

• Familiarity with identity and access management concepts — Azure AD / Entra ID, group policies, RBAC, and SSO

• Understanding of endpoint security principles — encryption, conditional access, patch management, and compliance baselines

• Comfortable working with software licence management and asset tracking tooling

Mandatory Requirements

• Microsoft Intune — hands-on experience managing device enrolment, compliance policies, configuration profiles, and Autopilot deployments is essential

• Cloud platform experience — practical working knowledge of at least one of Azure, Google Workspace, or AWS in an enterprise or managed environment

• Windows and macOS administration — confident administering both operating systems at an endpoint level, including configuration, troubleshooting, and policy management

Nice to Have

• 3rd line support experience — ability to escalate, own, and resolve complex infrastructure or endpoint issues that sit beyond standard helpdesk scope

• Scripting skills — experience writing or maintaining PowerShell or Bash scripts to automate routine device management, provisioning, or reporting tasks

Behaviours & Collaboration

• Highly organised with strong attention to detail — able to manage multiple provisioning tasks and requests concurrently without dropping the ball

• Clear communicator who can explain technical issues to non-technical stakeholders confidently

• Self-starter who takes ownership and drives issues to resolution rather than waiting to be chased

• Collaborative team player who works closely with HR, Operations, and Delivery to ensure seamless onboarding and off-boarding

• Comfortable working in a fast-paced environment where priorities can shift quickly

Successful applicants to this role will receive all the benefits of working at TDS.

These include:

• Competitive Salary

• 25 days holiday + Bank Holidays

• Hybrid Working and flexible working hours

• Contributory Pension Scheme & Salary Sacrifice

• Progression opportunities

• Discretionary Bonus Scheme

• BUPA Health & Dental care

• Perkbox Benefits & discount Scheme

• Central Office Location

• Equipment provided

• Monthly Social Events

• Cycle to Work Scheme

• Company Away Weekend

• TDS Merchandise