The ICT Officer (Digital Workplace Engineer) will take ownership of the endpoint ecosystem, including Windows, macOS, and other operating systems as may become applicable, and guide the evolution of imaging, lifecycle management, secure access, and collaboration tools. Understanding of automation tasks such as Autopilot provisioning and conditional access with automated remediation while maintain a robust patching regime are keyt success factors for the role. s to secure BYOD and Windows 365 virtual desktops, you’ll be enabling the next generation of digital work.
Responsibilities:
Integrate and operationalize Windows 365 for mobile and remote users.
Standardize device build processes across platforms using cloud-first tooling.
Lead the device lifecycle strategy, from onboarding to decommissioning and disposal readiness.
Manage cross-platform endpoint estates: Microsoft, MacOS, and future capability on Android and/or Linux.
Enforce comprehensive patch management for all platforms.
Integrate with Microsoft Defender for Endpoint, conditional access, and Zero Trust models.
Create and implement endpoint protection and compliance policies aligned to the organisation’s adopted standard NIST 800:53.
Support secure storage access via Azure Files, enforcing encryption, share access controls, and identity-based authentication.
Own strategy and operations for Windows 365, provisioning virtual PCs for remote or contractor access.
Enable secure, location-independent digital access for all roles.
Evaluate and optimize virtual desktop experiences and mobile-first productivity models.
Track device health, performance, and usage via Endpoint Analytics and Intune reports.
Drive continual service improvement based on data, user feedback, and ITSM metrics.
Recommend and implement automation for imaging, onboarding, and compliance workflows.
Provide input for endpoint license entitlements and ensure correct integration with FinOps and licensing portals where required.
Perform such other duties as may be assigned.
Education:
Master’s degree in Cybersecurity, Computer Engineering, Computer Science, or a related field from an accredited academic institution with five years of relevant professional experience.
University degree in the above fields with seven years of relevant professional experience.
The following certifications are required:-
Microsoft Certified: Mordern Desktop Administrator Associate.
Microsoft Certified: Azure Fundamentals.
Microsoft Certified: Office 365 Fundementals.
Must attain and maintain Information Technology Infrastructure Library (ITIL) version 4 Foundation certification.
Microsoft Azure Solutions Architect certification is an advantage.
Apple Certified Support Professional (ACSP) is a desirable advantage.
Accredited Universities are those listed in the UNESCO World Higher Education Database.
Work Experience:
A minimum of 5 years of experience in the design and implementation of Digital Workplace.
A minimum of 2 years deploying and managing automation technologies such as Windows CoPilot.
Excellent and hands-on experience with Microsoft Azure services especially Azure AD, Intune and Defender for cloud.
Excellent and hands-on experience in supportingMicrosoft Windows 10 and 11.
Excellent PowerShell and Bash scripting ability.
Excellent and hands-on experience with patch management strategies including third party app patching.
Understanding of Software as a Service (SaaS) architectures and ability to integrate these into the digital workplace.
Skills:
Demonstrated ability in setting up Microsoft Intune for endpoint management and compliance.
Knowledge of remote provisioning (Microsoft autopilot and Apple Business Manger) and hybrid joint strategies.
Knowledge of Cloud Platforms, specifically Azure and Azure Files and the enforcement of role based access control.
Demonstrated ability in device compliance frameworks such as Conditional Access and Zero Trust.
Demonstrated ability and experience in developing endpoint strategy across multiple geographies and platforms.
Security: Proficiency in creating policies and standards for endpoint management integrating IAM, Virtual Private Network (VPN), Virtual Private Cloud (VPC), encryption standards.
Deep understanding in of secure print management through cloud printing technologies such as Universal Print, Papercut etc..
Demonstrated ability to balance user experience with security and compliance.
Project management skills for efficient roll-out of ICT initiatives.
Demonstrated ability to handle confidential data in a professional, responsible and mature manner.
Familiarity with global IT security trends and the ability to adapt NIST standards to evolving security threats and technologies.
Languages:
IOM’s official languages are English, French, and Spanish.
All staff members are required to be fluent in one of the three languages.
For this position, fluency in English is required (oral and written).
Working knowledge of an official UN language (Arabic, Chinese, French, Russian, and Spanish) is an advantage.
Proficiency of language(s) required will be specifically evaluated during the selection process, which may include written and/or oral assessments.
