• Azure Endpoint/Automation Engineer

    Ford Motor Company (Dearborn, MI)


    We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we’re all a part of something bigger than ourselves. Are you ready to change the way the world moves?

     

    **Enterprise Technology** plays a critical part in shaping the future of mobility. If you’re looking for the chance to leverage advanced technology to redefine the transportation landscape, enhance the customer experience and improve people’s lives, this is the opportunity for you. Join us and challenge your IT expertise and analytical skills to help create vehicles that are as smart as you are.

     

    In this position...

     

    Join Ford's global Client Engineering team, a pivotal group dedicated to managing user devices worldwide and collaborating across the enterprise to deliver an exceptional employee experience. This team is at the forefront of Ford's digital transformation, driving the shift to cloud-native solutions that empower employees to work efficiently and effectively from any location. As an **Azure Endpoint and Automation Engineer,** you will play a crucial role in this mission, ensuring the health, security, and productivity of thousands of Windows, iOS, and Android devices. You will be instrumental in creating a proactive environment by integrating Intune, Azure Monitor/Log Analytics, KQL, and Power BI to transform raw telemetry into actionable insights, preventing issues before they impact our users.

     

    What you'll do...

     

    + Route and operationalize Intune logs in Azure: configure Intune Diagnostic Settings to send audit/operational/compliance/device logs to Azure Monitor / Log Analytics, then author KQL queries, alerts, and workbooks for proactive monitoring.

    + Build executive ready insights: create Power BI dashboards fed by the Intune Data Warehouse and/or Log Analytics queries to trend compliance, deployments, and device health.

    + Run multi device queries at scale: use Intune Advanced Analytics – Device query for multiple devices (KQL) to answer fleet wide questions (e.g., drivers, firmware, crash patterns) and drive remediations.

    + Measure update compliance: implement Windows Update for Business reports (Azure Monitor Logs) and craft KQL queries/Workbooks that track patch deployments, failures, and safeguards.

    + Deploy and optimize Endpoint analytics: enable data collection, interpret startup/sign in scores, and turn insights into configuration changes that reduce help desk tickets.

    + Automate with Microsoft Graph: build secure automations and data exports using Graph (PowerShell/REST) for device, app, and policy operations; manage app permissions and throttling considerations.

    + Create and manage Microsoft Entra app registrations: design least privilege application permissions/secrets/certificates for Graph integrations; document consent flows and lifecycle.

    + Design & develop Azure Workflows: Design, build, and maintain server-less integration workflows using Azure Logic Apps and Azure Function apps to automate business processes.

    + Manage Azure substrate for analytics: create and govern Log Analytics workspaces, access control, data retention, and (where needed) data export.

    + Secure access with Device Compliance: integrate Intune compliance with Conditional Access to enforce “require compliant device” for key apps while supporting exceptions and staged rollouts.

    + Document and mentor: publish runbooks, standards, and KQL/Power BI templates; coach analysts and support engineers.

    + Own outcomes end to end: define the signal, build the query, ship the dashboard, and land the fix.

    + Partner closely with Security, Networking, and Collaboration teams on Conditional Access, device risk, and rollout strategies.

    + Continuously improve: baseline with Endpoint analytics; A/B changes; measure and iterate.

     

    You'll have...

     

    + Bachelors Degree or equivalent

    + Hands on with Azure Monitor / Log Analytics, KQL, and Power BI.

    + Strong coding skills in languages relevant to Azure automation – C#, PowerShell, Graph API, KQL functions, and automation run books. 4-5 years experience.

    + Proven experience building Intune Data Warehouse and/or Log Analytics backed dashboards that drive decisions.

    + Comfort with Intune Advanced Analytics – Device query for multiple devices and writing efficient KQL.

    + Practical knowledge of Windows Update for Business reports and update compliance troubleshooting.

    + Ability to create and maintain Microsoft Entra app registrations (secrets/certs) and build automations with Microsoft Graph (PowerShell or REST). 3-4 years experience.

    + Solid understanding of RBAC for Log Analytics workspaces and least privilege access patterns.

    + Experience with Azure Integration Experience

    + Experience with Windows Autopilot end to end, Endpoint analytics tuning, and Azure Workbooks.

     

    Even better, you may have...

     

    + Certifications such as Endpoint Administrator Associate, Identity and Access Administrator, Azure Administrator Associate, Enterprise Data Analyst Associate.

    + Experience with Azure AI Foundry & Security Copilot to build models for analyzing trends from log analytics. 1-2 years experience.

    + Depth with Android Enterprise and iOS/iPadOS Automated Device Enrollment (ABM/ASM).

     

    You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply!

     

    As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including:

     

    + Immediate medical, dental, vision and prescription drug coverage

    + Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more

    + Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more

    + Vehicle discount program for employees and family members and management leases

    + Tuition assistance

    + Established and active employee resource groups

    + Paid time off for individual and team community service

    + A generous schedule of paid holidays, including the week between Christmas and New Year’s Day

    + Paid time off and the option to purchase additional vacation time.

     

    For more information on salary and benefits, click here: New Hire Benefits (https://fordcareers.co/GSRSP1)

     

    This position is a range of **salary grades SG5 - SG8**

     

    Visa sponsorship is not available for this position.

     

    Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

     

    We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660.

     

    This position is hybrid. Candidates who are in commuting distance to a Ford hub location may be required to be onsite four or more days per week. **\#LI-Hybrid**

    \#LI-MG1

    **Requisition ID** : 54627