L2 Workplace Support Engineer

The L2 Modern Workplace Engineer ensures a stable and secure modern workplace by resolving end-user issues that cannot be solved by Level 1. The role troubleshoots incidents, fulfils standard requests, and escalates complex cases to Level 3 when required, following defined standards and procedures. You will support the implementation of continuous improvement projects and processes.

Main responsibilities and key tasks

Role Boundaries & Decision Rights

• Own L2 troubleshooting, resolution, and user communication for incidents and requests within approved runbooks, tools, and standard changes.
• Escalate to L3 (or Security/Identity) for structural defects, design/policy changes, exceptions (e.g., Conditional Access), or recurring issues requiring engineering remediation.
• Does not change baseline configurations, global policies, or architecture; changes follow approved change processes and delegated permissions.

Incident & Problem Support (L2)

• Analyse, troubleshoot, and resolve L2 incidents related to the modern workplace.
• Troubleshoot Windows, macOS, iOS, and Android devices, Microsoft 365 services, and identity/access issues.
• Support Intune (enrolment, compliance, profiles, app deployment) and Entra ID (sign-in, MFA/SSPR basics, device registration).
• Mitigate user impact of Conditional Access and compliance policies (e.g., blocked access) and escalate when policy changes are required.
• Perform root-cause analysis for recurring issues, propose improvements, and escalate to L3 with clear documentation.

Service Request Execution

• Execute standard service requests per agreed procedures (e.g., onboarding/replacements, access/role changes, and approved configuration changes).

Collaboration & Documentation

• Coordinate with L1 for handover and knowledge sharing; support L3 during deeper investigations.
• Keep tickets up to date with clear troubleshooting notes, evidence, and user communication.
• Create and maintain knowledge articles and runbooks to improve L1 enablement and first-time fix.
• Monitor endpoint update/patch compliance and coordinate remediation or escalation as needed.
• Follow and continuously improve operational procedures.

Security & Compliance

• Apply security standards and report potential risks or misconfigurations.
• Triage Defender for Endpoint alerts for end-user devices (validate, guide containment, collect evidence) and escalate to Security when required.
• Support Entra ID controls (MFA, SSPR, access reviews) within agreed procedures.
• Support audits and compliance activities when required.