Location: Stuttgart
Department: Digital Workplace / End‑User Computing (EUC)
Reports to: Director / Head of Digital Workplace Architecture
Employment Type: Full‑time

Role Summary

We are seeking a strategic and hands‑on Digital Workplace Architect (d/f/m) to shape, lead, and govern enterprise‑scale workplace transformations across Germany and the wider DACH region. You will define target architectures, lead complex solution designs (M365, Intune/UEM, Windows/macOS, mobile, VDI, collaboration, experience analytics), and partner with business, security, and works councils to deliver a secure, compliant, high‑performing digital employee experience. This role combines enterprise architecture leadership, presales/orals, solution governance, and delivery assurance with a strong focus on Zero Trust, automation, and measurable experience outcomes.

Key Responsibilities

Architecture & Strategy

• Own the Digital Workplace target architecture and multi‑year roadmap (Windows 11, macOS, iOS/iPadOS, Android; physical/virtual endpoints; on‑prem/cloud services).
• Define reference architectures, blueprints, standards, and patterns (e.g., Zero Trust endpoint posture, identity‑first access, modern management, AI‑powered support).
• Perform current‑state assessments, develop To‑Be architectures, and lead transition states and migration strategies at scale.
• Align workplace strategy to business value drivers (productivity, cost, compliance, sustainability, and employee experience).

Solution Design & Governance

• Lead end‑to‑end solutioning across M365 (Teams, Exchange Online, SharePoint/OneDrive), Intune/UEM, Autopilot/ABM/DEP, GPO to MDM modernization, VDI (Citrix/AVD/VMware), collaboration and meeting rooms, printing, and experience analytics (Nexthink/Lakeside).
• Define security and compliance controls (Conditional Access, Defender, DLP, data residency, encryption, app protection, least privilege), partnering with Security/Privacy/Legal.
• Establish architecture governance, patterns, guardrails, and technical debt management; run design reviews and ensure traceability to requirements and policies.
• Drive standards for packaging, patching, app lifecycle, image‑less provisioning, configuration drift management, and endpoint telemetry.

Delivery Leadership & Assurance

• Provide delivery oversight, architectural runway, and risk management across programs and complex work‑streams.
• Define KPIs/OKRs (DEX score, login times, crash rates, patch latency, ticket deflection, MTTR, CSAT/eNPS) and ensure continuous experience improvement.
• Champion automation (PowerShell, Graph API, proactive remediations), self‑service, and AIOps to reduce TCO and elevate employee experience.
• Guide capacity & performance planning, resiliency, and Business Continuity for critical workplace services.

Stakeholder, Presales & Financials

• Serve as the senior architectural point of contact for CIO/CTO, CISO, HR, Procurement, Facilities, and Betriebsrat (Works Council) partners.
• Lead presales: RFP/RFI/RFQ, solution costing, BoE/BoM, orals, demos/PoCs; articulate business cases and TCO/ROI.
• Support vendor selection and commercial negotiations; oversee license optimization (M365 E3/E5, security add‑ons).
• Contribute to portfolio development, thought leadership, and reusable accelerators.

Compliance & Germany‑Specific Requirements

• Ensure designs comply with GDPR, BDSG, and data minimization principles; define privacy‑by‑design in telemetry, DEX tooling, and remote support.
• Engage collaboratively with Works Councils on employee data, monitoring, and change impacts; create transparent DPIAs and Betriebsvereinbarungen where applicable.
• Consider BITV 2.0 accessibility requirements and ArbSchG (occupational safety) in the workplace design and device standards.
• Align identity and device trust with EU data residency and sovereign requirements where relevant.

Required Qualifications & Experience

• 12–15+ years in End‑User Computing/Digital Workplace with 7+ years in architecture/strategy roles; successful delivery of large enterprise transformations (10k+ endpoints).
• Deep hands‑on expertise with:
  • Microsoft 365 (Teams, Exchange Online, SharePoint/OneDrive), Entra ID (Azure AD), Conditional Access, Defender suite.
  • Endpoint Management/UEM: Microsoft Intune, Autopilot, co‑management, Win11 servicing, macOS management (Jamf/Intune), iOS/Android (Intune/ABM/DEP).
  • VDI/EUC: Citrix / Azure Virtual Desktop / VMware Horizon (image strategy, profiles, app layering, HDX/FSLogix).
  • Automation & Scripting: PowerShell, Graph API, proactive remediations, packaging (Win32/MSIX), CI/CD for workspace configs.
  • Experience Analytics/DEX: Nexthink, Lakeside, or equivalent (SLAs/XLAs, sentiment, synthetic tests).
• Strong grasp of Zero Trust for endpoints, identity‑driven security, DLP, MAM/APP, encryption, and least‑privilege models.
• Proven governance: standards, patterns, risk controls, and audit readiness.
• Presales/Consulting experience: RFPs, solution costing, orals, and C‑suite communication.
• Language: Fluent German (C1) and English (written and spoken).
• Ability to travel within Germany/DACH (approx. 20–40%).

Preferred Qualifications

• TOGAF, ITIL v4, Microsoft Certified: Cybersecurity Architect / Identity and Access Administrator / Endpoint Administrator / Solutions Architect, Citrix CTA/CCE‑V, Nexthink Associate/Professional.
• Exposure to ServiceNow ITSM/ITOM, SCCM/ConfigMgr to Intune transitions, software metering, and license optimization.
• Knowledge of network (Wi‑Fi/802.1X/NAC), printing modernization, and meeting room/AV solutions (Teams Rooms).
• Experience with co‑determination processes and drafting Works Council agreements for IT/DEX solutions.
• Familiarity with sustainability in EUC (device lifecycle, e‑waste, energy management) and FinOps for M365.

Soft Skills & Leadership

• Executive presence; able to translate complex technology into business value and regulatory outcomes.
• Influential stakeholder management with Works Councils, Security, and Compliance teams.
• High ownership, structured thinking, and data‑driven decision making.
• Talent development and mentoring of architects/engineers; culture of continuous improvement.

Success Metrics (Illustrative)

• >25% reduction in high‑impact incidents / MTTR; >20% improvement in DEX scores within 12 months.
• >30% automation‑driven ticket deflection in endpoint support.
• 95%+ patch compliance within SLA; GPO→MDM migration completion on plan.
• Positive Works Council outcomes and zero critical audit findings.
• Realized TCO/ROI per business case (license optimization, endpoint standardization, energy savings).

What We Offer

• Opportunity to lead industry‑defining workplace transformations across DACH.
• Autonomy to set architecture vision and invest in accelerators/automation.
• Competitive compensation with performance incentives, learning budget, and certification support.
• Hybrid working model with modern collaboration tooling.

Equal Opportunity

We are an equal opportunity employer. All qualified applicants will be considered without regard to gender, age, disability, ethnic origin, religion or belief, sexual orientation, or identity. We welcome applications from candidates with disabilities. (m/f/d)