Sr. Identity Engineer

Job Overview:

We are seeking a Senior Identity Engineer with expertise in Microsoft identity and access management (IAM) technologies. This role will be responsible for designing implementing and maintaining identity solutions within the Microsoft ecosystem including Microsoft Entra ID (Azure AD) Active Directory (AD) Microsoft Defender for Identity and Conditional Access Policies. The ideal candidate will have deep knowledge of authentication authorization identity lifecycle management and security best practices.

Key Responsibilities:

Identity & Access Management (IAM):

Design implement and maintain Microsoft Entra ID (Azure AD) Active Directory (AD) and hybrid identity solutions.
Manage identity lifecycle processes including provisioning deprovisioning and role-based access control (RBAC).
Implement Identity Governance and Administration (IGA) using Microsoft Entra ID Governance Privileged Identity Management (PIM) and Access Reviews.

Authentication & Authorization:

Configure and optimize Single Sign-On (SSO) Multi-Factor Authentication (MFA) and passwordless authentication using Microsoft Entra ID.
Implement and manage authentication protocols (SAML OAuth 2.0 OpenID Connect Kerberos NTLM LDAP).
Develop Conditional Access policies to enforce Zero Trust security principles.

Security & Compliance:

Ensure compliance with industry standards (NIST ISO 27001 SOC 2 HIPAA GDPR) using Microsoft Defender for Identity and Entra ID Governance.
Manage and monitor security alerts using Microsoft Sentinel and Microsoft Defender for Identity.
Conduct regular security assessments access reviews and identity audits.

Automation & Optimization:

Automate IAM tasks using PowerShell Microsoft Graph API and Azure Automation.
Develop and maintain Infrastructure-as-Code (IaC) solutions using Terraform or Bicep for identity management.
Optimize IAM workflows and implement self-service access and Just-in-Time (JIT) access models.

Collaboration & Support:

Work closely with security IT and application teams to integrate authentication and access solutions.
Support hybrid identity configurations including Azure AD Connect AD FS and Microsoft Entra ID sync.
Provide Level 3 support for IAM-related incidents and troubleshooting.
Mentor junior engineers and provide technical guidance on Microsoft identity solutions.

Required Qualifications:

5 years of experience in identity and access management (IAM) security engineering or related fields.
Deep expertise in Microsoft Entra ID (Azure AD) Active Directory (AD) Azure AD Connect and Conditional Access Policies.
Strong knowledge of authentication protocols (SAML OAuth 2.0 OpenID Connect LDAP Kerberos).
Experience with PowerShell scripting and Microsoft Graph API for automation.
Hands-on experience with Privileged Identity Management (PIM) Identity Protection and Microsoft Defender for Identity.
Familiarity with Azure AD B2B/B2C for external identity management.
Strong understanding of Zero Trust security models and RBAC.
Experience with Microsoft Sentinel or other SIEM solutions.
Strong problem-solving and troubleshooting skills.

Preferred Qualifications:

Certifications such as Microsoft SC-300 (Identity and Access Administrator Associate) SC-400 (Information Protection Administrator) or CISSP.
Experience with Privileged Access Management (PAM) solutions like Microsoft Entra ID PIM CyberArk or BeyondTrust.
Familiarity with Hybrid IAM deployments AD FS and Azure AD Connect Cloud Sync.
Experience with Identity Governance and Administration (IGA) tools such as Microsoft Entra ID Governance or SailPoint.
Knowledge of Azure Policy Azure RBAC and role-based security models.

Why Join Us

Work with cutting-edge Microsoft security and IAM technologies.
Competitive salary benefits and career growth opportunities.
Be part of a security-driven and collaborative team environment.
Opportunity to influence IAM strategy and Zero Trust architecture.