Azure Admin
Azure Admin
Posted on :
23-09-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
P1-C2-TSTSYou will join the EDS team as a hands-on engineer focused on day-to-day operations and security hardening across Active Directory and Microsoft Entra ID (Azure AD). You will work with platform SMEs and the wider team to deliver BAU tickets implement hardening baselines and execute engineering changes. The emphasis is on collaboration and delivery contributing expert work under established standards and designs rather than owning product roadmaps or leading responsibilitiesBAU delivery: Triage and resolve incidents service requests and standard changes across AD/Entra ID PKI AD FS and Quest Active Roles in line with and hygiene: Implement Tier-0/DC hardening GPO governance Kerberos/LDAP protections Conditional Access/PIM controls SPN/gMSA/service-account execution: Build and ship changes from SME/architect designs (e.g. DC upgrades federation tweaks AAD Connect/Cloud Sync tasks App Proxy integrations).Automation: Use PowerShell and Microsoft Graph to audit enforce and remediate configuration; contribute to policy/config-as-code remediation: Run BloodHound/AzureHound and PingCastle collections analyse findings and implement agreed remediations with & ops quality: Contribute to health/capacity checks dashboards and runbooks; document work clearly and keep records up to & compliance: Raise change records follow CAB processes and align with platform standards and security product : Partner with SMEs Operations Network and Security teams; participate in major-incident support and post-incident actions when sharing: Provide peer support and share practical know-how (acting as a subject-matter contributor for assigned tasks while SMEs retain ownership).Experience & qualificationsMust-have (merged)Microsoft identity stack: Deep experience with Active Directory and Entra ID (Azure AD) plus associated infrastructure such as AD FS and Azure AD Connect; excellent knowledge of AD 2016/2019 design troubleshooting and & privileged access: Practical understanding of AD security concepts (Tier-0/Tier-1 PAWs) and lateral-movement risks; PAW/jump pattern design and Directory hardening: CIS-aligned DC baselines host firewalls and no-Internet DC ID controls at scale: Conditional Access (MFA/device/risk) and PIM for roles and PIM for & identity hygiene: Tier-0/Tier-1 GPO design/governance SPN hygiene gMSA adoption and service-account policies (length/rotation).Automation-first: PowerShell and Microsoft Graph for audits enforcement and remediation; KQL Terraform Python; policy/config-as-code mindset in a DevOps tooling: Hands-on with BloodHound/AzureHound and PingCastle (collection analysis and driving remediation).Quest ecosystem: Active Roles (ARS) and Change Auditor (or equivalent) for RBAC and change/drift & access management: Experience with Microsoft Intune or strong understanding of MDM/MAM/Conditional & protocols: Strong understanding of OAuth2/OIDC and SAML; experience with PKI/AD CS and relevant Windows security principles: Least privilege separation of duties auditability; confident engagement with InfoSec.
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
