Entra ID Engineer

The Entra ID Engineer will design, implement, and manage a secure, scalable identity infrastructure using Microsoft Entra ID (formerly Azure AD). This position ensures seamless authentication, identity governance, and compliance in hybrid and cloud-native environments.Key Responsibilities • Identity Infrastructure Configuration & Maintenance: Maintain multiple Entra ID tenants, managing user, group, and application configurations. • Authentication & Access Control: Implement SSO, MFA, Conditional Access policies, and Privileged Identity Management (PIM). • Application Integration: Integrate SaaS and on-prem systems via SAML, OIDC, OAuth2, manage service principals, connector setups and Application proxy configuration. • Role-Based Access Control (RBAC): Design and enforce Azure RBAC for least-privilege access across subscriptions, resource groups, and services. • Key Vault Access Policies: Configure and manage Azure Key Vault access policies and RBAC assignments to secure secrets, certificates, and keys. • Automation & Scripting: Automate identity tasks using Microsoft Graph API, PowerShell, Azure Policy, or ARM templates. • Monitoring & Auditing: Track sign-in activity, audit logs, resolve identity-related incidents, and maintain compliance. • Hybrid Identity Support: Implement and manage Azure AD Connect and hybrid identity solutions. • Directory & Disaster Recovery: Support Active Directory, tier?0 security hardening, and disaster recovery planning. Key Accountabilities • Technical Leadership & Training: Provide technical guidance, documentation, and train junior staff or operational teams. • Project Collaboration: Participate in IAM architecture design, proof-of-concepts, and roadmap planning, aligning with zero-trust initiatives. • May lead projects and/or project teams (including assigning work, reviewing progress and evaluating results), mentor, provide guidance and technical direction to less experienced engineering and technical staff, including the provision of input in performance evaluations, but is not responsible for supervising anyone. • Plans, schedules, and manages all operational day-to-day engineering support work activities; manages trouble ticket/problem resolution and issue escalation. • Leads projects to ensure on-time and in-budget implementation. • Makes recommendations in area of security administration/authentication; participates in evaluating enabling technologies; designs and manages security architectures; leads research of advanced technologies. • Consults on planning and issues in security administration/authentication design and direction; provides configurations for security administration/authentication; consults with application teams; consults on security architecture design and direction. • Actively seeks continuous improvement opportunities and leads continuous improvement initiatives. • Consults on operational and planning issues related to security administration / authentication technologies; works closely with outside vendors. • Keeps abreast of technology trends and the stated direction of the enterprise. • Works as a proactive team player in dynamic environments. • Leads and facilitates meetings and group discussions; develops and conducts formal and informal presentations and technical training classes. • Creates and maintains project work plans and budgets. • Provides direction and leadership on all aspects of security engineering and internal IT processes. Required Skills & Experience • 3–8+ years of experience managing Microsoft Entra ID / Azure AD in enterprise environments. • Deep understanding of SSO, MFA, Conditional Access, PIM, RBAC, and zero-trust principles. • Experience integrating SAML, OIDC, OAuth2, and configuring service principals. • Strong scripting abilities using PowerShell, Graph API, Azure Policy, ARM, or Terraform. • Familiarity integrating and managing hybrid identity (Azure AD Connect). • Competent in directory services security, Tier?0 boundaries, and DR strategies. • Excellent troubleshooting, documentation, and stakeholder communication abilities.