Technical Architect - Entra ID (Microsoft Azure Active Directory) Architect

Job Title: Entra ID (Microsoft Azure Active Directory) Architect

Mode of work: Hybrid

Mode of Interview: In-Person

Location: Taylorsville, UT

Job Overview:

As the Microsoft Entra ID Architect, you will be responsible for designing, implementing, and managing identity and access management solutions using the Entra ID platform, and Microsoft Active Directory as well as supporting the deployment and management of identity and access management solutions across the enterprise. You will work closely with stakeholders, Information Technology (IT) operations, and security teams, to understand business requirements and translate them into scalable and secure identity solutions. Your role involves defining architecture standards, implementing best practices, and ensuring compliance with security and regulatory requirements.

Key Responsibilities:

Solution Design and Architecture:

• Collaborate with stakeholders, Information Technology (IT) operations and security teams, to gather requirements and design scalable, secure, and high-performance identity solutions using Microsoft Entra ID and Active Directory.
• Define architecture standards, reference architectures, and design patterns for identity and access management in alignment with Entra ID platform requirements and industry best practices.
• Conduct architecture reviews, assess technical feasibility, and recommend solutions that meet business needs while adhering to security, compliance, and performance requirements.

Entra ID Implementation and Integration:

• Lead the implementation and configuration of Azure Active Directory services, including user provisioning, authentication, single sign-on (SSO), and multi-factor authentication (MFA).
• Integrate Entra ID and Active Directory platform components and third-party applications to enable seamless user access and authentication experiences.
• Configure Entra ID Connect for directory synchronization and identity federation with on-premises Active Directory environments, if applicable.

Identity Governance and Security:

• Define and implement identity governance policies, role-based access control (RBAC) models, and entitlement management workflows to ensure least privilege access and compliance.
• Implement security controls and monitoring mechanisms to protect Azure AD resources, including conditional access policies, identity protection, and privileged identity management (PIM).
• Conduct security assessments, vulnerability scans, and audits to identify and remediate security risks and compliance gaps related to Azure AD configurations.

Identity Lifecycle Management:

• Define and automate identity lifecycle management processes, including user provisioning, deprovisioning, and account lifecycle policies, to streamline administrative tasks and improve operational efficiency.
• Implement self-service capabilities for users, such as password reset, group management, and profile updates, to reduce helpdesk requests and enhance user experience.
• Monitor identity-related events and metrics, such as user activity logs, sign-in logs, and authentication failures, to detect and respond to security incidents and anomalous behavior.

Collaboration and Knowledge Sharing:

• Collaborate with cross-functional teams, including developers, system administrators, and security analysts, to ensure seamless integration of identity solutions with Entra ID platform components.
• Provide guidance, training, and mentorship to team members and stakeholders on Entra ID best practices, capabilities, and features.
• Stay informed about Entra ID updates, new features, and industry trends, and share knowledge with the team to drive continuous improvement and innovation.

Qualifications:

• Proven experience (5+ years) in architecting, implementing, and managing identity and access management solutions using Microsoft Azure Active Directory.
• Expertise in Microsoft Azure services, including Entra ID, Entra ID Connect, Entra ID B2B/B2C, Azure Multi-Factor Authentication, and Azure Identity Protection.
• Strong understanding of identity standards and protocols, such as OAuth, OpenID Connect, SAML, LDAP, and Kerberos.
• Experience with identity governance frameworks, RBAC models, and security best practices for cloud-based identity solutions.
• Excellent communication and collaboration skills, with the ability to work effectively with stakeholders at all levels of the organization.
• Industry certifications such as Microsoft Certified: Azure Solutions Architect Expert, Microsoft Certified: Identity and Access Administrator Associate, or equivalent certifications in cloud security and identity management are preferred.
• Knowledge and experience with other Identity Provider (IdP) solutions (ping, Forgerock, Okta)

Application Questions

• How many years of experience do you have administering Azure AD/Entra ID?
• How many years of experience do you have administering Microsoft Active Directory?
• How many years of experience do you have administering Single Sign On solutions?
• How many years of experience do you have designing and integrating Identity and Access Management (IAM) solutions?
• How many years of experience do you have as a technical lead to other team members?