Entra ID Migration Engineer

Overview

On Site
Contract - W2

Skills

Requirements: 5+ years of hands-on experience with Mi

Job Details


This is a remote position.

RulesIQ/ Chemonics

Job Title: Entra ID Migration Engineer

Work Location: Washington, D.C. or remote (Eastern Time Zone, U.S. Working Hours)

Start Date: Immediate

Duration: 5 months + potential extension


Summary:
We are seeking an experienced Entra ID Migration Engineer to complete our transition from on-premises Active Directory and hybrid Exchange to a fully cloud-native identity solution in Microsoft Entra ID. The ideal candidate will have deep expertise in Active Directory, Exchange, and Entra ID, with proven experience migrating identity services, decommissioning legacy infrastructure, and implementing best practices for identity security and lifecycle management. This role is highly technical, requiring strong troubleshooting skills, a methodical approach to migrations, and the ability to deliver a clean, cloud-first identity environment.

Responsibilities:

  • Lead the migration of all identity-related components from on-premises Active Directory to Microsoft Entra ID (Azure AD).
  • Implement and validate Entra ID Join, Entra Connect/Cloud Sync, and synchronization/attribute flow as required.
  • Assess and migrate authentication, authorization, and federation services (e.g., ADFS, SSO integrations) to Entra ID.
  • Plan and execute the decommissioning of hybrid Exchange, including mailbox migration validation, mail flow configuration, and removal of Exchange management dependencies.
  • Harden identity security through Entra ID features (Conditional Access, Identity Protection, MFA, PIM, etc.).
  • Troubleshoot synchronization, identity lifecycle, and hybrid identity issues during migration.
  • Collaborate with application owners to reconfigure identity integrations to use Entra ID.
  • Provide detailed runbooks, documentation, and knowledge transfer for ongoing identity operations.
  • Ensure a smooth cutover with minimal downtime and zero disruption to end users.
  • Retire legacy infrastructure (domain controllers, Exchange hybrid servers) once validation is complete.


Requirements

Requirements:

  • 5+ years of hands-on experience with Microsoft Active Directory, including forests, trusts, DNS, and GPOs.
  • Strong expertise in Microsoft Entra ID (Azure AD), including synchronization, SSO, and advanced security features.
  • Proven experience migrating hybrid Exchange environments to Exchange Online and retiring on-premises Exchange servers.
  • Familiarity with Azure AD Connect, Entra Connect Cloud Sync, and identity lifecycle management.
  • Solid understanding of authentication protocols (Kerberos, OAuth, SAML, OIDC) and federation technologies.
  • Strong PowerShell scripting skills for identity automation and troubleshooting.
  • Experience with Microsoft 365 services (Exchange Online, Teams, SharePoint) identity dependencies.
  • Knowledge of identity governance, security, and compliance best practices.
  • Microsoft certifications such as Entra/Azure Administrator Associate, Identity and Access Administrator Associate, or Microsoft 365 Certified: Messaging Administrator Associate strongly preferred.



Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Gov Services Hub