Sr. Identity Engineer

Our client is seeking a Sr. Identity Engineer focused on Entra ID and Cloud identity operations to engineer, operate, and secure Microsoft Entra ID in a global enterprise environment.  This role includes engineering a hybrid identity framework across Active Directory and Entra Connect, covering directory health and incident response while serving as the global escalation point for complex identity-related incidents, authentication failures, and access issues.
Responsibilities

• Design, implement, and maintain Conditional Access policies to enforce MFA, device trust, sign-in risk, and Zero Trust principles.
• Own global enterprise application and service principal onboarding, enforcing least-privilege access models.
• Implement and govern Microsoft Entra Privileged Identity Management (PIM) for administrative roles.
• Operate and evolve modern authentication and MFA methods globally including passwordless and FIDO2 approaches.
• Partner with platform, security, and Azure engineering teams to design secure Azure access models and identity integrations.

Requirements

• Strong hands-on experience with Microsoft Entra ID and Cloud identity operations.
• Experience with hybrid identity, Entra Connect, and on-prem AD synchronization.
• Proficiency with app registrations, service principals, and secret/certificate lifecycle management.
• Knowledge of Conditional Access Policies, MFA, and Zero Trust principles.
• Experience with Privileged Identity Management (PIM) and Administrative Units.
• Solid understanding of M365 and its identity integrations with Entra ID.

Preferred

• A security background with operations experience.
• Experience with Microsoft Graph permission models.
• Knowledge of B2B, B2C, and cross-tenant identity scenarios.
• A strong security mindset as a hands-on keyboard engineer (not a policy-setting role).
• Self-starter with strong communication skills and ability to work independently.