Microsoft IAM Architect

As a Microsoft Architect of Delivery, with over 10+ years of experience would be responsible for design and deployment of IAM solutions using MS Entra portfolio. Creating & implementing High level & Low-level designs. Engaging with customer on solution designing calls involving multi-tenant architectures and SSO app integrations & building the team with delivery capabilities.

Role & responsibilities

1. Design, implement, and manage solutions using MS Entra ID (formerly Azure AD) to meet enterprise-level IAM needs.

2. Build an internal practice team for CoE functions that offer & deliver MS Entra services.

3. Develop usecases around IAM using the entire Entra product family (Entra ID, Entra ID Governance, Entra ID Protection, Entra External ID)

4. Oversee and manage domain controllers and ensure secure, efficient, and optimized operations within hybrid environments.

5. Drive an end-to-end migration strategy for identity, licenses, and cloud solutions from on-premises to MS Entra ID.

6. Manage license provisioning for Microsoft services, ensuring compliance, cost-effectiveness, and streamlined management during the migration process.

7. Develop and enforce IAM policies such as role-based access control (RBAC), multi-factor authentication (MFA), and conditional access to enhance security post-migration.

8. Conduct assessments and provide strategic recommendations for IAM and security improvements in Azure environments.

9. Troubleshoot and resolve complex identity and access issues across hybrid IT environments, including on-premises Active Directory and MS Entra ID integration.

10. Consultation with customers, understand their requirements collaborate with internal teams to deliver tailored solutions that align with their business objectives, focusing on MS Entra ID and Active Directory migration best practices.

11. Collaborate with cross-functional teams to implement and configure Microsoft Entra Identity Governance and other related components.

12. Stay updated on the latest trends, tools, and best practices in MS Entra, IAM, and cloud migrations.

Preferred candidate profile

1. Professional with a minimum of 10+ years in handling administrative & operational support in Active Directory.

2. Knowledge in Microsoft Entra ID, Entra ID Connect & Hybrid topologies.

3. Strong knowledge on windows servers 2016/2019/2022 administration & setup.

4. Implementation experience in improving the organization security posture by adhering to CIS / MCSB frameworks for IAM, Privileged Access, Governance & Network domains.

5. In-depth knowledge of AD replication issues & troubleshooting mechanisms.

6. Experience in Active directory disaster recovery & backup solutions.

7. Ability to demonstrate the AD architecture in terms of green field deployments & migrations.

8. Experience in integrating MDM solutions with MS Entra.

9. Strong knowledge of conditional access policies, privileged identity management & security defaults.

10. Working experience on MS Defender for Cloud with respect to regulatory compliance.

11. Integration / Onboarding of third-party applications with Entra AD for Single Sign-On.

12. Understanding the working flow of SAML, WS-Fed & OIDC protocols.

13. Working experience on AD attribute & customization of UPNs.

14. Manage & diagnose Office 365 & MS Entra integrations with third party IdP.

15. Good knowledge of ticketing tools like Jira & ServiceNow.

16. Excellent client / customer-facing skills in conducting POC & architectural design meetings.

Education:

Bachelors in engineering in departments such as CSE/ECE/EEE are preferred.

Certifications:

1. Microsoft Certified: Solutions Architect Expert

2. Microsoft Certified: Cybersecurity Architect Expert

3. Microsoft Certified: Windows Server Hybrid Administrator Associate

4. Microsoft 365 Certified: Administrator Expert