Entra ID Services Engineer - SSO/MFA (7-8 yrs)

Job Title : Entra ID Services, SSO, MFA Specialist.

Job Type : Hybrid.

Job Location : Bangalore, Karanataka.

Experience : 7+ Years.

Shift Timings : 12:00 PM to 9:00 PM IST (with overall of 1 hour break).

Main Technology :

Federation and how it works, well versed with SSO technology, Azure AD Identity Provider, its different components (surface level understanding) and mainly understanding of SSO protocols (SAML, OpenID/OAuth, Federation XML etc), Entra ID technologies with good hold on Conditional Access, Multi Factor Authentication and Entra ID PIM.

Mandatory Skills : (Must Have Skills).

- Must have solid hands-on experience with operations of Entra ID services including core services like user provisioning, Enterprise App, SSO, MFA, Conditional Access, Entra ID PIM, B2B options.

- Experience working with ServiceNow or similar ITSM tool and SailPoint IIQ.

- Incident and Ticket change handling experience with above Entra ID service.

- Understanding and experience with integrating Enterprise applications and App registrations with Entra ID and enable single sign-on (SSO).

- Proven knowledge and experience in ITIL best practices.

- Responsibilities may include incident, service request, change management, service level reporting, capacity planning, process improvement, and risk management.

- Very Strong Stakeholder engagement.

Optional Skills: (Good to Have Skills) :

- Hands on experience with SCIM provisioning.

- Knowledge on on-premises users synchronization options like PHS, PTA, ADFS.

- Understanding of Cross-Tenant Synchronization and B2B collaboration.

- Also, knowledge on managing External Identity Management would be welcome.

- Understand basic concepts of IAM & IGA.

- Scripting and Automation knowledge.

Roles & Responsibilities :

- Managing and administering Microsoft Entra ID which involves tasks like access reviews, application access control reviews, security policy monitoring, and troubleshooting identity, MFA or SSO related issues within a cloud-based environment; essentially ensuring secure user access to various applications and services across an organization using Microsoft's identity management platform.

- Monitoring of Entra ID services hereunder Microsoft Defender for Identities and Cloud Apps.

- An example of monitoring is for the automation engine of the provisioning of Entra ID Groups or Enterprise Apps.

- Manage user access to various SaaS applications using SAML, WS-FED Federation, OIDC/OAuth protocol.

- Managing and operation of security features like multi-factor authentication MFA using MS authenticator, FIDO2/YubiKey, CBA risk-based access controls, and identity protection policies.

- Supporting Entra ID Temporary Access Pass service, self-service password reset (SSPR), and promoting the use of password less authentication methods.

- Understanding password protection policies.

- Identity Governance including managing user lifecycle processes like provisioning, deprovisioning, and access reviews.

- Entra ID CA Sign-in logs and audit logs analysis and troubleshooting experience.

- Entra ID Conditional Access policies operations and troubleshooting:.

- Understanding of Conditional Access Policies, defining access controls based on factors like location, device, and user identity to enhance security.

- Suggest improvements to the operations of our services and improvements of these.

- Focus on Operation Efficiency gain.