Senior DevOps Engineer

• Design and automate identity lifecycles: Architect and build end-to-end Joiner, Mover, and Leaver (JML) workflows using Microsoft Entra ID, Lifecycle Workflows, and custom automation to ensure zero-touch provisioning and immediate de-provisioning.
• Implement Identity as Code: Manage all Role-Based Access Control (RBAC), Conditional Access policies, and PIM configurations using Terraform and version control systems.
• Engineer Modern Access Controls: Implement advanced Entra features such as Privileged Identity Management (PIM), Just-in-Time (JIT) access, and Workload Identity Federation in a robust and scalable manner.
• Develop Automation Tooling: Write production-quality code (Python, or PowerShell) to interact with the Microsoft Graph API for complex identity tasks that cannot be solved via native configuration alone.
• Partner Cross-Functionally: Collaborate with security, compliance, and engineering teams to ensure that all automated access activities are logged, monitored, and properly audited.
• Mentorship & Trends: Evaluate new Entra ID features (Governance, Verified ID, etc.) for adoption and mentor junior engineers in IaC and automation best practices.
• Operational Support: Participate in an on-call rotation schedule to support the identity platform.

• Bachelors in Computer Science, Electrical Engineering, Information Systems, or equivalent.
• 5+ years of development or engineering experience with a specific focus on Identity and Access Management (IAM).
• Deep expertise in Microsoft Entra ID (formerly Azure AD):
• Configuring and managing Enterprise Applications and App Registrations.
• Designing and implementing Conditional Access Policies.
• Managing Entra ID Governance and PIM.
• Infrastructure as Code (IaC) Mastery: Proven experience writing and managing complex Terraform modules to deploy RBAC assignments, custom roles, and cloud resources.
• JML Automation Experience: A proven track record of designing and coding automated workflows for user lifecycle management (Joiners, Movers, Leavers).
• Strong Coding Skills: Proficiency in Python, Go, or advanced PowerShell with extensive experience interacting with REST APIs (specifically Microsoft Graph API).
• Protocol Knowledge: Strong understanding of modern authentication protocols including OIDC, OAuth2, and SAML.

Preferred Skills:

• Masters in Computer Science.
• Microsoft Security/Identity Certifications (e.g., SC-300: Identity and Access Administrator, AZ-500).
• Experience synchronizing identities across multi-cloud environments (Azure and GCP).
• Experience converting legacy Active Directory group-based access into dynamic, attribute-based access controls in the cloud.
• Experience with CI/CD pipelines (GitHub Actions, Azure DevOps) for deploying Identity-as-Code.
• Understanding of the underlying infrastructure of systems at scale, including load balancing and certificate infrastructure.
• Demonstrated experience working with multiple vendors in the identity ecosystem.

• Flexible working format - remote, office-based or flexible

• A competitive salary and good compensation package

• Personalized career growth

• Professional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)

• Active tech communities with regular knowledge sharing

• Education reimbursement

• Memorable anniversary presents

• Corporate events and team buildings

• Other location-specific benefits

• not applicable for freelancers