Microsoft Entra ID Engineer

Iris Consulting Corporation
Atlanta, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Atlanta, United States of America

Tech stack

Microsoft Windows
Microsoft Active Directory
Active Directory Federation Services
User Authentication
Azure
Kerberos (Protocol)
Lightweight Directory Access Protocols (LDAP)
OpenID
Public Key Infrastructure
Role-Based Access Control
Azure
Security Assertion Markup Language (SAML)
Microsoft InTune
Information Technology

Job description

  • Execute discovery and assessment of the on-premises Active Directory environment and Microsoft 365 tenant, and document findings and dependencies
  • Contribute to migration design and tool selection alongside the architect
  • Perform Entra ID configuration, identity synchronization, and authentication setup
  • Run test migrations, then migrate and validate users, groups, and service accounts
  • Configure identity security controls including MFA, Conditional Access, and self-service password reset
  • Support endpoint and device management integration through Microsoft Intune
  • Produce as-built documentation and deliver administrator training and operational handoff

Requirements

  • 5+ years of hands-on directory services engineering, including extensive experience supporting and troubleshooting on-premises Active Directory (authentication, Client, GPO, LDAP)
  • Demonstrated experience executing AD to Entra ID migrations in complex enterprise environments
  • Strong working knowledge of Entra Connect and authentication methods (Password Hash Sync, Pass-through Authentication, ADFS)
  • Hands-on experience with Microsoft Intune, including device compliance and Entra ID Join and Hybrid Join
  • Experience with Conditional Access, MFA, and identity protection in a cloud-first model
  • Solid grasp of AD security, common vulnerabilities and safeguards, and Tier-0 security boundaries
  • Understanding of modern authentication (OIDC, SAML, Kerberos) and access control models (RBAC, PBAC, ABAC)
  • Working familiarity with Azure environments
  • Ability to author technical documentation and conduct knowledge transfer sessions, * Experience planning and running phased migration waves with defined pilot cohorts and rollback criteria
  • Familiarity with GPO-to-Intune policy migration
  • Experience with certificate services and cloud PKI approaches
  • Prior work in financial services or other highly regulated industries
  • Bachelor's degree in Computer Science or equivalent training, education, and work experience

Contractor Requirements

  • Must be based in the United States and authorized to work without sponsorship
  • Must be available for occasional on-site travel (expenses covered by the client)
  • Must be able to pass a background check

Apply for this position