Formula5
The Formula for success.
Senior Tech Lead – Identity & Access Management – Microsoft Entra ID, Azure AD
Location
United States
Posted
92 days ago
Salary
Not specified
Bachelor DegreeEnglishAzureCloudTerraform
Job Description
• Architect and implement access governance in Microsoft Entra ID using PIM, Conditional Access, Entitlement Management, and Azure RBAC with proper group lifecycle practices.
• Design secure integration patterns for applications that still rely on classic AD groups, including hybrid group strategies, group writeback, and migration planning.
• Own the full identity lifecycle, including provisioning, de-provisioning, access reviews, and governance workflows.
• Lead modernization work to replace legacy AD group usage with Entra ID native controls and enforce least privilege across Azure and on-prem environments.
• Define, implement, and automate group management policies such as naming standards, ownership rules, expiration, and dynamic membership.
• Integrate Entra ID with SaaS platforms using SCIM or custom provisioning patterns.
• Act as a Level 3 escalation point for complex identity incidents and operational challenges.
• Mentor junior engineers and promote secure identity practices across teams.
• Produce documentation including architecture decisions, runbooks, and governance standards.
Job Requirements
- Strong experience in identity and access management with hands-on expertise in Microsoft Entra ID at enterprise scale.
- Proven experience running hybrid identity environments with Entra Connect, cloud sync, health monitoring, sync rules, and group writeback.
- Deep knowledge of PIM, Conditional Access, Entra ID Governance, Access Reviews, Entitlement Management, and Azure RBAC.
- Experience with dynamic groups, administrative units, and scoped policies.
- Strong automation skills using PowerShell and Microsoft Graph API; Terraform, ARM, or Bicep is a plus.
- Experience supporting or migrating applications reliant on traditional on-prem AD security groups.
- Solid understanding of on-prem Active Directory structures, LDAP, GPOs, and hybrid identity challenges.
- Familiarity with identity standards including OAuth2, OpenID Connect, SAML, and Kerberos/NTLM.
Benefits
- Full-time remote work.
- International projects with top-tier clients.
- Supportive, people-first culture.
- Learning opportunities and certifications covered by the company.
- Competitive compensation based on experience and skills.
Related Guides
Related Job Pages
More Full-stack Engineer Jobs
Software Architecture & Development Lead
Switzerland Global EnterpriseWe support Swiss SMEs in their international business and help innovative foreign companies to establish in Switzerland.
Full-stack Engineer92 days ago
Full TimeRemoteTeam 51-200Since 1927H1B No Sponsor
Software Architecture & Development Lead defining automation platforms and engineering tools.
AzureCyber SecurityGraphQLJavaScriptJenkinsMicroservicesNode.jsPythonRust
United States
Principal Engineer – Verification & Validation
Switzerland Global EnterpriseWe support Swiss SMEs in their international business and help innovative foreign companies to establish in Switzerland.
Full-stack Engineer92 days ago
Full TimeRemoteTeam 51-200Since 1927H1B No Sponsor
Principal Engineer for Verification & Validation of HVDC Control Systems
United States
Full-stack Engineer92 days ago
Full TimeRemoteTeam 10,001+H1B No Sponsor
Software Architecture & Development Lead defining automation platforms for GE Vernova
AzureCyber SecurityGraphQLJavaScriptJenkinsMicroservicesNode.jsPythonRust
United States
Full-stack Engineer92 days ago
Full TimeRemoteTeam 10,001+H1B No Sponsor
Principal Engineer for Verification & Validation at GE Vernova
United States
