Izenso
Job Description
Our client is looking for an experienced IAM/IGA Technical Lead to design, implement, and manage enterprise-scale Identity and Access Management solutions. The ideal candidate will have a proven track record in driving IGA transformations, leading cybersecurity initiatives, and delivering large-scale migration projects for global organizations.
Responsibilities
Configure and optimize Entra ID tenant features including Conditional Access, MFA, Privileged Identity Management (PIM), and lifecycle automation. Troubleshoot synchronization and federation issues across AD FS, Kerberos, Azure AD Connect, and hybrid identity integrations. Design and implement automation solutions using PowerShell, Microsoft Graph APIs, and Infrastructure as Code (IaC) frameworks. Lead proof-of-concepts, pilots, and production rollouts for identity security enhancements. Analyze and refine identity and access policies to support Zero Trust security controls. Collaborate with compliance and risk teams to translate regulatory requirements into Entra ID configurations and policies. Mentor junior engineers and guide stakeholders on best practices in Identity and Access Management (IAM). Requirements
8-10 years of professional experience in Identity and Access Management (IAM), including hybrid enterprise environments. Minimum 5 years of deep hands-on expertise in Microsoft Entra ID (Azure AD). Strong knowledge of Azure AD Connect, AD FS, federation protocols, hybrid identity, Kerberos, and LDAP. Proven experience with Conditional Access, MFA, and PIM deployments at scale. Proficiency in scripting and automation with PowerShell, REST APIs, Microsoft Graph, and IaC tools. Strong understanding of Zero Trust frameworks and ability to apply them in enterprise identity scenarios. Demonstrated ability to lead client engagements, troubleshoot complex issues, and deliver enterprise-grade IAM solutions. Certifications (Preferred)
SC-300: Microsoft Identity and Access Administrator SC-100: Microsoft Cybersecurity Architect AZ-500: Microsoft Azure Security Engineer Associate
Responsibilities
Configure and optimize Entra ID tenant features including Conditional Access, MFA, Privileged Identity Management (PIM), and lifecycle automation. Troubleshoot synchronization and federation issues across AD FS, Kerberos, Azure AD Connect, and hybrid identity integrations. Design and implement automation solutions using PowerShell, Microsoft Graph APIs, and Infrastructure as Code (IaC) frameworks. Lead proof-of-concepts, pilots, and production rollouts for identity security enhancements. Analyze and refine identity and access policies to support Zero Trust security controls. Collaborate with compliance and risk teams to translate regulatory requirements into Entra ID configurations and policies. Mentor junior engineers and guide stakeholders on best practices in Identity and Access Management (IAM). Requirements
8-10 years of professional experience in Identity and Access Management (IAM), including hybrid enterprise environments. Minimum 5 years of deep hands-on expertise in Microsoft Entra ID (Azure AD). Strong knowledge of Azure AD Connect, AD FS, federation protocols, hybrid identity, Kerberos, and LDAP. Proven experience with Conditional Access, MFA, and PIM deployments at scale. Proficiency in scripting and automation with PowerShell, REST APIs, Microsoft Graph, and IaC tools. Strong understanding of Zero Trust frameworks and ability to apply them in enterprise identity scenarios. Demonstrated ability to lead client engagements, troubleshoot complex issues, and deliver enterprise-grade IAM solutions. Certifications (Preferred)
SC-300: Microsoft Identity and Access Administrator SC-100: Microsoft Cybersecurity Architect AZ-500: Microsoft Azure Security Engineer Associate