EY
Join to apply for the
GPS - IAM Engineer - Supervising Associate
role at
EY At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. From strategy to execution, the Government & Public Sector (GPS) practice of Ernst & Young LLP provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes. The Opportunity
You’ll have responsibilities within the Identity and Access Management (IAM) team that supports various applications in cloud platform services across the Government and Public Sector (GPS) business unit. You’ll support the end-to-end aspects of services including but not limited to service engineering, break/fix support, service roadmaps and standards, vendor management. Your Key Responsibilities
Maintaining ongoing knowledge and support of Azure infrastructure and aligned applications such as: Azure Cloud hosted services, Bastion, Keyvault, Recovery Services Vault, Storage accounts Azure Role Based Access Control (RBAC) Power Automate, App Service Plan, Function Apps, Application Insights Azure networking; Vnets, network security groups (NSG), private and public endpoints, Azure Private DNS Microsoft Entra Domain Services (MEDS) Access reviews, reporting and Audit compliance Deploying MEDS on Azure VM’s and install replica Domain Controllers or Forests in an Azure virtual network Maintain ongoing knowledge and support of servers and networks aligned to the Active Directory environments including but not limited to: Single Sign-On (SSO) configuration and remediation Native Microsoft tools including but not limited to ADSI, ADUC, DNS, Domains and Trusts, DISA STIG remediation with Group Policy Objects (GPO) Public Key Infrastructure (PKI) Creating and configuring Microsoft Entra Domain Services (IAAS & PAAS) for authenticating applications in Azure Cloud Entra services management including application proxy, Licensing, Azure PIM Application Registrations; OAuth/OpenID, API Permissions, Client ID/Secrets, JWT Tokens/Claims, JSON, App Roles API Gateways, Enterprise Databases, SSO and Access Management systems, identity federation protocols (SAML), OIDC, OAuth2 and LDAP/LDAPS Enterprise Applications; SAML, SCIM Provisioning Managing data stored in Entra ID via Graph and Powershell. Multi Factor Authentication (MFA) such as Entra ID MFA integration into the authentication, authorization, and single-sign-on process for applications and systems Account, Group, and entitlement management with SailPoint Identity Security Cloud (ISC) or IdentityIQ (IIQ) Integrating SailPoint ISC or IIQ and other Identity Infrastructure with Entra ID Design and configuration of Entra Conditional Access using Zero Trust principles Entra ID external collaboration; B2B, Entra External ID The role may also require the periodic allocation of additional time on the job to support multiple demands and escalating issues or to accommodate teams or staff in other time zones Skills And Attributes For Success
Core understanding of Entra ID Tenant deployment and Active Directory management Understanding of aligning Microsoft Entra / Azure services with security governance frameworks and guidelines such as CMMC, Fedramp, and NIST SP 800.53, 800.63, and 800.171 Understanding of application registration and Key Management using the Entra ID Admin portal Understanding of Entra ID Privileged Roles, Units and emergency accounts to enable policies at a granular level for access administration Strong organizational skills, self-motivated and able to work to tight deadlines Strong analytical and problem-solving skills Effective teaming and knowledge sharing skills Advanced skills in planning, designing and troubleshooting complex cloud environments Solid understanding of Cloud environment and security best practices Good understanding of ITIL Exceptional ability to document processes, procedures and security designs clearly and accurately for distribution to internal teams and customers Understanding of other technologies required to run a secure enterprise level infrastructure Demonstrated experience in dealing with external vendors and suppliers in the security industry Cloud Infrastructure Security enthusiast Self-motivated with an aptitude to learn quickly Ability to deal with ambiguity Have a global mind-set for working with different cultures and backgrounds To Qualify For The Role
Bachelor’s degree in Computer Science or a related discipline, or equivalent work experience required 5-8+ years of cloud infrastructure 3 or more years of hands-on experience in designing and implementing Cloud services like Azure AD, Entra ID, Azure MFA, Entra Conditional Access, Azure B2B and Azure PIM Demonstrated deep expertise in cloud infrastructure Experience with writing custom, scripting tools (Python, PowerShell, etc), interacting with API’s and shell scripting Excellent interpersonal, communication and presentation skills Strong English language skills are required – written and verbal Good judgment, tact, and decision-making ability Ability to work in a diverse, multi-cultural, environment Ability to obtain and maintain Top secret security clearance Ideally, You’ll Also Have
Azure certification for implementing Microsoft Azure Infrastructure Solutions will be an added advantage Involved in large scale IT deployments or cloud infrastructure At least one technical certification in Azure platform What We Offer You
At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $91,100 to $170,400. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
#J-18808-Ljbffr
GPS - IAM Engineer - Supervising Associate
role at
EY At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. From strategy to execution, the Government & Public Sector (GPS) practice of Ernst & Young LLP provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes. The Opportunity
You’ll have responsibilities within the Identity and Access Management (IAM) team that supports various applications in cloud platform services across the Government and Public Sector (GPS) business unit. You’ll support the end-to-end aspects of services including but not limited to service engineering, break/fix support, service roadmaps and standards, vendor management. Your Key Responsibilities
Maintaining ongoing knowledge and support of Azure infrastructure and aligned applications such as: Azure Cloud hosted services, Bastion, Keyvault, Recovery Services Vault, Storage accounts Azure Role Based Access Control (RBAC) Power Automate, App Service Plan, Function Apps, Application Insights Azure networking; Vnets, network security groups (NSG), private and public endpoints, Azure Private DNS Microsoft Entra Domain Services (MEDS) Access reviews, reporting and Audit compliance Deploying MEDS on Azure VM’s and install replica Domain Controllers or Forests in an Azure virtual network Maintain ongoing knowledge and support of servers and networks aligned to the Active Directory environments including but not limited to: Single Sign-On (SSO) configuration and remediation Native Microsoft tools including but not limited to ADSI, ADUC, DNS, Domains and Trusts, DISA STIG remediation with Group Policy Objects (GPO) Public Key Infrastructure (PKI) Creating and configuring Microsoft Entra Domain Services (IAAS & PAAS) for authenticating applications in Azure Cloud Entra services management including application proxy, Licensing, Azure PIM Application Registrations; OAuth/OpenID, API Permissions, Client ID/Secrets, JWT Tokens/Claims, JSON, App Roles API Gateways, Enterprise Databases, SSO and Access Management systems, identity federation protocols (SAML), OIDC, OAuth2 and LDAP/LDAPS Enterprise Applications; SAML, SCIM Provisioning Managing data stored in Entra ID via Graph and Powershell. Multi Factor Authentication (MFA) such as Entra ID MFA integration into the authentication, authorization, and single-sign-on process for applications and systems Account, Group, and entitlement management with SailPoint Identity Security Cloud (ISC) or IdentityIQ (IIQ) Integrating SailPoint ISC or IIQ and other Identity Infrastructure with Entra ID Design and configuration of Entra Conditional Access using Zero Trust principles Entra ID external collaboration; B2B, Entra External ID The role may also require the periodic allocation of additional time on the job to support multiple demands and escalating issues or to accommodate teams or staff in other time zones Skills And Attributes For Success
Core understanding of Entra ID Tenant deployment and Active Directory management Understanding of aligning Microsoft Entra / Azure services with security governance frameworks and guidelines such as CMMC, Fedramp, and NIST SP 800.53, 800.63, and 800.171 Understanding of application registration and Key Management using the Entra ID Admin portal Understanding of Entra ID Privileged Roles, Units and emergency accounts to enable policies at a granular level for access administration Strong organizational skills, self-motivated and able to work to tight deadlines Strong analytical and problem-solving skills Effective teaming and knowledge sharing skills Advanced skills in planning, designing and troubleshooting complex cloud environments Solid understanding of Cloud environment and security best practices Good understanding of ITIL Exceptional ability to document processes, procedures and security designs clearly and accurately for distribution to internal teams and customers Understanding of other technologies required to run a secure enterprise level infrastructure Demonstrated experience in dealing with external vendors and suppliers in the security industry Cloud Infrastructure Security enthusiast Self-motivated with an aptitude to learn quickly Ability to deal with ambiguity Have a global mind-set for working with different cultures and backgrounds To Qualify For The Role
Bachelor’s degree in Computer Science or a related discipline, or equivalent work experience required 5-8+ years of cloud infrastructure 3 or more years of hands-on experience in designing and implementing Cloud services like Azure AD, Entra ID, Azure MFA, Entra Conditional Access, Azure B2B and Azure PIM Demonstrated deep expertise in cloud infrastructure Experience with writing custom, scripting tools (Python, PowerShell, etc), interacting with API’s and shell scripting Excellent interpersonal, communication and presentation skills Strong English language skills are required – written and verbal Good judgment, tact, and decision-making ability Ability to work in a diverse, multi-cultural, environment Ability to obtain and maintain Top secret security clearance Ideally, You’ll Also Have
Azure certification for implementing Microsoft Azure Infrastructure Solutions will be an added advantage Involved in large scale IT deployments or cloud infrastructure At least one technical certification in Azure platform What We Offer You
At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $91,100 to $170,400. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
#J-18808-Ljbffr