Softworld, a Kelly Company
Entra ID Engineer (Detroit)
Softworld, a Kelly Company, Detroit, Michigan, United States, 48228
(Hybrid
1 Day Onsite/Week) We are seeking an experienced Entra ID Engineer to design, implement, and manage a secure, scalable identity and access management (IAM) environment using Microsoft Entra ID (formerly Azure AD). This role plays a key part in supporting modern authentication, zero-trust initiatives, and hybrid/cloud-native identity solutions across the enterprise. This is a hybrid role, requiring one day onsite per week (typically Thursdays). Identity & Access Management Design, configure, and maintain multiple Microsoft Entra ID tenants Manage users, groups, applications, and service principals Implement and support SSO, MFA, Conditional Access, and Privileged Identity Management (PIM) Application & Cloud Integration Integrate SaaS and on-prem applications using SAML, OIDC, and OAuth2 Configure Azure Application Proxy and connector services Design and enforce Azure RBAC using least-privilege principles Secure secrets, certificates, and keys using Azure Key Vault (RBAC and access policies) Automation & Security Operations Automate identity processes using PowerShell, Microsoft Graph API, Azure Policy, ARM, or Terraform Monitor sign-in activity, audit logs, and investigate identity-related incidents Maintain compliance with internal security standards and regulatory frameworks Hybrid Identity & Directory Services Implement and manage Azure AD Connect and hybrid identity solutions Support Active Directory environments, Tier-0 security hardening, and disaster recovery planning Leadership & Collaboration Provide technical leadership, documentation, and training to junior engineers and operational teams Lead or contribute to IAM architecture initiatives, proof-of-concepts, and roadmap planning Manage day-to-day operational support, troubleshooting, and escalation Lead projects to ensure delivery on time and within budget Consult with application teams, vendors, and stakeholders on identity and authentication strategies Drive continuous improvement initiatives and stay current with emerging identity technologies Required Qualifications 38+ years of hands-on experience with Microsoft Entra ID / Azure AD in enterprise environments Strong knowledge of SSO, MFA, Conditional Access, PIM, RBAC, and zero-trust architecture Experience integrating applications using SAML, OIDC, and OAuth2 Proficiency with PowerShell and automation using Graph API, ARM, Azure Policy, or Terraform Experience supporting hybrid identity environments (Azure AD Connect) Solid understanding of directory security, Tier-0 boundaries, and disaster recovery Strong troubleshooting, documentation, and communication skills Preferred Qualifications Microsoft certification (SC-300 or equivalent) Experience with M365 security and compliance tools (Defender for Identity, Purview) Familiarity with compliance frameworks such as SOX, NIST, or CMMC Experience with Azure B2C custom policies, PKI integration, and JIT/Key Vault configurations CI/CD or policy enforcement experience using Azure Policy, ARM, or Terraform pipelines Bonus Skills Experience with ServiceNow for incident and change management Knowledge of Windows Hello for Business and certificate-based authentication Exposure to AWS or Google Cloud IAM Interest in AI or machine learning enhancements within identity platforms Education Bachelors degree in Computer Science, Information Technology, or equivalent practical experience.
1 Day Onsite/Week) We are seeking an experienced Entra ID Engineer to design, implement, and manage a secure, scalable identity and access management (IAM) environment using Microsoft Entra ID (formerly Azure AD). This role plays a key part in supporting modern authentication, zero-trust initiatives, and hybrid/cloud-native identity solutions across the enterprise. This is a hybrid role, requiring one day onsite per week (typically Thursdays). Identity & Access Management Design, configure, and maintain multiple Microsoft Entra ID tenants Manage users, groups, applications, and service principals Implement and support SSO, MFA, Conditional Access, and Privileged Identity Management (PIM) Application & Cloud Integration Integrate SaaS and on-prem applications using SAML, OIDC, and OAuth2 Configure Azure Application Proxy and connector services Design and enforce Azure RBAC using least-privilege principles Secure secrets, certificates, and keys using Azure Key Vault (RBAC and access policies) Automation & Security Operations Automate identity processes using PowerShell, Microsoft Graph API, Azure Policy, ARM, or Terraform Monitor sign-in activity, audit logs, and investigate identity-related incidents Maintain compliance with internal security standards and regulatory frameworks Hybrid Identity & Directory Services Implement and manage Azure AD Connect and hybrid identity solutions Support Active Directory environments, Tier-0 security hardening, and disaster recovery planning Leadership & Collaboration Provide technical leadership, documentation, and training to junior engineers and operational teams Lead or contribute to IAM architecture initiatives, proof-of-concepts, and roadmap planning Manage day-to-day operational support, troubleshooting, and escalation Lead projects to ensure delivery on time and within budget Consult with application teams, vendors, and stakeholders on identity and authentication strategies Drive continuous improvement initiatives and stay current with emerging identity technologies Required Qualifications 38+ years of hands-on experience with Microsoft Entra ID / Azure AD in enterprise environments Strong knowledge of SSO, MFA, Conditional Access, PIM, RBAC, and zero-trust architecture Experience integrating applications using SAML, OIDC, and OAuth2 Proficiency with PowerShell and automation using Graph API, ARM, Azure Policy, or Terraform Experience supporting hybrid identity environments (Azure AD Connect) Solid understanding of directory security, Tier-0 boundaries, and disaster recovery Strong troubleshooting, documentation, and communication skills Preferred Qualifications Microsoft certification (SC-300 or equivalent) Experience with M365 security and compliance tools (Defender for Identity, Purview) Familiarity with compliance frameworks such as SOX, NIST, or CMMC Experience with Azure B2C custom policies, PKI integration, and JIT/Key Vault configurations CI/CD or policy enforcement experience using Azure Policy, ARM, or Terraform pipelines Bonus Skills Experience with ServiceNow for incident and change management Knowledge of Windows Hello for Business and certificate-based authentication Exposure to AWS or Google Cloud IAM Interest in AI or machine learning enhancements within identity platforms Education Bachelors degree in Computer Science, Information Technology, or equivalent practical experience.