Entra ID SME / Architect (NCS/Job/ 3473)

Act as SME/Architect for Microsoft Entra ID, driving identity security design and governance.

·                Design and implement Entra ID controls to restrict privileged access and sensitive data to managed devices.

·                Build and manage controls using Entra ID and Defender for Cloud Apps (MCAS).

·                Design and govern Entra Application Registrations, permissions, and lifecycle management.

Conditional Access & MFA

·                Design, implement, and optimize Conditional Access policies based on risk, device compliance, and user context.

·                Enable phishing-resistant MFA and Continuous Access Evaluation (CAE), including for external and guest users.

·                Enforce least-privilege access and Zero Trust principles across identity workflows.

Device, App & Browser Protection

·                Design application protection policies and device compliance checks for Office 365.

·                Implement policies using Microsoft Intune and M365 security controls.

·                Roll out new browser and app protection policies to targeted user groups.

·                Close security control gaps across:

o        App Virtualization environments

o        Virtual Desktop solutions (AVD / VDI)

Cloud & Modern Workplace Security

·                Evaluate Windows 365 (W365) fitment from a security and access control perspective.

·                Ensure secure access to M365 workloads using Entra ID, Intune, and Defender integrations.

·                Drive continuous improvement of overall Entra ID and Office 365 security posture.

Required Skills & Expertise

Core Technical Skills

·                Proven hands-on experience with Microsoft Entra ID (Azure AD) security management.

·                Strong expertise in:

o        Conditional Access

o        Entra ID governance & app registrations

o        Defender for Cloud Apps

o        Intune (App Protection & Device Compliance)

·                Solid understanding of identity security principles, Zero Trust, and least privilege access.

·                Experience securing virtualized and cloud desktop environments.

Soft Skills

·                Highly motivated, proactive, and takes ownership.

·                Strong communication skills with the ability to explain complex security concepts to stakeholders.

·                Capable of working independently and driving security initiatives end to end.