
IAM Entra ID Specialist (NCS/Job/ 3586)
Job Skills
Job Description
Job Description: IAM / Entra ID Specialist
Role: Senior Consultant / Lead – Identity & Access Management
Role Overview
Seeking a highly skilled IAM professional with deep expertise in Microsoft Entra ID (Azure AD) to lead enterprise identity modernization initiatives. The role will focus on phishing-resistant authentication, unified access governance, and scalable SSO factory implementations across SaaS, legacy, and modern applications.
This role will play a critical part in Zero Trust transformation, ensuring secure, seamless, and governed access across enterprise ecosystems.
Key Responsibilities:
Identity Architecture & Strategy
- Design and implement modern identity architecture using Microsoft Entra ID
- Lead Unified Access & Governance frameworks (RBAC, ABAC, Conditional Access)
- Define identity standards aligned to Zero Trust principles
- Enable federated identity strategies across multi-cloud and SaaS ecosystems
Phishing-Resistant Authentication Implementation
- Deploy phishing-resistant authentication mechanisms, including:
- Passwordless authentication (FIDO2, passkeys)
- Certificate-based authentication (CBA)
- Device-based trust models
- Implement strong Conditional Access policies
- Integrate identity signals for risk-based authentication
SSO Factory Model Execution
- Build and scale an SSO Factory Model to onboard applications efficiently
- Define reusable onboarding templates and patterns
- Drive automation for application integration lifecycle
SSO Integration Standards:
- OIDC (Preferred): For modern applications
- SAML: Fallback for legacy applications
- SCIM: Automated user provisioning (where vendor-supported)
Application Access Tiering & Governance
Design and implement application tiering model:
- Tier 1: Critical business applications (strictest controls, MFA, monitoring)
- Tier 2: Security-sensitive applications (moderate controls)
- Tier 3: Long-tail SaaS applications (standardized onboarding & governance)
Ensure:
- Access certification and review processes
- Least privilege access enforcement
- Lifecycle-based provisioning/deprovisioning
Federated Access & Identity Integration
- Implement federated identity models (B2B, B2C, partner access)
- Integrate enterprise apps with Microsoft Entra ID
- Enable cross-domain authentication and identity brokering
Automation & Provisioning
- Implement SCIM-based provisioning for SaaS apps
- Automate joiner-mover-leaver (JML) lifecycle
- Integrate identity workflows with ITSM tools (e.g., ServiceNow)
Security & Compliance
- Align IAM practices with industry compliance standards (SOC2, HIPAA, GDPR)
- Conduct identity risk assessments and remediation
- Enable logging, monitoring, and audit readiness
Required Skills & Qualifications
Core Technical Skills
- Strong hands-on experience with Microsoft Entra ID
- Expertise in:
- SSO (OIDC, SAML)
- Identity Federation
- Conditional Access
- Identity Governance
- Experience implementing phishing-resistant authentication
- Hands-on with SCIM provisioning
Preferred Skills
- Experience with:
- Azure AD B2B / B2C
- Identity Protection & Risk-based policies
- Privileged Identity Management (PIM)
- Exposure to:
- Zero Trust Architecture
- API-based identity integrations
- Automation using PowerShell / Graph API
Soft Skills
- Strong client-facing and consulting skills
- Ability to drive workshops and identity assessments
- Experience in enterprise-scale IAM transformations
Certifications (Preferred)
- Microsoft Certified: Identity and Access Administrator Associate
- Microsoft Certified: Security Engineer Associate
- CISSP / CISM (optional but valuable)
Stay Ahead.
Never Miss the Right Opportunity.
Manage your job alerts, preferences, and subscription anytime.
Matching Jobs
Stay Ahead.
Never Miss the Right Opportunity.
Manage your job alerts, preferences, and subscription anytime.