Renata
Back to jobs
M

Microsoft Entra ID & Active Directory Engineer

METRO/MAKRO
Pune, Maharashtra, IndiaPosted 2 days ago
Full-timehybridMid-Senior Level

Job Description

Microsoft Entra ID (Advanced Implementation)

  • Implement and optimize Conditional Access policies based on approved designs
  • Support and operationalize:
    • Risk‑based access policies
    • Authentication Strengths and phishing‑resistant MFA
  • Lead operational implementation of Privileged Identity Management (PIM):
    • Role assignments
    • Approval workflows
    • Just‑in‑Time access configuration
  • Secure application and workload identities:
    • App registrations and service principals
    • OAuth permission governance

 

On‑Prem Active Directory (Security & Hardening)

  • Support and enforce AD security best practices:
    • Tiered admin model (Tier 0 / 1 / 2)
    • Privileged account separation
  • Lead AD hardening activities:
    • LAPS
    • Protected Users
    • Delegation and admin access restrictions
  • Troubleshoot complex AD security and authentication issues

Hybrid Identity & Integration

  • Support Entra Connect configuration and lifecycle management
  • Assist in evaluating authentication models and hybrid trust decisions
  • Support integration of identity with:
    • Azure subscriptions
    • Third‑party SaaS applications

Threat Detection & Operations

  • Support CyberDefence team for Identity (MDI) investigations and tuning
  • Act as a technical escalation point during identity‑related incidents

Collaboration & Mentoring

  • Mentor mid‑level engineers and provide technical guidance
  • Participate in design reviews and provide implementation feedback
  • Work closely with Identity Architects, Security, and Platform teams
  • 8–10 years of experience in identity and access management
  • Strong hands‑on experience with:
    • Microsoft Entra ID P2
    • Conditional Access at scale
    • Privileged Identity Management
    • Active Directory security
  • Experience supporting hybrid AD environments
  • Advanced PowerShell scripting and automation
  • Strong understanding of identity‑based attack techniques and mitigations
  • Solid grasp of Zero Trust principles (implementation‑focused)
  • Experience with:
    • Concepts around IGA
    • Defender for Identity
    • Passwordless authentication (FIDO2, WHfB)
    • VDI or shared device environments
  • Certifications:
    • SC‑300
    • AZ‑500
    • Microsoft Security certifications
About METRO/MAKRO
Microsoft Entra ID & Active Directory Engineer at METRO/MAKRO | Renata