IT Identity Access Management Engineer

The IT Identity & Access Management Engineer will design, implement, and manage our enterprise identity and mobility solutions.Summary of ResponsibilitiesAdminister and manage Microsoft 365 services including Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft TeamsManage Microsoft 365 licensing, user provisioning, and service assignmentsConfigure and optimize SharePoint Online sites, permissions, and governance policiesManage Teams policies, meeting settings, and collaboration featuresMonitor Microsoft 365 service health and respond to service incidentsMaintain, optimize, and modernizeAzure Active Directory (Entra ID) and on-premises Active Directory synchronization using Azure AD ConnectLead the roadmap and execution for our move from on-premises Active Directory to Entra ID, including hybrid identity design, application authentication migration, and deprecation of legacy identity dependencies where appropriateImplement and manage hybrid identity solutions including Azure AD Join and Hybrid Azure AD JoinConfigure and maintain Group Policy Objects (GPOs) and ensure proper integration with Intune policiesManage directory services, domain controllers, and replication topologyImplement and maintain Active Directory security best practices including privileged access managementDesign and manage Entra ID Conditional Access, MFA, and related identity security controls to protect user and application accessDesign, deploy, and maintain Microsoft Intune infrastructure for mobile device management (MDM) and mobile application management (MAM)Develop and implement device compliance policies, conditional access policies, and configuration profiles for iOS, Android, Windows, and macOS devicesManage application deployment, updates, and lifecycle management through IntuneConfigure and maintain Windows Autopilot for zero-touch device provisioningImplement and manage co-management scenarios between Intune and Configuration ManagerTroubleshoot and resolve complex Intune-related issues affecting device enrollment, policy application, and application deploymentMinimum QualificationsBachelor's degree in Computer Science, Information Technology, or related field, or equivalent work experience5+ years of experience in enterprise IT infrastructure3+ years of hands-on experience with Microsoft Intune and mobile device management and Microsoft 365Knowledge of Microsoft Intune, including MDM, MAM, and Endpoint ManagerStrong understanding of Active Directory architecture, Group Policy, DNS, DHCP, and directory servicesHands-on experience with hybrid identity and migrating from on-premises Active Directory to Azure Active Directory / Entra IDExperience with Windows Autopilot, co-management, and modern device provisioningKnowledge of mobile operating systems (iOS, Android) and their management frameworksExperience with certificate authorities and PKI infrastructureKnowledge of networking concepts including VPN, Wi-Fi, and network securityStrong analytical and problem-solving abilitiesExcellent communication skills with ability to explain technical concepts to non-technical audiencesProject management capabilities and ability to manage multiple prioritiesCustomer service orientation with focus on end-user experiencePreferred QualificationsFamiliarity with enterprise mobility management solutions beyond IntuneExperience with Azure infrastructure and servicesProficiency with Azure Active Directory (Entra ID), Azure AD Connect, hybrid identity scenarios, and prior involvement in AD-to-Entra ID modernization or migration projectsUnderstanding of PowerShell scripting for automation and reportingThe salary range for this role is $ 75, 000 to $97, 500. An employee's pay within the salary range will be based onnumerousfactors including, but not limited to

Created: 2025-12-19